Defer creation of Unix socket until after setuid

author: Jamie Nguyen <j@jamielinux.com> 2015-11-13 13:57:11 +0000
committer: Nick Mathewson <nickm@torproject.org> 2015-12-10 20:00:06 -0500
commit: dcbfe46cd63e041a5bfc4f1de008a7f9025dffce (patch)
tree: 8141087bd770fb5d947839e659939205f9604962 /changes
parent: ec4ef68271ab65b4ec643088153211e861cdc7b3 (diff)
download: tor-dcbfe46cd63e041a5bfc4f1de008a7f9025dffce.tar.gz
tor-dcbfe46cd63e041a5bfc4f1de008a7f9025dffce.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/changes/bug17562-defer-unix-socket-creation b/changes/bug17562-defer-unix-socket-creation
new file mode 100644
index 0000000000..f1896c044a
--- /dev/null
+++ b/changes/bug17562-defer-unix-socket-creation
@@ -0,0 +1,4 @@
+  o Minor bug fixes:
+    - Defer creation of Unix sockets until after setuid. This avoids needing
+      CAP_CHOWN and CAP_FOWNER when using systemd's CapabilityBoundingSet, or
+      chown and fowner when using SELinux.
author	Jamie Nguyen <j@jamielinux.com>	2015-11-13 13:57:11 +0000
committer	Nick Mathewson <nickm@torproject.org>	2015-12-10 20:00:06 -0500
commit	dcbfe46cd63e041a5bfc4f1de008a7f9025dffce (patch)
tree	8141087bd770fb5d947839e659939205f9604962 /changes
parent	ec4ef68271ab65b4ec643088153211e861cdc7b3 (diff)
download	tor-dcbfe46cd63e041a5bfc4f1de008a7f9025dffce.tar.gz tor-dcbfe46cd63e041a5bfc4f1de008a7f9025dffce.zip