[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [arm/release] Cautioning users against running tor as root
commit b1a5794c26d02b31a32762a4ef357878f4742fb7
Author: Damian Johnson <atagar@xxxxxxxxxxxxxx>
Date: Sat Sep 24 16:14:22 2011 -0700
Cautioning users against running tor as root
Notice level message at startup that cautions the user against running tor as
root.
---
src/starter.py | 12 +++++++++++-
1 files changed, 11 insertions(+), 1 deletions(-)
diff --git a/src/starter.py b/src/starter.py
index 2347f7b..6ed516e 100644
--- a/src/starter.py
+++ b/src/starter.py
@@ -99,6 +99,9 @@ STANDARD_CFG_NOT_FOUND_MSG = "No armrc loaded, using defaults. You can customize
# torrc entries that are scrubbed when dumping
PRIVATE_TORRC_ENTRIES = ["HashedControlPassword", "Bridge", "HiddenServiceDir"]
+# notices given if the user is running arm or tor as root
+TOR_ROOT_NOTICE = "Tor is currently running with root permissions. This is not a good idea and shouldn't be necessary. See the 'User UID' option from Tor's man page for an easy method of reducing its permissions after startup."
+
def allowConnectionTypes():
"""
This provides a tuple with booleans indicating if we should or shouldn't
@@ -489,7 +492,14 @@ if __name__ == '__main__':
# skewing the startup time results so this isn't counted
initTime = time.time() - startTime
controller = util.torTools.getConn()
- if conn: controller.init(conn)
+
+ if conn:
+ controller.init(conn)
+
+ # give a notice if tor is running with root
+ if controller.getMyUser() == "root":
+ util.log.log(util.log.NOTICE, TOR_ROOT_NOTICE)
+
# fetches descriptions for tor's configuration options
_loadConfigurationDescriptions(pathPrefix)
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits