Defer creation of Unix socket until after setuid

author: Jamie Nguyen <j@jamielinux.com> 2015-11-13 13:57:11 +0000
committer: Nick Mathewson <nickm@torproject.org> 2015-12-10 20:00:06 -0500
commit: dcbfe46cd63e041a5bfc4f1de008a7f9025dffce (patch)
tree: 8141087bd770fb5d947839e659939205f9604962 /src/or/connection.c
parent: ec4ef68271ab65b4ec643088153211e861cdc7b3 (diff)
download: tor-dcbfe46cd63e041a5bfc4f1de008a7f9025dffce.tar.gz
tor-dcbfe46cd63e041a5bfc4f1de008a7f9025dffce.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/src/or/connection.c b/src/or/connection.c
index 7b8cc6ba39..575bbf119b 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -2386,6 +2386,14 @@ retry_listener_ports(smartlist_t *old_conns,
     if (port->server_cfg.no_listen)
       continue;
 
+#ifndef _WIN32
+    /* We don't need to be root to create a UNIX socket, so defer until after
+     * setuid. */
+    const or_options_t *options = get_options();
+    if (port->is_unix_addr && !geteuid() && strcmp(options->User, "root"))
+      continue;
+#endif
+
     if (port->is_unix_addr) {
       listensockaddr = (struct sockaddr *)
         create_unix_sockaddr(port->unix_addr,
author	Jamie Nguyen <j@jamielinux.com>	2015-11-13 13:57:11 +0000
committer	Nick Mathewson <nickm@torproject.org>	2015-12-10 20:00:06 -0500
commit	dcbfe46cd63e041a5bfc4f1de008a7f9025dffce (patch)
tree	8141087bd770fb5d947839e659939205f9604962 /src/or/connection.c
parent	ec4ef68271ab65b4ec643088153211e861cdc7b3 (diff)
download	tor-dcbfe46cd63e041a5bfc4f1de008a7f9025dffce.tar.gz tor-dcbfe46cd63e041a5bfc4f1de008a7f9025dffce.zip