[tor-bugs] #1923 [Tor Client]: Allow non-administrative users who know the HashedControlPassword to control tor client.

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Wed Oct 20 10:32:59 UTC 2010


#1923: Allow non-administrative users who know the HashedControlPassword to
control tor client.
----------------------+-----------------------------------------------------
 Reporter:  aa138346  |        Type:  enhancement
   Status:  new       |    Priority:  normal     
Milestone:            |   Component:  Tor Client 
  Version:            |    Keywords:             
   Parent:            |  
----------------------+-----------------------------------------------------

Comment(by Sebastian):

 It appears that all of these are already possible. non-admins should be
 able to launch their own Tor and then stop it again. If they know the
 ControlPassword for a Tor running as a different user or with different
 permissions, they can fully control Tor using the control protocol.
 Obviously they won't be able to start Tor with higher privileges than
 their own user account has, the OS will not allow that. I'm not sure what
 you're actually asking.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/1923#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list