[tor-bugs] #8195 [Tor]: tor and capabilities
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Feb 21 23:21:07 UTC 2014
#8195: tor and capabilities
-----------------------------+--------------------------------
Reporter: weasel | Owner:
Type: enhancement | Status: needs_revision
Priority: normal | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-relay security
Actual Points: | Parent ID:
Points: |
-----------------------------+--------------------------------
Comment (by dgoulet):
So here is a branch that uses libcap2 since it's a more portable API in
terms of ABI changes from the kernel as stated in the man page.
It works fine right now and adds a "UseCapabilities 0|1" option to the
torrc file for this. A first pass by anyone would be great!
https://github.com/dgoulet/tor.git (branch: bug8195)
Note that this does NOT drop any default existing capabilities but rather
adds the bind service one. So, we might want to do that at some point in
time and see exactly which capabilities Tor needs for all of its features.
No test though in that patch so that would be needed before any merge I
guess.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8195#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list