ν”Όλ“œλ‘œ λŒμ•„κ°€κΈ°
πŸ“– Reviewing 'Building a Safer Onion' – A Rustacean's Take on the Tor Rewrite
Dev.toDev.to
Security

C 기반 Tor 데λͺ¬μ˜ Rust μž¬μž‘μ„±μ„ ν†΅ν•œ λ©”λͺ¨λ¦¬ μ•ˆμ „μ„± 및 λͺ¨λ“ˆν™” 확보

πŸ“– Reviewing 'Building a Safer Onion' – A Rustacean's Take on the Tor Rewrite

knspar2026λ…„ 5μ›” 12일3λΆ„advanced

AI μš”μ•½

Context

20λ…„ 이상 μœ μ§€λœ C 기반 Tor 데λͺ¬μ˜ Monolithic μ•„ν‚€ν…μ²˜λ‘œ μΈν•œ μœ μ§€λ³΄μˆ˜ ν•œκ³„ 직면. Memory Safety 버그와 λ™μ‹œμ„± μ œμ–΄μ˜ λ³΅μž‘μ„±μœΌλ‘œ 인해 μ‹œμŠ€ν…œ μ•ˆμ •μ„± 및 개발 생산성 μ €ν•˜ λ°œμƒ.

Technical Solution

  • Ownership 및 Borrow Checker λ„μž…μ„ ν†΅ν•œ λ©”λͺ¨λ¦¬ μ•ˆμ „μ„± 확보 및 λŸ°νƒ€μž„ μ—λŸ¬ 방지
  • async/await 기반의 First-class Concurrency ꡬ쑰 μ„€κ³„λ‘œ κΈ°μ‘΄ C μƒνƒœ λ¨Έμ‹ μ˜ λ³΅μž‘λ„ ν•΄κ²°
  • tor-proto, tor-netdir, tor-circmgr λ“± 도메인별 Crate 뢄리λ₯Ό ν†΅ν•œ Modular Architecture κ΅¬ν˜„
  • arti-client λΌμ΄λΈŒλŸ¬λ¦¬ν™”λ₯Ό ν†΅ν•œ μ™ΈλΆ€ μ• ν”Œλ¦¬μΌ€μ΄μ…˜ μž„λ² λ”© κ°€λŠ₯ ꡬ쑰 섀계
  • x25519-dalek λ“± κ²€μ¦λœ Crypto Crate ν™œμš© 및 μ΅œμ†Œν•œμ˜ Unsafe 블둝 μ‚¬μš©μœΌλ‘œ λ³΄μ•ˆμ„± κ°•ν™”

μ‹€μ²œ 포인트

1. λ ˆκ±°μ‹œ C/C++ μ‹œμŠ€ν…œ μ „ν™˜ μ‹œ 도메인별 Crate 뢄리λ₯Ό ν†΅ν•œ λͺ¨λ“ˆν™” μ „λž΅ κ²€ν† 

2. Async Runtime 선택 μ‹œ νƒ€κ²Ÿ ν™˜κ²½(Embedded vs Server)에 λ”°λ₯Έ μ„±λŠ₯ 영ν–₯도 뢄석

3. Rust λ„μž… μ‹œ Unsafe μ½”λ“œ μ˜μ—­μ— λŒ€ν•œ λͺ…ν™•ν•œ 감사(Audit) μ •μ±… 수립

4. μ‹ κ·œ μ–Έμ–΄ μ „ν™˜ κ³Όμ •μ—μ„œ κΈ°μ‘΄ Clientμ™€μ˜ μƒν˜Έ μš΄μš©μ„± 및 배포 μ „λž΅ 수립

νƒœκ·Έ

#Memory Safety#Modular Architecture#Rust#Tor Project#Async/Await
원문 읽기