[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] permission denied when running snowflake-client with debian-tor user



On Mon, 11 Jun 2018 13:24:19 -0400
Arlo Breault <arlo@xxxxxxxxxxxxxx> wrote: 
> When you launch the client binary without providing a broker url
> it tries to create a named pipe (mkfifo) to do signalling.
> 
> https://gitweb.torproject.org/pluggable-transports/snowflake.git/tree/client/rendezvous.go#n161

The PT spec explicitly forbids this behavior, to avoid this problem.

https://gitweb.torproject.org/torspec.git/tree/pt-spec.txt#n188
>     "TOR_PT_STATE_LOCATION"
>
>       Specifies an absolute path to a directory where the PT is
>       allowed to store state that will be persisted across
>       invocations.  The directory is not required to exist when
>       the PT is launched, however PT implementations SHOULD be
>       able to create it as required.
>
>       PTs MUST only store files in the path provided, and MUST NOT
>       create or modify files elsewhere on the system.
>
>       Example:
>
>         TOR_PT_STATE_LOCATION=/var/lib/tor/pt_state/

Regards,

-- 
Yawning Angel

Attachment: pgpDNM9EN2WDu.pgp
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev