[tor-bugs] #8195 [Tor]: tor and capabilities

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Feb 21 23:21:07 UTC 2014


#8195: tor and capabilities
-----------------------------+--------------------------------
     Reporter:  weasel       |      Owner:
         Type:  enhancement  |     Status:  needs_revision
     Priority:  normal       |  Milestone:  Tor: 0.2.5.x-final
    Component:  Tor          |    Version:
   Resolution:               |   Keywords:  tor-relay security
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+--------------------------------

Comment (by dgoulet):

 So here is a branch that uses libcap2 since it's a more portable API in
 terms of ABI changes from the kernel as stated in the man page.

 It works fine right now and adds a "UseCapabilities 0|1" option to the
 torrc file for this. A first pass by anyone would be great!

 https://github.com/dgoulet/tor.git (branch: bug8195)

 Note that this does NOT drop any default existing capabilities but rather
 adds the bind service one. So, we might want to do that at some point in
 time and see exactly which capabilities Tor needs for all of its features.

 No test though in that patch so that would be needed before any merge I
 guess.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8195#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list