aboutsummaryrefslogtreecommitdiff
path: root/src/or
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2016-03-14 13:40:44 -0400
committerNick Mathewson <nickm@torproject.org>2016-03-14 13:40:44 -0400
commit0cdeac77e0332c37dd4cc7867e34214961db9009 (patch)
treee507240dcfede73552808610ddf1c5e5e51e36b7 /src/or
parent36ad65a7d1709deeb4bc1ae3e994a30c3e7bf789 (diff)
downloadtor-0cdeac77e0332c37dd4cc7867e34214961db9009.tar.gz
tor-0cdeac77e0332c37dd4cc7867e34214961db9009.zip
Don't chmod/chown unix sockets if their permissions are already ok
This is a part of a fix for 18253; bugfix on 0.2.8.1-alpha. Alternatively, we could permit chmod/chown in the sandbox, but I really don't like giving the sandbox permission to alter permissions.
Diffstat (limited to 'src/or')
-rw-r--r--src/or/connection.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/src/or/connection.c b/src/or/connection.c
index 2e1c508894..2c135cad62 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -1283,10 +1283,14 @@ connection_listener_new(const struct sockaddr *listensockaddr,
#ifdef HAVE_PWD_H
if (options->User) {
pw = tor_getpwnam(options->User);
+ struct stat st;
if (pw == NULL) {
log_warn(LD_NET,"Unable to chown() %s socket: user %s not found.",
address, options->User);
goto err;
+ } else if (fstat(s, &st) == 0 &&
+ st.st_uid == pw->pw_uid && st.st_gid == pw->pw_gid) {
+ /* No change needed */
} else if (chown(address, pw->pw_uid, pw->pw_gid) < 0) {
log_warn(LD_NET,"Unable to chown() %s socket: %s.",
address, strerror(errno));
@@ -1298,6 +1302,7 @@ connection_listener_new(const struct sockaddr *listensockaddr,
{
unsigned mode;
const char *status;
+ struct stat st;
if (port_cfg->is_world_writable) {
mode = 0666;
status = "world-writable";
@@ -1310,7 +1315,9 @@ connection_listener_new(const struct sockaddr *listensockaddr,
}
/* We need to use chmod; fchmod doesn't work on sockets on all
* platforms. */
- if (chmod(address, mode) < 0) {
+ if (fstat(s, &st) == 0 && (st.st_mode & 0777) == mode) {
+ /* no change needed */
+ } else if (chmod(address, mode) < 0) {
log_warn(LD_FS,"Unable to make %s %s.", address, status);
goto err;
}