[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #2972 [Tor Client]: Allow ControlSocket to be group writable
#2972: Allow ControlSocket to be group writable
-------------------------+--------------------------------------------------
Reporter: lunar | Owner:
Type: enhancement | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.2.x-final
Component: Tor Client | Version: Tor: unspecified
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by Sebastian):
Replying to [comment:7 nickm]:
> I like this idea, but think that depending on the default group seems
error-prone. Perhaps instead of a boolean, it could take the name of a
group, and chgrp the socket before doing the chmod? That seems less
likely to wind up with surprising results.
Do you think the same applies to the case of cookie auth?
> Finally, the linux unix(7) manpage says:
> {{{
> Connecting to the
> socket object requires read/write permission. This behavior
differs
> from many BSD-derived systems which ignore permissions for Unix
sockâ
> ets. Portable programs should not rely on this feature for
security.
> }}}
>
> Is this true nowadays? If so, we shouldn't give people a false sense of
security by allowing this option where it won't work.
We should probably disable the ControlSocket option altogether on such
systems, or at least warn loudly when it is used?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2972#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs