diff options
| -rw-r--r-- | doc/tor.1.txt | 5 | ||||
| -rw-r--r-- | src/or/config.c | 3 | ||||
| -rw-r--r-- | src/or/connection.c | 7 | ||||
| -rw-r--r-- | src/or/or.h | 1 |
4 files changed, 15 insertions, 1 deletions
diff --git a/doc/tor.1.txt b/doc/tor.1.txt index d95d764c67..d0d0c2f7cb 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -167,6 +167,11 @@ Other options can be specified either on the command-line (--option Like ControlPort, but listens on a Unix domain socket, rather than a TCP socket. (Unix and Unix-like systems only.) +**UnixSocketsGroupWritable** **0**|**1**:: + If this option is set to 0, don't allow the filesystem group to read and + write unix sockets (e.g. ControlSocket). If the option is set to 1, make + the control socket readable and writable by the default GID. (Default: 0) + **HashedControlPassword** __hashed_password__:: Don't allow any connections on the control port except when the other process knows the password whose one-way hash is __hashed_password__. You diff --git a/src/or/config.c b/src/or/config.c index 6a2742d954..c81fc9c594 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -209,6 +209,7 @@ static config_var_t _option_vars[] = { V(ControlPortFileGroupReadable,BOOL, "0"), V(ControlPortWriteToFile, FILENAME, NULL), V(ControlSocket, LINELIST, NULL), + V(UnixSocketsGroupWritable, BOOL, "0"), V(CookieAuthentication, BOOL, "0"), V(CookieAuthFileGroupReadable, BOOL, "0"), V(CookieAuthFile, STRING, NULL), @@ -952,7 +953,7 @@ options_act_reversible(or_options_t *old_options, char **msg) } #ifndef HAVE_SYS_UN_H - if (options->ControlSocket) { + if (options->ControlSocket || options->UnixSocketsGroupWritable) { *msg = tor_strdup("Unix domain sockets (ControlSocket) not supported" " on this OS/with this build."); goto rollback; diff --git a/src/or/connection.c b/src/or/connection.c index 01b533d9b5..d0898c5e5c 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -966,6 +966,13 @@ connection_create_listener(const struct sockaddr *listensockaddr, tor_socket_strerror(tor_socket_errno(s))); goto err; } + if (get_options()->UnixSocketsGroupWritable) { + if (chmod(address, 0660) < 0) { + log_warn(LD_FS,"Unable to make %s group-readable.", address); + tor_close_socket(s); + goto err; + } + } if (listen(s,SOMAXCONN) < 0) { log_warn(LD_NET, "Could not listen on %s: %s", address, diff --git a/src/or/or.h b/src/or/or.h index 5647691550..b72693f029 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2445,6 +2445,7 @@ typedef struct { int ControlPort; /**< Port to listen on for control connections. */ config_line_t *ControlSocket; /**< List of Unix Domain Sockets to listen on * for control connections. */ + int UnixSocketsGroupWritable; /**< Boolean: Are unix sockets g+rw? */ int DirPort; /**< Port to listen on for directory connections. */ int DNSPort; /**< Port to listen on for DNS requests. */ int AssumeReachable; /**< Whether to publish our descriptor regardless. */ |