I'm a bit confused about the Tor control port when port verification is disabled

I’ve setup a transparent proxy and configured the Tor Browser not to start its own Tor daemon.

I have set TOR_SKIP_CONTROLPORTTEST=1 but I’m confused as to what this does in the context of accessing the control port. Does this prevent the Tor Browser from accessing the control port? I have not configured the Tor Browser to use an alternative control port or configured one in my torrc.

Does this eliminate the risk of GETINFO address? What if I configure a control port in my torrc, configure the Tor Browser to use it and unset the environment variable? Can GETINFO address be used? Assuming I don’t have a control port filter proxy.

Will something like onion-grater still be required if TOR_SKIP_CONTROLPORTTEST=1 is set?

This isn’t anything to do with Whonix. I just thought I could get some help here.

madaidan via Whonix Forum:

I have set TOR_SKIP_CONTROLPORTTEST=1 but I’m confused as to what this does in the context of accessing the control port.

Please grep the Tor Browser folder for TOR_SKIP_CONTROLPORTTEST and
also search trac.torproject.org tickets discussion.

Does this prevent the Tor Browser from accessing the control port?

No.

Does this eliminate the risk of GETINFO address?

No. That risk presupposes a compromised workstation and is only
eliminated by filtered or no control protocol access.

What if I configure a control port in my torrc, configure the Tor Browser to use it and unset the environment variable? Can GETINFO address be used?

GETINFO address can be used by any compromised VM that has malware
clever enough to find out about unfiltered control protocol access.

Will something like onion-grater still be required if TOR_SKIP_CONTROLPORTTEST=1 is set?

Yes.

Also more information on control protocol filtering:

Thanks! I’ll look into getting something like onion-grater.