[tor-commits] [tor/master] Sandbox: allow access to stats/bridge-stats

Tue May 20 16:03:31 UTC 2014

commit f6d3006363f7eabffefce96b814f5a2619f9cbfa
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue May 20 11:57:03 2014 -0400

    Sandbox: allow access to stats/bridge-stats
    
    Fix for 12041; bugfix on 0.2.5.1-alpha.
---
 changes/bug12041 |    5 +++++
 src/or/main.c    |    5 ++++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/changes/bug12041 b/changes/bug12041
new file mode 100644
index 0000000..ddbc7de
--- /dev/null
+++ b/changes/bug12041
@@ -0,0 +1,5 @@
+  o Minor bugfixes (linux syscall sandbox):
+    - Fix a "BUG" warning when trying to write bridge-stats files with
+      the Linux syscall sandbox filter enabled. Fixes bug 12041;
+      bugfix on 0.2.5.1-alpha.
+
diff --git a/src/or/main.c b/src/or/main.c
index a2c5743..361a5ef 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -2834,6 +2834,8 @@ sandbox_init_filter(void)
         get_datadir_fname2("keys", "secret_onion_key_ntor.old"),
         get_datadir_fname2("keys", "secret_onion_key.tmp"),
         get_datadir_fname2("keys", "secret_id_key.tmp"),
+        get_datadir_fname2("stats", "bridge-stats"),
+        get_datadir_fname2("stats", "bridge-stats.tmp"),
         get_datadir_fname("fingerprint"),
         get_datadir_fname("fingerprint.tmp"),
         get_datadir_fname("hashed-fingerprint"),
@@ -2850,6 +2852,7 @@ sandbox_init_filter(void)
     RENAME_SUFFIX2("keys", "secret_id_key.old", ".tmp");
     RENAME_SUFFIX2("keys", "secret_onion_key", ".tmp");
     RENAME_SUFFIX2("keys", "secret_onion_key.old", ".tmp");
+    RENAME_SUFFIX2("stats", "bridge_stats", ".tmp");
     RENAME_SUFFIX("hashed-fingerprint", ".tmp");
     RENAME_SUFFIX("router-stability", ".tmp");
 
@@ -2862,7 +2865,7 @@ sandbox_init_filter(void)
 
     sandbox_cfg_allow_stat_filename_array(&cfg,
         get_datadir_fname("keys"),
-        get_datadir_fname("stats/dirreq-stats"),
+        get_datadir_fname2("stats", "dirreq-stats"),
         NULL, 0
     );
   }



