[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: bad security setting for win32 tor service



On Fri, Aug 19, 2005 at 11:43:07PM -0500, Edman, Matt wrote:
> > Matt -- I'd like to accept a patch like this.  Can you explain to me
> > what it would do for Tor's storage, though?  J Random User shouldn't
> > be able to read Tor's private keys -- can this happen if Tor runs as
> > "NT AUTHORITY\LocalService" ?  If so, what is the real solution?
> 
> If the service is set to run as LocalService, other limited
> users should not be able to see its data directory.

But other services are running as LocalService, right?  It would be a
shame if a buggy webserver or something could look at Tor's keys.  Is
it possible for the installer (or the service setup code) to create
a separate limited user for the tor service?
[...]
> Is it acceptable to say "run Tor either as a service or as a normal
> console app. If you want to switch back and forth, you're on 
> your own?"

Sounds plausible to me.  If you're playing around with services,
you're not a windows newbie, and you ought to understand this stuff,
right?  Or will this create tons of support problems?

yrs,
-- 
Nick Mathewson

Attachment: pgphwY95Kd5y0.pgp
Description: PGP signature