|
|
3addba3 |
From c60ea133362213f0b7d4572ac30ff0a2195918b7 Mon Sep 17 00:00:00 2001
|
|
|
3addba3 |
From: Jamie Nguyen <j@jamielinux.com>
|
|
|
3addba3 |
Date: Fri, 13 Nov 2015 14:18:26 +0000
|
|
|
3addba3 |
Subject: [PATCH 2/3] Introduce DataDirectoryGroupReadable boolean
|
|
|
3addba3 |
|
|
|
3addba3 |
---
|
|
|
3addba3 |
changes/bug17562-DataDirectoryGroupReadable | 3 +++
|
|
|
3addba3 |
doc/tor.1.txt | 5 +++++
|
|
|
3addba3 |
src/or/config.c | 17 ++++++++++++++++-
|
|
|
3addba3 |
src/or/or.h | 1 +
|
|
|
3addba3 |
4 files changed, 25 insertions(+), 1 deletion(-)
|
|
|
3addba3 |
create mode 100644 changes/bug17562-DataDirectoryGroupReadable
|
|
|
3addba3 |
|
|
|
3addba3 |
diff --git a/changes/bug17562-DataDirectoryGroupReadable b/changes/bug17562-DataDirectoryGroupReadable
|
|
|
3addba3 |
new file mode 100644
|
|
|
3addba3 |
index 0000000..524e5ef
|
|
|
3addba3 |
--- /dev/null
|
|
|
3addba3 |
+++ b/changes/bug17562-DataDirectoryGroupReadable
|
|
|
3addba3 |
@@ -0,0 +1,3 @@
|
|
|
3addba3 |
+ o Minor bug fixes:
|
|
|
3addba3 |
+ - Introduce DataDirectoryGroupReadable boolean. If set to 1, the
|
|
|
3addba3 |
+ DataDirectory will be made readable by the default GID.
|
|
|
3addba3 |
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
|
|
|
3addba3 |
index 916433b..00cac95 100644
|
|
|
3addba3 |
--- a/doc/tor.1.txt
|
|
|
3addba3 |
+++ b/doc/tor.1.txt
|
|
|
3addba3 |
@@ -350,6 +350,11 @@ GENERAL OPTIONS
|
|
|
3addba3 |
[[DataDirectory]] **DataDirectory** __DIR__::
|
|
|
3addba3 |
Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor)
|
|
|
3addba3 |
|
|
|
3addba3 |
+[[DataDirectoryGroupReadable]] **DataDirectoryGroupReadable** **0**|**1**::
|
|
|
3addba3 |
+ If this option is set to 0, don't allow the filesystem group to read the
|
|
|
3addba3 |
+ DataDirectory. If the option is set to 1, make the DataDirectory readable
|
|
|
3addba3 |
+ by the default GID. (Default: 0)
|
|
|
3addba3 |
+
|
|
|
3addba3 |
[[FallbackDir]] **FallbackDir** __address__:__port__ orport=__port__ id=__fingerprint__ [weight=__num__]::
|
|
|
3addba3 |
When we're unable to connect to any directory cache for directory info
|
|
|
3addba3 |
(usually because we don't know about any yet) we try a FallbackDir.
|
|
|
3addba3 |
diff --git a/src/or/config.c b/src/or/config.c
|
|
|
3addba3 |
index 22039b4..45293db 100644
|
|
|
3addba3 |
--- a/src/or/config.c
|
|
|
3addba3 |
+++ b/src/or/config.c
|
|
|
3addba3 |
@@ -212,6 +212,7 @@ static config_var_t option_vars_[] = {
|
|
|
3addba3 |
V(CookieAuthFile, STRING, NULL),
|
|
|
3addba3 |
V(CountPrivateBandwidth, BOOL, "0"),
|
|
|
3addba3 |
V(DataDirectory, FILENAME, NULL),
|
|
|
3addba3 |
+ V(DataDirectoryGroupReadable, BOOL, "0"),
|
|
|
3addba3 |
V(DisableNetwork, BOOL, "0"),
|
|
|
3addba3 |
V(DirAllowPrivateAddresses, BOOL, "0"),
|
|
|
3addba3 |
V(TestingAuthDirTimeToLearnReachability, INTERVAL, "30 minutes"),
|
|
|
3addba3 |
@@ -1187,16 +1188,30 @@ options_act_reversible(const or_options_t *old_options, char **msg)
|
|
|
3addba3 |
}
|
|
|
3addba3 |
|
|
|
3addba3 |
/* Ensure data directory is private; create if possible. */
|
|
|
3addba3 |
+ cpd_check_t cpd_group_opts = CPD_NONE;
|
|
|
3addba3 |
+ if (options->DataDirectoryGroupReadable)
|
|
|
3addba3 |
+ cpd_group_opts = CPD_GROUP_READ;
|
|
|
3addba3 |
if (check_private_dir(options->DataDirectory,
|
|
|
3addba3 |
- running_tor ? CPD_CREATE : CPD_CHECK,
|
|
|
3addba3 |
+ running_tor ?
|
|
|
3addba3 |
+ CPD_CREATE|cpd_group_opts : CPD_CHECK|cpd_group_opts,
|
|
|
3addba3 |
options->User)<0) {
|
|
|
3addba3 |
tor_asprintf(msg,
|
|
|
3addba3 |
"Couldn't access/create private data directory \"%s\"",
|
|
|
3addba3 |
options->DataDirectory);
|
|
|
3addba3 |
+
|
|
|
3addba3 |
goto done;
|
|
|
3addba3 |
/* No need to roll back, since you can't change the value. */
|
|
|
3addba3 |
}
|
|
|
3addba3 |
|
|
|
3addba3 |
+#ifndef _WIN32
|
|
|
3addba3 |
+ if (options->DataDirectoryGroupReadable) {
|
|
|
3addba3 |
+ /* Only new dirs created get new opts, also enforce group read. */
|
|
|
3addba3 |
+ if (chmod(options->DataDirectory, 0750)) {
|
|
|
3addba3 |
+ log_warn(LD_FS,"Unable to make %s group-readable.", options->DataDirectory);
|
|
|
3addba3 |
+ }
|
|
|
3addba3 |
+ }
|
|
|
3addba3 |
+#endif
|
|
|
3addba3 |
+
|
|
|
3addba3 |
/* Bail out at this point if we're not going to be a client or server:
|
|
|
3addba3 |
* we don't run Tor itself. */
|
|
|
3addba3 |
if (!running_tor)
|
|
|
3addba3 |
diff --git a/src/or/or.h b/src/or/or.h
|
|
|
3addba3 |
index 651d8be..112fe21 100644
|
|
|
3addba3 |
--- a/src/or/or.h
|
|
|
3addba3 |
+++ b/src/or/or.h
|
|
|
3addba3 |
@@ -3428,6 +3428,7 @@ typedef struct {
|
|
|
3addba3 |
|
|
|
3addba3 |
char *DebugLogFile; /**< Where to send verbose log messages. */
|
|
|
3addba3 |
char *DataDirectory; /**< OR only: where to store long-term data. */
|
|
|
3addba3 |
+ int DataDirectoryGroupReadable; /**< Boolean: Is the DataDirectory g+r? */
|
|
|
3addba3 |
char *Nickname; /**< OR only: nickname of this onion router. */
|
|
|
3addba3 |
char *Address; /**< OR only: configured address for this onion router. */
|
|
|
3addba3 |
char *PidFile; /**< Where to store PID of Tor process. */
|
|
|
3addba3 |
--
|
|
|
3addba3 |
2.5.0
|
|
|
3addba3 |
|