v0.7.0
Second security audit. All findings confirmed with reference sources before implementation.
Critical
- pf kill switch rule order fixed:
block allwas beforepassrules - withquick, pass was never reached (man pf.conf). Tor could not connect to relays; the kill switch was silently broken. - pf anchor file now written via ts_helper (new
write-pf-anchorverb with O_NOFOLLOW):/etc/pf.anchors/is root:wheel 755, direct write was silently failing, no rules were ever loaded.
High
- Removed
pass in quick tcp: accepted externally-initiated connections through the kill switch. Stateful tracking handles return packets automatically. - Tor relay ports 443, 9001, 80 added to pf pass rules: only 9050 (local SOCKS) was allowed, Tor could not bootstrap.
/bin/killabsolute path in ts_helper:execv("kill")fails with ENOENT (execv does not search PATH). dnsmasq was never killed by PID.hex_decode()panic fixed: odd-length input from a malformed Tor response crashed TorShield, triggering the watchdog to flush pf and expose the real IP.- IPv6 disabled before MAC spoof:
ifconfig down/uptriggers NDP Router Solicitations that may expose the fe80:: link-local (RFC 4861 s.6.3.7).
Medium
- No outbound request at startup:
reqwest::no_proxy()was sending the real IP to api.ipify.org before Tor was active. Replaced bylocal_real_ip()viaipconfig getifaddr(no network request). - ts_helper.c bundle integrity check: on-disk source compared against the copy embedded in the binary at compile time. Tampered source is discarded to prevent LPE via recompilation.
- torrc permissions set to 600: was 644, allowing local modification of ExcludeExitNodes or injection of HiddenServiceDir.
- Captive portal blocked:
captiveagentbypasses the SOCKS5 proxy (Apple system daemon).captive.apple.comblocked in/etc/hostswhen the kill switch is active. - mDNS hostname anonymized: LocalHostName/ComputerName/HostName set to neutral values at enable, restored at disable. Prevents hostname/model identification on local networks (Fingerprint.com: 65% first-name identification rate).
helper_ok()usessymlink_metadata()(lstat):metadata()follows symlinks, a symlink at ts_helper pointing to a legitimate SUID binary would have passed the check.
Firefox
- DNS prefetch disabled:
network.dns.disablePrefetchFromHTTPSdefaults to false since Firefox 127 (arkenfox #1860) - prefetch lookups bypass the SOCKS5 proxy. Addednetwork.prefetch-next,browser.send_pings,media.navigator.enabled.