[tor-bugs] #12864 [Tor]: CookieAuthFileGroupReadable regression between 0.2.4.x and 0.2.5.6-alpha
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Aug 14 10:48:05 UTC 2014
#12864: CookieAuthFileGroupReadable regression between 0.2.4.x and 0.2.5.6-alpha
-----------------------+----------------------------------
Reporter: intrigeri | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor | Version: Tor: unspecified
Keywords: | Actual Points:
Parent ID: | Points:
-----------------------+----------------------------------
Hi,
with current Debian sid's tor (0.2.4.23-2), CookieAuthFileGroupReadable
works just fine.
Upgrading to experimental's tor (0.2.5.6-alpha-1) makes this parameter a
no-op in practice:
{{{
$ ls -l /run/tor/control.authcookie
-rw------- 1 debian-tor debian-tor 32 Aug 14 12:17
/run/tor/control.authcookie
}}}
This breaks Vidalia's default configuration on Debian.
Relevant configuration settings:
{{{
$ grep Cookie /etc/tor/torrc /usr/share/tor/tor-service-defaults-torrc
/usr/share/tor/tor-service-defaults-torrc:CookieAuthentication 1
/usr/share/tor/tor-service-defaults-torrc:CookieAuthFileGroupReadable 1
/usr/share/tor/tor-service-defaults-torrc:CookieAuthFile
/var/run/tor/control.authcookie
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12864>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list