1. 01 Mar, 2016 3 commits
  2. 27 Feb, 2016 1 commit
  3. 26 Feb, 2016 4 commits
  4. 24 Feb, 2016 1 commit
  5. 16 Feb, 2016 1 commit
  6. 04 Feb, 2016 1 commit
  7. 02 Feb, 2016 2 commits
  8. 01 Feb, 2016 1 commit
  9. 25 Jan, 2016 2 commits
  10. 24 Jan, 2016 3 commits
  11. 23 Jan, 2016 3 commits
    • nusenu's avatar
      SECURITY FIX: missing quotes allowed malicious relays to execute commands on... · 09f9afe7
      nusenu authored
      SECURITY FIX: missing quotes allowed malicious relays to execute commands on the ansible host with the permissions of the user running ansible
      
      via local_action: shell ... injection
      
      vulnerabilities have been introduced with:
      43d52e99
      cb653104
      09f9afe7
    • nusenu's avatar
      FreeBSD: avoid sequential IP IDs (fixes #57) · dd4b2973
      nusenu authored
      dd4b2973
    • nusenu's avatar
      major change: run tor with per-instance user (all platforms) · dc1a7ea8
      nusenu authored
      usernames are similar to instance names: _tor-<ip>_<port>
      
      - remove PID files on *non* Debian/FreeBSD systems
        we need PID files on FreeBSD only (Debian enables them by default).
      
      - remaining PID files are located in per-instance subfolders for fs permission reasons
      
      - log file location changed slightly (to subfolders of /var/log/tor)
        to avoid filesystem permission troubles and effectively disables
        logrotate on tor logs.
        This is medium term workaround.
        All platforms will log to syslog with SyslogIdentityTag when they support it eventually (with tor 0.2.8.x)
      
      - explicitly disable ControlSocket/CookieAuthentication if not enabled by the user
        Since Debian enables it by default we have to disable it explicitly.
      dc1a7ea8
  12. 17 Jan, 2016 5 commits
  13. 16 Jan, 2016 1 commit
  14. 07 Jan, 2016 2 commits
  15. 03 Jan, 2016 6 commits
  16. 23 Dec, 2015 1 commit
  17. 12 Dec, 2015 1 commit
  18. 05 Dec, 2015 1 commit
  19. 04 Dec, 2015 1 commit