[tor-bugs] #15649 [general]: [feature suggestion] Tor control protocol should listen on privileged UNIX domain socket and allow an unauthenticated administration there
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Apr 9 23:54:01 UTC 2015
#15649: [feature suggestion] Tor control protocol should listen on privileged UNIX
domain socket and allow an unauthenticated administration there
-------------------------+---------------------
Reporter: yurivict271 | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: general | Version:
Keywords: | Actual Points:
Parent ID: | Points:
-------------------------+---------------------
I suggest that tor should by default listen on the UNIX domain socket (ex.
/tmp/.tor-unix/ctl-privileged) in addition to it currently listening on
the local address 127.0.0.1:9100
Socket /tmp/.tor-unix/ctl-privileged should be owned by root with
restrictive permissions like 0700, and no authentication should be
required from the users (root) connected to it.
Why this is needed: I created the service that needs to modify the torrc,
and currently there is no way to do this in automated way due to the
authentication requirement. So I still have to write the torrc file
directly, risking that my changes will get lost.
The service starts as root, and by the virtue of this has an authority to
modify anything on the system, including torrc, but it still needs the
password to do this the "right" way, which is unreasonable.
Additionally, it would make sense to also maintain /tmp/.tor-unix/ctl UNIX
domain socket with less restrictive permissions which would require an
authentication much like 127.0.0.1:9100 does.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15649>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list