arm tells users to "sudo -u debian-tor arm", which lets arm read tor's keys
View options
- Truncate descriptions
in config/strings.cfg:
msg.setup.arm_is_running_as_root Arm is currently running with root permissions. This isn't a good idea, nor should it be necessary. Try starting arm with "sudo -u {tor_user} arm" instead.
Telling the user to run arm as the tor user exposes all of /var/lib/tor/ to arm, which is probably more than needed and likely more than expected.
At least on debian, the right answer is "sudo adduser $USER debian-tor" and then run arm as the normal user (after logout/login as needed). See #10700 (moved) for where this topic came up.
- Show labels
- Show closed items