Warn about a vulnerability in the default configuration

PR: 195828
svn path=/head/; revision=374532
2014-12-11 13:57:31 +00:00 · 2014-12-11 13:57:31 +00:00 · d1e4ccce8c · 2021-03-31 03:12:20 +00:00
commit d1e4ccce8c
parent e1d8f31498
4 changed files with 10 additions and 2 deletions
--- a/security/tor-devel/Makefile
+++ b/security/tor-devel/Makefile
@ -3,6 +3,7 @@

 PORTNAME=	tor
 DISTVERSION=	0.2.6.1-alpha
+PORTREVISION=	1
 CATEGORIES=	security net ipv6
 MASTER_SITES=	TOR
 PKGNAMESUFFIX=	-devel
--- a/security/tor-devel/files/pkg-message.in
+++ b/security/tor-devel/files/pkg-message.in
@ -12,5 +12,8 @@ touch /var/log/tor
 chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor
 chmod -R 700 /var/db/tor

-before starting the tor server.
+before starting the tor server. Tor users are strongly advised to prevent traffic
+analysis that exploits sequential IP IDs by setting:
+
+sysctl net.inet.ip.random_id=1
 ================================================================================
--- a/security/tor/Makefile
+++ b/security/tor/Makefile
@ -3,6 +3,7 @@

 PORTNAME=	tor
 DISTVERSION=	0.2.5.10
+PORTREVISION=	1
 CATEGORIES=	security net ipv6
 MASTER_SITES=	TOR

--- a/security/tor/files/pkg-message.in
+++ b/security/tor/files/pkg-message.in
@ -12,5 +12,8 @@ touch /var/log/tor
 chown -R _tor:_tor /var/db/tor /var/log/tor /var/run/tor
 chmod -R 700 /var/db/tor

-before starting the tor server.
+before starting the tor server. Tor users are strongly advised to prevent traffic
+analysis that exploits sequential IP IDs by setting:
+
+sysctl net.inet.ip.random_id=1
 ================================================================================