[tor-dev] RFC: Ephemeral Hidden Services via the Control Port
David Stainton
dstainton415 at gmail.com
Sat Feb 28 18:49:59 UTC 2015
>
> FWIW this is already how Debian (and presumably other distros') tor packages
> work: tor runs as a dedicated user. Already it is possible to grant other users
> access to the control port (from which they can already create and remove
> hidden services). The reason why HS applications that create their own HSes
> generally run their own instance of tor as their own uid is that the hidden
> service data (key and hostname) written by tor is currently only readable by
> the tor user. There is another patch to address this issue (in progress or
> possibly already merged, sorry I'm not looking up the ticket right now) to
Already merged in 2.6.x.
> allow this data to be written with permissions for another group to read it,
> but this ephemeral HS plan of delivering the information over the control port
> is obviously much better/more flexible.
> From Valencia,
> ~leif
>From Valencia... the other end of the table from Leif in the same tiny room.
David
More information about the tor-dev
mailing list