[tor-bugs] #2972 [Tor Client]: Allow ControlSocket to be group writable
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri Apr 29 00:17:56 UTC 2011
#2972: Allow ControlSocket to be group writable
-------------------------+--------------------------------------------------
Reporter: lunar | Owner:
Type: enhancement | Status: needs_review
Priority: major | Milestone: Tor: 0.2.2.x-final
Component: Tor Client | Version: Tor: unspecified
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by nickm):
So, we found that at least one platform (SunOS 5.11 snv_90 sun4v sparc
SUNW,T5240), the variant that does a chmod 000 on the socket achieves
nothing to keep people from accessing it, but the variant that does chmod
000 on the directory containing the socket successfully prevents access to
the socket.
Do we believe that there are unixes that matter where the permissions on a
directory containing a unix socket aren't checked on attempts to open the
socket?
Also, fchmod works on unix sockets on some platforms but not others.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2972#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list