[tor-dev] What little-t-tor bridge features/issues we should address?

Yawning Angel yawning at schwanenlied.me
Mon Jul 14 20:12:33 UTC 2014

On Mon, 14 Jul 2014 12:30:06 -0700
Kevin P Dyer <kpdyer at gmail.com> wrote:

(This is orthogonal to the bridge code, but since you asked...)

> I would like to be able to bind to privileged ports when running a
> PT-enabled bridge in managed mode --- will any changes to
> little-t-tor be required for this feature?

(Assuming Lenooks for the sake of discussion.)

At the dev meeting I was talking to dgoulet about having tor do the
appropriate work to preserve the CAP_NET_BIND_SERVICE when dropping root
so all PTs transparently get this capability.

He mentioned difficulties with our python PTs, probably because the
ServerTransportPlugin line was pointing directly at the script and it
was getting invoked via the #! handler in the kernel.  It may be
possible that this "just works" if the ServerTransportPlugin line
pointed at the python interpreter instead, but if it does not, this will
probably require a kernel patch, that won't ever get accepted upstream.


Yawning Angel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20140714/bda2c560/attachment.sig>

More information about the tor-dev mailing list