Allow ControlSocket to be group writable
This is an attempt to move http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552556 foward.
Right now, ControlPort + CookieAuthFileGroupReadable offers a way for specific users (members of the same group as the Tor process) to controel a system-wide Tor daemon. It would be great to have a similar access control mechanism for ControlSocket.
The attached patch is an attempt to implement such behaviour. It adds a new configuration option, UnixSocketsGroupWritable
, which when enabled, will make socket g+rw
upon creation.