[tor-dev] permission denied when running snowflake-client with debian-tor user
Yawning Angel
yawning at schwanenlied.me
Mon Jun 11 19:30:31 UTC 2018
On Mon, 11 Jun 2018 13:24:19 -0400
Arlo Breault <arlo at torproject.org> wrote:
> When you launch the client binary without providing a broker url
> it tries to create a named pipe (mkfifo) to do signalling.
>
> https://gitweb.torproject.org/pluggable-transports/snowflake.git/tree/client/rendezvous.go#n161
The PT spec explicitly forbids this behavior, to avoid this problem.
https://gitweb.torproject.org/torspec.git/tree/pt-spec.txt#n188
> "TOR_PT_STATE_LOCATION"
>
> Specifies an absolute path to a directory where the PT is
> allowed to store state that will be persisted across
> invocations. The directory is not required to exist when
> the PT is launched, however PT implementations SHOULD be
> able to create it as required.
>
> PTs MUST only store files in the path provided, and MUST NOT
> create or modify files elsewhere on the system.
>
> Example:
>
> TOR_PT_STATE_LOCATION=/var/lib/tor/pt_state/
Regards,
--
Yawning Angel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20180611/9547c7c8/attachment.sig>
More information about the tor-dev
mailing list