commit e0248705018a57c55d7c99295a66857b617a06f1 Author: Damian Johnson atagar@torproject.org Date: Sat Sep 24 16:56:26 2011 -0700

Cautioning users against running arm as root

Notice level message at startup that cautions the user against running arm as root. --- src/starter.py | 15 +++++++++++++-- 1 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/src/starter.py b/src/starter.py index 6ed516e..b184330 100644 --- a/src/starter.py +++ b/src/starter.py @@ -101,6 +101,7 @@ PRIVATE_TORRC_ENTRIES = ["HashedControlPassword", "Bridge", "HiddenServiceDir"]

# notices given if the user is running arm or tor as root TOR_ROOT_NOTICE = "Tor is currently running with root permissions. This is not a good idea and shouldn't be necessary. See the 'User UID' option from Tor's man page for an easy method of reducing its permissions after startup." +ARM_ROOT_NOTICE = "Arm is currently running with root permissions. This is not a good idea, and will still work perfectly well if it's run with the same user as Tor (ie, starting with "sudo -u %s arm")."

def allowConnectionTypes(): """ @@ -493,13 +494,23 @@ if __name__ == '__main__': initTime = time.time() - startTime controller = util.torTools.getConn()

+ torUser = None if conn: controller.init(conn)

# give a notice if tor is running with root - if controller.getMyUser() == "root": + torUser = controller.getMyUser() + if torUser == "root": util.log.log(util.log.NOTICE, TOR_ROOT_NOTICE) - + + # Give a notice if arm is running with root. Querying connections usually + # requires us to have the same permissions as tor so if tor is running as + # root then drop this notice (they're already then being warned about tor + # being root, anyway). + + if torUser != "root" and os.getuid() == 0: + torUserLabel = torUser if torUser else "<tor user>" + util.log.log(util.log.NOTICE, ARM_ROOT_NOTICE % torUserLabel)

# fetches descriptions for tor's configuration options _loadConfigurationDescriptions(pathPrefix)