Browse files

Deprecate COOKIE authentication

  • Loading branch information...
1 parent c264c80 commit c402bdfeb08a3aa14d29f340f2fe7b594d27d4c1 Robert Ransom committed Feb 20, 2012
Showing with 10 additions and 0 deletions.
  1. +10 −0 control-spec.txt
10 control-spec.txt
@@ -983,6 +983,16 @@
If the METHODS field contains the method "SAFECOOKIE", every
AuthCookieFile must contain the same authentication cookie.
+ The COOKIE authentication method exposes the user running a
+ controller to an unintended information disclosure attack whenever
+ the controller has greater filesystem read access than the process
+ that it has connected to. (Note that a controller may connect to a
+ process other than Tor.) It is almost never safe to use, even if
+ the controller's user has explicitly specified which filename to
+ read an authentication cookie from. For this reason, the COOKIE
+ authentication method has been deprecated and will be removed from
+ Tor before version
The VERSION line contains the Tor version.
[Unlike other commands besides AUTHENTICATE, PROTOCOLINFO may be used (but

0 comments on commit c402bdf

Please sign in to comment.