diff options
| author | Jamie Nguyen <j@jamielinux.com> | 2015-11-13 14:17:02 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-12-10 20:00:06 -0500 |
| commit | 08c7ceb5dff3db5ba28de8370bae23f4bf6ec444 (patch) | |
| tree | 7ba9700bbd1a713bce2e46f26bb8b7b5599981c3 /changes | |
| parent | d68b7fd4422f6ea1cad18a26b6a46b61bc182285 (diff) | |
| download | tor-08c7ceb5dff3db5ba28de8370bae23f4bf6ec444.tar.gz tor-08c7ceb5dff3db5ba28de8370bae23f4bf6ec444.zip | |
Permit filesystem group to be root
Diffstat (limited to 'changes')
| -rw-r--r-- | changes/bug17562-allow-root-group-read | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/changes/bug17562-allow-root-group-read b/changes/bug17562-allow-root-group-read new file mode 100644 index 0000000000..7a0903c662 --- /dev/null +++ b/changes/bug17562-allow-root-group-read @@ -0,0 +1,6 @@ + o Minor bug fixes: + - If any directory created by Tor is marked as group readable, the + filesystem group is allowed to be either the default GID or the root + user. Allowing root to read the DataDirectory prevents the need for + CAP_READ_SEARCH when using systemd's CapabilityBoundingSet, or + dac_read_search when using SELinux. |