[tor-bugs] #16070 [Tor]: Tor log doesn't have to be world readable

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun May 17 23:43:19 UTC 2015


#16070: Tor log doesn't have to be world readable
-----------------------------+-----------------
     Reporter:  yurivict271  |      Owner:
         Type:  defect       |     Status:  new
     Priority:  normal       |  Milestone:
    Component:  Tor          |    Version:
   Resolution:               |   Keywords:
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+-----------------

Comment (by atagar):

 > But nothing should really be world readable.

 *shrug*. If that's your view then you're welcome to impose whatever you'd
 like on your system. When it comes to defaults that policy is debatable.

 > So if I run nyx with some regular user, it will fail. There should be
 the policy and documentation on which users can connect, and what groups
 and permissions are needed.

 Ah, so you're using a ControlSocket rather than a ControlPort, and
 restricting it to just the tor user? If that's how your platform is set up
 then indeed, guess someone painted you into a corner so third party apps
 gotta run as the tor user.

 > Also /proc is the linux artifact, not a good idea to use it and rely on
 it in general.

 Yes, it's a linux artifact. To get resource usage and connection
 information Nyx uses /proc if it's available (since it's the most
 performant), then falls back to shelling out to things like lsof, netstat,
 and friends. If none of that works then the user simply doesn't get the
 information we were trying to retrieve.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16070#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list