[prev in list] [next in list] [prev in thread] [next in thread]
List: freebsd-hackers
Subject: Re: Running Tor service in the jail environment
From: Oliver Fromme <oliver () fromme ! com>
Date: 2018-12-12 18:13:21
Message-ID: 201812121813.wBCIDLHa047117 () nox ! thiemo ! net
[Download RAW message or body]
Hubert Hauser wrote:
> It sounds like a good idea but weren't a better solution use an
> open-hardware device acting as Tor router with installed OpenBSD
> or HardenedBSD?
Personally I trust FreeBSD more than the alternatives.
But that's just me. ;-)
> Why wouldn't you use for it jail environment? I want to place
> Tor in the jail environment because I want to prevent system
> being compromised in case compromising Tor service.
I think it would be better to put the Tor service inside
a virtual machine, for example VirtualBox or FreeBSD's own
technology called bhyve. It has two advantages: First,
the separation is somewhat "stricter" and more extensive
than jails (for example, jails still share the same kernel,
but VMs do not). Second, it is easier to create a setup
suitable for networking with Tor. It might be possible
with a jail, too, but I think that would be more difficult
and error-prone. And you *do* want to avoid errors when
you're going to set up a Tor service.
Disclaimer: I've never set up a Tor service myself.
Best regards
Olli
--
Oliver Fromme, München -- FreeBSD + DragonFly BSD
``We are all but compressed light'' - Albert Einstein
_______________________________________________
freebsd-hackers@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic