Guix Tor service needs a little more authority

  • Open
  • quality assurance status badge
Details
One participant
  • Tobias Geerinckx-Rice
Owner
unassigned
Submitted by
Tobias Geerinckx-Rice
Severity
normal
T
T
Tobias Geerinckx-Rice wrote on 15 Aug 2022 13:15
(name . Bug reports for GNU Guix)(address . bug-guix@gnu.org)
87sflxhg98.fsf@nckx
Hi all,

I recently found my Tor nodes dead, unable to bind to their port
with a confusing ‘permission denied’ error.

This was caused by a regression in Guix's Tor service: it now uses
‘least-authority-wrapper’, meaning that it… well, hasn't the
authority to bind to all ports. Oops.

Even today, (some, well-known) low ports are firewalled/flagged
noticeably less than higher ones. Thankfully, DPI isn't the norm
yet.

Reverting commit fb868cd7794f15e21298e5bdea996fbf0dad17ca fixes
this.

Our service wasn't insecure before: Tor expects to be started as
root and drop privileges through the torrc ‘User’ directive, not
the way Guix now does it through namespaces.

Still, I'll take a stab at relaxing the service's POLA parameters
to allow this, hoping to get the best of both worlds, but this is
new territory to me. Maybe that's not possible.

Kind regards,

T G-R
-----BEGIN PGP SIGNATURE-----

iIMEARYKACsWIQT12iAyS4c9C3o4dnINsP+IT1VteQUCYvo0cw0cbWVAdG9iaWFz
LmdyAAoJEA2w/4hPVW15gw0BAJIChj6smvZ2VF3KKxxtdkoiplDCLttKGgZAivH3
NjRuAP9UuAWrCwjnIEziQK9BP1BU8mUQgIVepvfVjXfeGKtDCw==
=fRty
-----END PGP SIGNATURE-----

?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 57222@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 57222
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch