Skip to content

GitLab

Trac
Trac

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Open
Opened by Trac@tracbot

obfsproxy: Add support for dropping privileges and chrooting

[PATCH 1/2] Make obfsproxy drop privileges if requested

Added --user and --group arguments which will make obfsproxy drop privileges
and switch to the given user/group.

The code for droping privileges is shamelessly taken from the Tor project and
adopted to obfsproxy.  The switch_id() function in src/common/compat.c was used.

Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
---
 configure.ac   |    3 +
 src/external.c |   16 +++++++-
 src/main.c     |  120 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 src/managed.c  |   10 +++++
 4 files changed, 147 insertions(+), 2 deletions(-)


[PATCH 2/2] Added support for chrooting obfsproxy

This patch adds --chroot=<dir> which will chroot the process as soon
as possible.

For more info about chrooting, see this URL:
<http://www.unixwiz.net/techtips/chroot-practices.html>

Signed-off-by: David Sommerseth <dazo@users.sourceforge.net>
---
 src/main.c |   27 +++++++++++++++++++++++++--
 1 files changed, 25 insertions(+), 2 deletions(-)

Trac:
Username: dazo

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information