[tor-bugs] #2972 [Tor Client]: Allow ControlSocket to be group writable
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Apr 25 22:15:34 UTC 2011
#2972: Allow ControlSocket to be group writable
-------------------------+--------------------------------------------------
Reporter: lunar | Owner:
Type: enhancement | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.2.x-final
Component: Tor Client | Version: Tor: unspecified
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by nickm):
I like this idea, but think that depending on the default group seems
error-prone. Perhaps instead of a boolean, it could take the name of a
group, and chgrp the socket before doing the chmod? That seems less
likely to wind up with surprising results.
Also, could we use fchmod here? I don't _think_ we have a race-condition
to worry about here, but it's best to err on the side of safety.
Finally, the linux unix(7) manpage says:
{{{
Connecting to the
socket object requires read/write permission. This behavior
differs
from many BSD-derived systems which ignore permissions for Unix
sock‐
ets. Portable programs should not rely on this feature for
security.
}}}
Is this true nowadays? If so, we shouldn't give people a false sense of
security by allowing this option where it won't work.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2972#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list