diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-01-10 17:59:49 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2012-01-10 17:59:49 -0500 |
| commit | 5e9d349979f550474ba105491ba463a8b69a88ae (patch) | |
| tree | 56057971378149f0425d01522822da70eee82f19 /src | |
| parent | 73d4dbe103db639cf806e1610a79e4a781428d1f (diff) | |
| parent | ff282a11266601bf2690d34a4a74622192b9bbfa (diff) | |
| download | tor-5e9d349979f550474ba105491ba463a8b69a88ae.tar.gz tor-5e9d349979f550474ba105491ba463a8b69a88ae.zip | |
Merge remote-tracking branch 'public/bug4650_nm_squashed'
Diffstat (limited to 'src')
| -rw-r--r-- | src/common/compat.c | 9 | ||||
| -rw-r--r-- | src/or/config.c | 33 |
2 files changed, 32 insertions, 10 deletions
diff --git a/src/common/compat.c b/src/common/compat.c index 27e0060544..ff9d877cd6 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -1542,8 +1542,8 @@ switch_id(const char *user) * CAP_SYS_PTRACE and so it is very likely that root will still be able to * attach to the Tor process. */ -/** Attempt to disable debugger attachment: return 0 on success, -1 on - * failure. */ +/** Attempt to disable debugger attachment: return 1 on success, -1 on + * failure, and 0 if we don't know how to try on this platform. */ int tor_disable_debugger_attach(void) { @@ -1568,11 +1568,12 @@ tor_disable_debugger_attach(void) // XXX: TODO - Mac OS X has dtrace and this may be disabled. // XXX: TODO - Windows probably has something similar - if (r == 0) { + if (r == 0 && attempted) { log_debug(LD_CONFIG,"Debugger attachment disabled for " "unprivileged users."); + return 1; } else if (attempted) { - log_warn(LD_CONFIG, "Unable to disable ptrace attach: %s", + log_warn(LD_CONFIG, "Unable to disable debugger attaching: %s", strerror(errno)); } return r; diff --git a/src/or/config.c b/src/or/config.c index 740a9dbfd7..b118f30ace 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1326,12 +1326,26 @@ options_act(const or_options_t *old_options) const int transition_affects_workers = old_options && options_transition_affects_workers(old_options, options); - /* disable ptrace and later, other basic debugging techniques */ - if (options->DisableDebuggerAttachment) { - tor_disable_debugger_attach(); - } else { - log_notice(LD_CONFIG,"Debugger attachment enabled " - "for unprivileged users."); + /* disable ptrace and later, other basic debugging techniques */ + { + /* Remember if we already disabled debugger attachment */ + static int disabled_debugger_attach = 0; + /* Remember if we already warned about being configured not to disable + * debugger attachment */ + static int warned_debugger_attach = 0; + if (options->DisableDebuggerAttachment && !disabled_debugger_attach) { + int ok = tor_disable_debugger_attach(); + if (warned_debugger_attach && ok == 1) { + log_notice(LD_CONFIG, "Disabled attaching debuggers for unprivileged " + "users."); + } + disabled_debugger_attach = (ok == 1); + } else if (!options->DisableDebuggerAttachment && + !warned_debugger_attach) { + log_notice(LD_CONFIG, "Not disabling debugger attaching for " + "unprivileged users."); + warned_debugger_attach = 1; + } } if (running_tor && !have_lockfile()) { @@ -4170,6 +4184,13 @@ options_transition_allowed(const or_options_t *old, return -1; } + if (old->DisableDebuggerAttachment && + !new_val->DisableDebuggerAttachment) { + *msg = tor_strdup("While Tor is running, disabling " + "DisableDebuggerAttachment is not allowed."); + return -1; + } + return 0; } |