[tor-bugs] #3967 [Torbutton]: new identity feature could support ControlSocket
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri Feb 24 21:56:14 UTC 2012
#3967: new identity feature could support ControlSocket
--------------------------------+-------------------------------------------
Reporter: T(A)ILS developers | Owner: mikeperry
Type: enhancement | Status: needs_review
Priority: minor | Milestone:
Component: Torbutton | Version:
Keywords: | Parent:
Points: | Actualpoints:
--------------------------------+-------------------------------------------
Comment(by cypherpunks):
Isn't the authentication cookie unnecessary here? You can control access
to the ControlSocket simply by setting appropriate file permissions on the
socket file (i.e. the user running firefox needs RW permissions to
/var/run/tor/control). Surely that's the whole advantage of using unix
domain sockets in the first place: you don't need an external
authentication mechanism because you can rely on unix file permissions. Or
am I missing something?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3967#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list