From 54d7d31cba84232b50fef4287951b2c4bfa746c2 Mon Sep 17 00:00:00 2001 From: Jérémy Bobbio Date: Tue, 14 Jun 2011 12:18:32 -0400 Subject: Make ControlSocketsGroupWritable work with User. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Original message from bug3393: check_private_dir() to ensure that ControlSocketsGroupWritable is safe to use. Unfortunately, check_private_dir() only checks against the currently running user… which can be root until privileges are dropped to the user and group configured by the User config option. The attached patch fixes the issue by adding a new effective_user argument to check_private_dir() and updating the callers. It might not be the best way to fix the issue, but it did in my tests. (Code by lunar; changelog by nickm) --- src/or/config.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'src/or/config.c') diff --git a/src/or/config.c b/src/or/config.c index 44cecf353..8ab23a3b8 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1025,7 +1025,8 @@ options_act_reversible(or_options_t *old_options, char **msg) /* Ensure data directory is private; create if possible. */ if (check_private_dir(options->DataDirectory, - running_tor ? CPD_CREATE : CPD_CHECK)<0) { + running_tor ? CPD_CREATE : CPD_CHECK, + options->User)<0) { tor_asprintf(msg, "Couldn't access/create private data directory \"%s\"", options->DataDirectory); @@ -1038,7 +1039,8 @@ options_act_reversible(or_options_t *old_options, char **msg) char *fn = tor_malloc(len); tor_snprintf(fn, len, "%s"PATH_SEPARATOR"cached-status", options->DataDirectory); - if (check_private_dir(fn, running_tor ? CPD_CREATE : CPD_CHECK) < 0) { + if (check_private_dir(fn, running_tor ? CPD_CREATE : CPD_CHECK, + options->User) < 0) { tor_asprintf(msg, "Couldn't access/create private data directory \"%s\"", fn); tor_free(fn); -- cgit v1.2.3