[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #1923 [Tor Client]: Allow non-administrative users who know the HashedControlPassword to control tor client.

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #1923 [Tor Client]: Allow non-administrative users who know the HashedControlPassword to control tor client.
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Wed, 20 Oct 2010 10:32:59 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 20 Oct 2010 06:33:11 -0400
In-reply-to: <048.56ed61b7b4bd931c026619158cb6f4b8@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bugs reporting list for trac <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <048.56ed61b7b4bd931c026619158cb6f4b8@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#1923: Allow non-administrative users who know the HashedControlPassword to
control tor client.
----------------------+-----------------------------------------------------
 Reporter:  aa138346  |        Type:  enhancement
   Status:  new       |    Priority:  normal     
Milestone:            |   Component:  Tor Client 
  Version:            |    Keywords:             
   Parent:            |  
----------------------+-----------------------------------------------------

Comment(by Sebastian):

 It appears that all of these are already possible. non-admins should be
 able to launch their own Tor and then stop it again. If they know the
 ControlPassword for a Tor running as a different user or with different
 permissions, they can fully control Tor using the control protocol.
 Obviously they won't be able to start Tor with higher privileges than
 their own user account has, the OS will not allow that. I'm not sure what
 you're actually asking.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/1923#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #2094 [Website]: torbrowser download links broken
Next by Author: Re: [tor-bugs] #1909 [Tor VM]: Problem with setting up with wetting up TorVM
Previous by thread: Re: [tor-bugs] #2095 [Tor bundles/installation]: tbb source tarball is empty
Next by thread: Re: [tor-bugs] #1923 [Tor Client]: Allow non-administrative users who know the HashedControlPassword to control tor client.
Index(es):
- Author
- Thread