[tor-bugs] #3421 [Tor Client]: control socket owned by root
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Wed Sep 7 14:57:18 UTC 2011
#3421: control socket owned by root
------------------------+---------------------------------------------------
Reporter: weasel | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.3.x-final
Component: Tor Client | Version: Tor: 0.2.2.28-beta
Keywords: | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Comment(by nickm):
Quick review:
The approach seems basically reasonable, but:
* The patch doesn't apply to master right now.
* Instead of checking for HAVE_SYS_UN_H, why not check for HAVE_PWD_H ?
* The code that calls getpwnam() needs to be wrapped in a HAVE_PWD_H
check too, I think: otherwise it won't build on systems without PWD_H.
* The tor_assert(pw != NULL) check seems a bit too aggressive. We
shouldn't crash just because a user got deleted from /etc/passwd.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3421#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list