]> git.ipfire.org Git - thirdparty/tor.git/commit
projects / thirdparty / tor.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f303274) | patch
Make ControlSocketsGroupWritable work with User.
authorJérémy Bobbio <lunar@debian.org>
Tue, 14 Jun 2011 16:18:32 +0000 (12:18 -0400)
committerNick Mathewson <nickm@torproject.org>
Tue, 14 Jun 2011 16:18:32 +0000 (12:18 -0400)
commit54d7d31cba84232b50fef4287951b2c4bfa746c2
tree3edfea998d447846a8e5cf14b850d38eb0da7450tree | snapshot
parentf30327449009a7f00b0f5c2bd09a7eff615df3ddcommit | diff
Make ControlSocketsGroupWritable work with User.

Original message from bug3393:

check_private_dir() to ensure that ControlSocketsGroupWritable is
safe to use. Unfortunately, check_private_dir() only checks against
the currently running user… which can be root until privileges are
dropped to the user and group configured by the User config option.

The attached patch fixes the issue by adding a new effective_user
argument to check_private_dir() and updating the callers. It might
not be the best way to fix the issue, but it did in my tests.

(Code by lunar; changelog by nickm)
src/common/util.c diff | blob | blame | history
src/common/util.h diff | blob | blame | history
src/or/config.c diff | blob | blame | history
src/or/connection.c diff | blob | blame | history
src/or/geoip.c diff | blob | blame | history
src/or/rendservice.c diff | blob | blame | history
src/or/rephist.c diff | blob | blame | history
src/or/router.c diff | blob | blame | history
Mirror of https://git.torproject.org/tor.git