[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-dev] what capabilities does tor need for reloading?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
> so the somewhat obvious fix was to add "CAP_KILL".
after reading:
man capabilities:
> Bypass permission checks for sending signals (see kill(2)). This
> includes use of the ioctl(2) KDSIGACCEPT operation.
I'm not entirely sure since that sounds like tor will be able to kill
arbitrary processes.
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJVCXkBAAoJEFv7XvVCELh0MjoP+wdhNqQqNUeeP/FmqRRB3nq5
Vr7Pxt3Q/LkdkWj6KsdyGPrSoo1PNnmy8yYHcuBG+tFXfWeLvSE+UvBS39vs6/QL
JDnDbzDasKggVspYCALUKfdcLFEV+LkcvV61ank2ogcNKUFsA47UDXDebV99akWo
QtGWK3k49JLx6dPJ+ihMCSm0NNfJIO/Ra9zpXnxIh3vyC/RVi2SvOfQK/Wme4HYH
BBAGkihnSPZ/55A/P9NQ7U18RDURhq7xj1hSYdwd7FrvGk+0TeOjnkv5xwYbwIxT
KC5hJmF7ezk4XT5UjtHNXLWxgOQ5mMxJ9ZLyH2Jk/OhMvxVKaJdpNtmJyFMXuqZo
a9XY0MAbcrrW/GArTT2sSJrYytDqRUsgQjaZw/jCj7oIL0TgfWQADFVSFY3YWvd/
5LBQALq9pmgUmyoweSKpkaA4byGClBQjRQDb0gDUXW2oeaQiIFdhYE4PtHySP+Fl
sx74Ygtj7tBqf0eKLe94ocTlA2koGU/GU3vNddAefTSjDwlXAnBXkzaxLYHwHiTf
e7UEw+81Lp8AZ/Q0jO3S1awaKVgpYmmeUBZGdfwww/MJ21ziLBBaBVKofM/Ux1Qu
AwVMuhBgLl06KXCNwlXY/ewZEKlgQtjCAzShvznJ9dEzThkTW/MASMwKUH32ATN0
p7tQyv6iI2cr9Gw2RdDE
=M8+W
-----END PGP SIGNATURE-----
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev