/qubes-issues

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Qubes Whonix-Gateway should have persistent /var/lib/tor to make entry guards persistent like non-Qubes Whonix Gateway #1137

Closed
qubesuser opened this Issue Aug 19, 2015 · 2 comments

Comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@qubesuser @adrelanos @marmarek
@qubesuser

qubesuser commented Aug 19, 2015

Currently Whonix-Gateway VMs have volatile /var/lib/tor, which means that entry guards are not saved across reboots, which is potentially dangerous since persisting them mitigates against attackers who set up malicious entry guards.

This behavior also differs from the non-Qubes Whonix Gateway, which is surprising for users who move to Qubes.

Actually, having the whole /var being persistent on all Qubes VMs seems the most reasonable approach, since being persistent, mutable and per-machine is pretty much the whole point of /var, but that's a separate consideration and there might be reasons I'm missing to do it like Qubes does now.
@adrelanos

This comment has been minimized.

Show comment
Hide comment
@adrelanos

adrelanos Aug 19, 2015

Member

Currently Whonix-Gateway VMs have volatile /var/lib/tor, which means that entry guards are not saved across reboots, which is potentially dangerous since persisting them mitigates against attackers who set up malicious entry guards.

This behavior also differs from the non-Qubes Whonix Gateway, which is surprising for users who move to Qubes.

Confirmed. Agreed.

Actually, having the whole /var being persistent on all Qubes VMs seems the most reasonable approach, since being persistent, mutable and per-machine is pretty much the whole point of /var, but that's a separate consideration and there might be reasons I'm missing to do it like Qubes does now.

That should be discussed elsewhere.
Member

adrelanos commented Aug 19, 2015

Currently Whonix-Gateway VMs have volatile /var/lib/tor, which means that entry guards are not saved across reboots, which is potentially dangerous since persisting them mitigates against attackers who set up malicious entry guards.

This behavior also differs from the non-Qubes Whonix Gateway, which is surprising for users who move to Qubes.

Confirmed. Agreed.

Actually, having the whole /var being persistent on all Qubes VMs seems the most reasonable approach, since being persistent, mutable and per-machine is pretty much the whole point of /var, but that's a separate consideration and there might be reasons I'm missing to do it like Qubes does now.

That should be discussed elsewhere.

adrelanos added a commit to Whonix/qubes-whonix that referenced this issue Aug 19, 2015

@adrelanos
Fix: Made /var/lib/tor persistent so users can benefit from persisten… 
…t Tor entry guards.

Thanks to @qubesuser for the report!
fixes QubesOS/qubes-issues#1137
Verified
This commit was signed with a verified signature.
@adrelanos adrelanos Patrick Schleizer
GPG key ID: CB8D50BB77BB3C48 Learn about signing commits
a9f24f5
@adrelanos

This comment has been minimized.

Show comment
Hide comment
@adrelanos

adrelanos Aug 19, 2015

Member

Fixed with the above commit. Will appear in Whonix 12.
Member

adrelanos commented Aug 19, 2015

Fixed with the above commit. Will appear in Whonix 12.

@adrelanos adrelanos referenced this issue Aug 21, 2015

Closed

Does Whonix-Qubes Gateway Comply with Tor Entry Guards Policies? #1145

@marmarek marmarek closed this Sep 5, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment