Permit filesystem group to be root

author Jamie Nguyen <j@jamielinux.com>

Fri, 13 Nov 2015 14:17:02 +0000 (14:17 +0000)

committer Nick Mathewson <nickm@torproject.org>

Fri, 11 Dec 2015 01:00:06 +0000 (20:00 -0500)
author Jamie Nguyen <j@jamielinux.com>
Fri, 13 Nov 2015 14:17:02 +0000 (14:17 +0000)
committer Nick Mathewson <nickm@torproject.org>
Fri, 11 Dec 2015 01:00:06 +0000 (20:00 -0500)
diff --git a/changes/bug17562-allow-root-group-read b/changes/bug17562-allow-root-group-read

new file mode 100644 (file)

index 0000000..7a0903c
--- /dev/null
+++ b/changes/bug17562-allow-root-group-read
@@ -0,0 +1,6 @@
+  o Minor bug fixes:
+    - If any directory created by Tor is marked as group readable, the
+      filesystem group is allowed to be either the default GID or the root
+      user. Allowing root to read the DataDirectory prevents the need for
+      CAP_READ_SEARCH when using systemd's CapabilityBoundingSet, or
+      dac_read_search when using SELinux.
diff --git a/src/common/util.c b/src/common/util.c

index ce3646cd64882b3bcbb7f95503f682846d0263dc..6d522de4343b9fb80aeb8129c92ffd1b1e51331d 100644 (file)
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -2143,7 +2143,7 @@ check_private_dir(const char *dirname, cpd_check_t check,
      return -1;
    }
    if ( (check & (CPD_GROUP_OK|CPD_GROUP_READ))
-       && (st.st_gid != running_gid) ) {
+       && (st.st_gid != running_gid) && (st.st_gid != 0)) {
      struct group *gr;
      char *process_groupname = NULL;
      gr = getgrgid(running_gid);
author	Jamie Nguyen <j@jamielinux.com>
	Fri, 13 Nov 2015 14:17:02 +0000 (14:17 +0000)
committer	Nick Mathewson <nickm@torproject.org>
	Fri, 11 Dec 2015 01:00:06 +0000 (20:00 -0500)
changes/bug17562-allow-root-group-read	[new file with mode: 0644]	patch \| blob
src/common/util.c		patch \| blob \| blame \| history