[tor-bugs] #10702 [arm]: arm tells users to "sudo -u debian-tor arm", which lets arm read tor's keys

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Apr 23 16:24:23 UTC 2014


#10702: arm tells users to "sudo -u debian-tor arm", which lets arm read tor's keys
------------------------+--------------------
     Reporter:  arma    |      Owner:  atagar
         Type:  defect  |     Status:  new
     Priority:  normal  |  Milestone:
    Component:  arm     |    Version:
   Resolution:          |   Keywords:
Actual Points:          |  Parent ID:
       Points:          |
------------------------+--------------------

Comment (by alphawolf):

 The permissions on /var/lib/tor and /var/log/tor will need to be adjusted
 in order for "sudo adduser $USER debian-tor" to work 100%.  Arm wants to
 read the state file to prepopulate bandwidth information, but the debian-
 tor group does not have read permission on /var/lib/tor/state.  Arm also
 wants to read tor's log file, but the default group for /var/lib/tor is
 'adm'.

 Can we get the default install to !`chmod g+x /var/lib/tor` and !`chmod
 g+r /var/lib/tor/state`?  Leave ./keys without group read/execute
 permission of course.

 Not sure what to do about the logs... suggest users "sudo adduser $USER
 adm" ?

 *(Permissions based on a default 0.2.4 install from deb.torproject.org  on
 Debian Jessie)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10702#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list