Opened 10 years ago

Closed 9 years ago

Last modified 8 years ago

#1923 closed enhancement (user disappeared)

Allow non-administrative users who know the HashedControlPassword to control tor client.

Reported by: aa138346 Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Allow non-administrative users who know the HashedControlPassword to start/stop the tor daemon, break all existing circuits, etc., from the command line.

Child Tickets

Change History (7)

comment:1 Changed 10 years ago by Sebastian

It appears that all of these are already possible. non-admins should be able to launch their own Tor and then stop it again. If they know the ControlPassword for a Tor running as a different user or with different permissions, they can fully control Tor using the control protocol. Obviously they won't be able to start Tor with higher privileges than their own user account has, the OS will not allow that. I'm not sure what you're actually asking.

comment:2 Changed 10 years ago by nickm

Maybe "from the command line" is the key here. aa138346, did you know about the script included with Tor? It lets you send aribitrary controller commands from the command line.

comment:3 Changed 10 years ago by nickm

Milestone: Tor: unspecified

Are you still around? We're trying to figure out what you're actually asking for here that you can't do now, to see if there's something that we should try to build.

comment:4 Changed 9 years ago by arma

Perhaps the reporter here wants to know about arm:

comment:5 Changed 9 years ago by nickm

Resolution: user disappeared
Status: newclosed

No answers in 6 months; closing as "user disappeared". please comment if there is a remaining issue here. I believe that the SIGNAL control command, plus the various ways to send controller commands from the command line, should take care of this.

comment:6 in reply to:  3 Changed 9 years ago by aa138346

Hello, sorry for not responding earlier.

Yes, "from the command line" was what I was looking for.

The reason I was looking for this functionality was because I wanted other non-privileged users/services (who can't restart and/or kill -HUP <pid>) to be able to restart/reload specific tor processes.

I looked into the script, and it appears to provide the functionality.

comment:7 Changed 8 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.