On 05/27/2015 09:19 PM, David Goulet wrote:
IsolatePID is a new option that will make torsocks set the SOCKS5 username and password automatically to provide isolation on Tor side.
You can use this with the -i,--isolate command added or TORSOCKS_ISOLATE_PID env. variable.
Perhaps I'm overlooking the purpose of this option, but it doesn't look like something you can rely on to get stream isolation between separate torsocks invocations. For instance, on a POSIX-compliant system a PID can be reused as soon as the process using it has terminated. This implies that, for any purpose, a PID should only be used as a unique identifier for the duration of the process using it.
Assuming the purpose is to provide stream isolation between torsocks invocations, why not generate a big random numbers for the socks auth user/password instead? 256 bits should be enough even when taking the birthday paradox into account.
In practice PID resuage perhaps isn't a problem for any realistic use case, making my remarks into theoretical nitpicking, but YMMV.
Cheers!