diff options
| author | Nick Mathewson <nickm@torproject.org> | 2016-03-22 10:08:50 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-03-22 10:08:50 -0400 |
| commit | ca8423a703803db860ee39906f8b5d362e0f64f2 (patch) | |
| tree | 062a37a27f446b20eaba8713d2c6415e2b1dc752 /src/or/main.c | |
| parent | 778e8e604d561a47ca6223a570a691b6dc81128e (diff) | |
| parent | f930824914a1ebf10f502543dbc8bf598be19c3c (diff) | |
| download | tor-ca8423a703803db860ee39906f8b5d362e0f64f2.tar.gz tor-ca8423a703803db860ee39906f8b5d362e0f64f2.zip | |
Merge remote-tracking branch 'public/bug18253'
Diffstat (limited to 'src/or/main.c')
| -rw-r--r-- | src/or/main.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/or/main.c b/src/or/main.c index f37c23c9f5..00768ac18f 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -3482,6 +3482,20 @@ sandbox_init_filter(void) } } + SMARTLIST_FOREACH_BEGIN(get_configured_ports(), port_cfg_t *, port) { + if (!port->is_unix_addr) + continue; + /* When we open an AF_UNIX address, we want permission to open the + * directory that holds it. */ + char *dirname = tor_strdup(port->unix_addr); + if (get_parent_directory(dirname) == 0) { + OPEN(dirname); + } + tor_free(dirname); + sandbox_cfg_allow_chmod_filename(&cfg, tor_strdup(port->unix_addr)); + sandbox_cfg_allow_chown_filename(&cfg, tor_strdup(port->unix_addr)); + } SMARTLIST_FOREACH_END(port); + if (options->DirPortFrontPage) { sandbox_cfg_allow_open_filename(&cfg, tor_strdup(options->DirPortFrontPage)); |