summaryrefslogtreecommitdiff
path: root/changes
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2014-09-03 13:28:46 -0400
committerNick Mathewson <nickm@torproject.org>2014-09-03 13:28:46 -0400
commitf58cdb3be70ef7b30875efe5c2894efc4e273953 (patch)
treea00c835b11ab05a7b8becbf6e439863a82d58739 /changes
parented8f020e205267e6270494634346ab68d830e1d8 (diff)
parent9f0161f73db38ab0cf849dcca66f645d3036d9a9 (diff)
downloadtor-f58cdb3be70ef7b30875efe5c2894efc4e273953.tar.gz
tor-f58cdb3be70ef7b30875efe5c2894efc4e273953.zip
Merge remote-tracking branch 'intrigeri/bug12751-systemd-filesystem-sandbox'
Diffstat (limited to 'changes')
-rw-r--r--changes/bug12751-systemd-filesystem-sandbox5
1 files changed, 5 insertions, 0 deletions
diff --git a/changes/bug12751-systemd-filesystem-sandbox b/changes/bug12751-systemd-filesystem-sandbox
new file mode 100644
index 0000000000..0abaa4cf6f
--- /dev/null
+++ b/changes/bug12751-systemd-filesystem-sandbox
@@ -0,0 +1,5 @@
+ o Distribution:
+ - systemd unit file: only allow tor to write to /var/lib/tor
+ and /var/log/tor. The rest of the filesystem is accessible
+ for reading only.
+ Patch by intrigeri; resolves ticket 12751.