[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #3967 [Torbutton]: new identity feature could support ControlSocket

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #3967 [Torbutton]: new identity feature could support ControlSocket
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Fri, 24 Feb 2012 21:56:14 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 24 Feb 2012 16:56:30 -0500
In-reply-to: <058.db27edc9ef3245157bbe7e6f3b5d7a45@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <058.db27edc9ef3245157bbe7e6f3b5d7a45@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#3967: new identity feature could support ControlSocket
--------------------------------+-------------------------------------------
 Reporter:  T(A)ILS developers  |          Owner:  mikeperry   
     Type:  enhancement         |         Status:  needs_review
 Priority:  minor               |      Milestone:              
Component:  Torbutton           |        Version:              
 Keywords:                      |         Parent:              
   Points:                      |   Actualpoints:              
--------------------------------+-------------------------------------------

Comment(by cypherpunks):

 Isn't the authentication cookie unnecessary here? You can control access
 to the ControlSocket simply by setting appropriate file permissions on the
 socket file (i.e. the user running firefox needs RW permissions to
 /var/run/tor/control). Surely that's the whole advantage of using unix
 domain sockets in the first place: you don't need an external
 authentication mechanism because you can rely on unix file permissions. Or
 am I missing something?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3967#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #2506 [Tor Relay]: Design and implement a more compact GeoIP file format
Next by Author: Re: [tor-bugs] #5204 [Company]: Set up VM running Apache for Atlas/TorStatus
Previous by thread: Re: [tor-bugs] #2506 [Tor Relay]: Design and implement a more compact GeoIP file format
Next by thread: [tor-bugs] #5224 [EFF-HTTPS Everywhere]: Allow rulesets to be different in Firefox and Chrome releases
Index(es):
- Author
- Thread