[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] wget - secure?



> On 2012-04-20, Robert Ransom wrote
<https://lists.torproject.org/pipermail/tor-talk/2012-April/024040.html>:

> No, the underlying point is that I have personally seen wget send my
> computer's IP address over Tor in an FTP PORT command.  wget is not
> ?100% safe?.

> The code to send a PORT command is still present in wget 1.13.4.  wget
> 1.13.4 is not ?100% safe?; anyone who wants to recommend it needs to
> specify a particular configuration of wget which is safe.  (Don't
> count on a ?default configuration?; Linux distributors might have
> messed with it, or failed to update it to the version shipped in
> recent wget source distributions.)

> Robert Ransom

I asked a question asked about this issue on the wget mailing list this
week and a patch was provided by Tim Ruehsen. If you have time it would be
great if you read the mailing list discussion to see if I got the issue
correct, and if your happy with the patch.

https://lists.gnu.org/archive/html/bug-wget/2015-08/msg00020.html

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk