[tor-bugs] #15649 [general]: [feature suggestion] Tor control protocol should listen on privileged UNIX domain socket and allow an unauthenticated administration there

[Tor Bug Tracker & Wiki]

#15649: [feature suggestion] Tor control protocol should listen on privileged UNIX
domain socket and allow an unauthenticated administration there
-----------------------------+-----------------
     Reporter:  yurivict271  |      Owner:
         Type:  enhancement  |     Status:  new
     Priority:  normal       |  Milestone:
    Component:  general      |    Version:
   Resolution:               |   Keywords:
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+-----------------

Comment (by yurivict271):

 In case there are many instances this is easily solved by factoring in
 their pid in the ctl socket name.

 Package manager/user can't solve this problem. They run 'pkg install tor
 my-service && service tor start && service my-service start'. Where does
 the user or package manager come into play? This boils down to either
 changing the default for CookieAuthentication, or the need of the direct
 user involvement: change this file, add this line here, and that line
 there. It quickly becomes the rocket science when it doesn't have to be.
 Superuser ctl socket elegantly solves this problem. Xorg also typically
 keeps such socket, this is a common practice to operate through the UNIX
 sockets.

 Tor opens local socket at 127.0.0.1:9100 by default. This should have been
 UNIX socket to begin with, because that would have been the most natural
 choice. Why choose local net when UNIX socket is obviously more functional
 for this. UNIX socket actually supports authentication credentials too,
 among other potentially useful things.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15649#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online