[tor-bugs] #2972 [Tor Client]: Allow ControlSocket to be group writable
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Apr 25 22:20:52 UTC 2011
#2972: Allow ControlSocket to be group writable
-------------------------+--------------------------------------------------
Reporter: lunar | Owner:
Type: enhancement | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.2.x-final
Component: Tor Client | Version: Tor: unspecified
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by Sebastian):
Replying to [comment:7 nickm]:
> I like this idea, but think that depending on the default group seems
error-prone. Perhaps instead of a boolean, it could take the name of a
group, and chgrp the socket before doing the chmod? That seems less
likely to wind up with surprising results.
Do you think the same applies to the case of cookie auth?
> Finally, the linux unix(7) manpage says:
> {{{
> Connecting to the
> socket object requires read/write permission. This behavior
differs
> from many BSD-derived systems which ignore permissions for Unix
sock‐
> ets. Portable programs should not rely on this feature for
security.
> }}}
>
> Is this true nowadays? If so, we shouldn't give people a false sense of
security by allowing this option where it won't work.
We should probably disable the ControlSocket option altogether on such
systems, or at least warn loudly when it is used?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2972#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list