Opened 5 years ago
Last modified 2 years ago
#16004 new enhancement
Support Isolation by SCM_CREDENTIALS / SCM_CREDS for AF_UNIX endpoints
Reported by: | anon | Owned by: | |
---|---|---|---|
Priority: | Medium | Milestone: | Tor: unspecified |
Component: | Core Tor/Tor | Version: | Tor: unspecified |
Severity: | Normal | Keywords: | isolation, lorax, tor-client, scm_creds AF_UNIX |
Cc: | Actual Points: | ||
Parent ID: | Points: | ||
Reviewer: | Sponsor: |
Description
Support Isolation by SCM_CREDENTIALS / SCM_CREDS for AF_UNIX endpoints.
(a pid, uid, gid tuple, or any of the three)
Child Tickets
Change History (6)
comment:1 Changed 5 years ago by
Keywords: | tor-core isolation lorax added |
---|---|
Milestone: | → Tor: 0.2.??? |
Version: | → Tor: unspecified |
comment:3 Changed 3 years ago by
Keywords: | tor-03-unspecified-201612 added |
---|---|
Milestone: | Tor: 0.3.??? → Tor: unspecified |
Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.
comment:4 Changed 3 years ago by
Keywords: | tor-03-unspecified-201612 removed |
---|
Remove an old triaging keyword.
comment:5 Changed 3 years ago by
Keywords: | tor-core removed |
---|
The tor-core keyword doesn't really make sense now that we have "Core Tor/Tor" for component.
comment:6 Changed 2 years ago by
Keywords: | tor-client scm_creds AF_UNIX added |
---|---|
Severity: | → Normal |
Note: See
TracTickets for help on using
tickets.
Better than
SCM_CREDENTIALS
/SCM_CREDS
would be to use the equally non-portable (but easier to use) socket options that return the relevant tuple.SO_PEERCRED
on Linux,LOCAL_PEERCRED
(SOL_SOCKET
) on FreeBSD,LOCAL_PEERCRED
(SOL_LOCAL
) on Darwin.This is a dead trivial amount of code to add, so I could see it being really nice for 0.2.7.x if someone has time to write a good implementation of it (and I may, if I can spare a hour or two). It's particularly appealing for torsocks, since once AF_UNIX backed socket support lands there, it will automagically get strong-ish isolation.