Allow reloading torrc and writing to router-stability (18f7f49a) · Commits · jarl / tor

src/or/main.c

+10 −0

Original line number	Diff line number	Diff line
		@@ -2728,6 +2728,7 @@ sandbox_init_filter(void)
		{
		const or_options_t *options = get_options();
		sandbox_cfg_t *cfg = sandbox_cfg_new();
		int i;

		sandbox_cfg_allow_openat_filename(&cfg,
		get_datadir_fname("cached-status"));
		@@ -2774,6 +2775,12 @@ sandbox_init_filter(void)
		else
		sandbox_cfg_allow_open_filename(&cfg, tor_strdup("/etc/resolv.conf"));

		for (i = 0; i < 2; ++i) {
		if (get_torrc_fname(i)) {
		sandbox_cfg_allow_open_filename(&cfg, tor_strdup(get_torrc_fname(i)));
		}
		}

		#define RENAME_SUFFIX(name, suffix) \
		sandbox_cfg_allow_rename(&cfg, \
		get_datadir_fname(name suffix), \
		@@ -2827,6 +2834,8 @@ sandbox_init_filter(void)
		get_datadir_fname("fingerprint.tmp"),
		get_datadir_fname("hashed-fingerprint"),
		get_datadir_fname("hashed-fingerprint.tmp"),
		get_datadir_fname("router-stability"),
		get_datadir_fname("router-stability.tmp"),
		tor_strdup("/etc/resolv.conf"),
		NULL, 0
		);
		@@ -2838,6 +2847,7 @@ sandbox_init_filter(void)
		RENAME_SUFFIX2("keys", "secret_onion_key", ".tmp");
		RENAME_SUFFIX2("keys", "secret_onion_key.old", ".tmp");
		RENAME_SUFFIX("hashed-fingerprint", ".tmp");
		RENAME_SUFFIX("router-stability", ".tmp");

		sandbox_cfg_allow_rename(&cfg,
		get_datadir_fname2("keys", "secret_onion_key"),