On Fri, Aug 19, 2005 at 11:43:07PM -0500, Edman, Matt wrote: > > Matt -- I'd like to accept a patch like this. Can you explain to me > > what it would do for Tor's storage, though? J Random User shouldn't > > be able to read Tor's private keys -- can this happen if Tor runs as > > "NT AUTHORITY\LocalService" ? If so, what is the real solution? > > If the service is set to run as LocalService, other limited > users should not be able to see its data directory. But other services are running as LocalService, right? It would be a shame if a buggy webserver or something could look at Tor's keys. Is it possible for the installer (or the service setup code) to create a separate limited user for the tor service? [...] > Is it acceptable to say "run Tor either as a service or as a normal > console app. If you want to switch back and forth, you're on > your own?" Sounds plausible to me. If you're playing around with services, you're not a windows newbie, and you ought to understand this stuff, right? Or will this create tons of support problems? yrs, -- Nick Mathewson
Attachment:
pgphwY95Kd5y0.pgp
Description: PGP signature