[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] Block certain option transitions while sandbox enabled
commit 2ae47d3c3ad7121b3ebfa8aa47cd67336218163e
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Wed Apr 16 21:57:45 2014 -0400
Block certain option transitions while sandbox enabled
---
src/or/config.c | 32 ++++++++++++++++++++++++++++++++
1 file changed, 32 insertions(+)
diff --git a/src/or/config.c b/src/or/config.c
index 77dcd16..b686b66 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -3584,6 +3584,12 @@ options_transition_allowed(const or_options_t *old,
return -1;
}
+ if (old->Sandbox != new_val->Sandbox) {
+ *msg = tor_strdup("While Tor is running, changing Sandbox "
+ "is not allowed.");
+ return -1;
+ }
+
if (strcmp(old->DataDirectory,new_val->DataDirectory)!=0) {
tor_asprintf(msg,
"While Tor is running, changing DataDirectory "
@@ -3636,6 +3642,32 @@ options_transition_allowed(const or_options_t *old,
return -1;
}
+ if (sandbox_is_active()) {
+ if (! opt_streq(old->PidFile, new_val->PidFile)) {
+ *msg = tor_strdup("Can't change PidFile while Sandbox is active");
+ return -1;
+ }
+ if (! config_lines_eq(old->Logs, new_val->Logs)) {
+ *msg = tor_strdup("Can't change Logs while Sandbox is active");
+ return -1;
+ }
+ if (old->ConnLimit != new_val->ConnLimit) {
+ *msg = tor_strdup("Can't change ConnLimit while Sandbox is active");
+ return -1;
+ }
+ if (! opt_streq(old->ServerDNSResolvConfFile,
+ new_val->ServerDNSResolvConfFile)) {
+ *msg = tor_strdup("Can't change ServerDNSResolvConfFile"
+ " while Sandbox is active");
+ return -1;
+ }
+ if (server_mode(old) != server_mode(new_val)) {
+ *msg = tor_strdup("Can't start/stop being a server while "
+ "Sandbox is active");
+ return -1;
+ }
+ }
+
return 0;
}
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits