[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #2972 [Tor Client]: Allow ControlSocket to be group writable

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #2972 [Tor Client]: Allow ControlSocket to be group writable
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Fri, 29 Apr 2011 00:17:56 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 28 Apr 2011 20:18:11 -0400
In-reply-to: <045.1270fcac9ac02146b7cea9334e6ddc66@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bugs reporting list for trac <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <045.1270fcac9ac02146b7cea9334e6ddc66@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#2972: Allow ControlSocket to be group writable
-------------------------+--------------------------------------------------
 Reporter:  lunar        |          Owner:                    
     Type:  enhancement  |         Status:  needs_review      
 Priority:  major        |      Milestone:  Tor: 0.2.2.x-final
Component:  Tor Client   |        Version:  Tor: unspecified  
 Keywords:               |         Parent:                    
   Points:               |   Actualpoints:                    
-------------------------+--------------------------------------------------

Comment(by nickm):

 So, we found that at least one platform (SunOS 5.11 snv_90 sun4v sparc
 SUNW,T5240), the variant that does a chmod 000 on the socket achieves
 nothing to keep people from accessing it, but the variant that does chmod
 000 on the directory containing the socket successfully prevents access to
 the socket.

 Do we believe that there are unixes that matter where the permissions on a
 directory containing a unix socket aren't checked on attempts to open the
 socket?

 Also, fchmod works on unix sockets on some platforms but not others.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2972#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #2972 [Tor Client]: Allow ControlSocket to be group writable
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #2077 [Tor Client]: Tor crashes in Vidalia 0.2.2.17a-0.2.10
Next by Author: Re: [tor-bugs] #3038 [Tor Directory Authority]: Update dir-spec.txt with microdesc, consensus-flavor info
Previous by thread: Re: [tor-bugs] #2972 [Tor Client]: Allow ControlSocket to be group writable
Next by thread: [tor-bugs] #2973 [Company]: Mac Access for Damian
Index(es):
- Author
- Thread