Add a ControlPortFileGroupWritable option

7f654a6a · Nick Mathewson · dad12188 · 7f654a6a · 7f654a6a · 7f654a6a
Commit 7f654a6a authored May 12, 2011 by Nick Mathewson 👁
--- a/changes/feature3076
+++ b/changes/feature3076
@@ -7,5 +7,8 @@
      type.  This is useful for if the user has selected SocksPort
      "auto", and you need to know which port got chosen.
    - There is a ControlPortWriteToFile option that tells Tor to write
-      its actual control port or ports to a chosen file.
+      its actual control port or ports to a chosen file.  If the option
+      ControlPortFileGroupReadable is set, the file is created as
+      group-readable.
+

--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -196,6 +196,11 @@ Other options can be specified either on the command-line (--option
    this address.  Usable by controllers to learn the actual control port
    when ControlPort is set to "auto".

+**ControlPortFileGroupReadable** **0**|**1**::
+    If this option is set to 0, don't allow the filesystem group to read the
+    control port file. If the option is set to 1, make the control port
+    file readable by the default GID. (Default: 0).
+
 **DataDirectory** __DIR__::
    Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor)


--- a/src/or/config.c
+++ b/src/or/config.c
@@ -206,6 +206,7 @@ static config_var_t _option_vars[] = {
  V(ContactInfo,                 STRING,   NULL),
  V(ControlListenAddress,        LINELIST, NULL),
  V(ControlPort,                 PORT,     "0"),
+  V(ControlPortFileGroupReadable,BOOL,     "0"),
  V(ControlPortWriteToFile,      FILENAME, NULL),
  V(ControlSocket,               LINELIST, NULL),
  V(CookieAuthentication,        BOOL,     "0"),

--- a/src/or/control.c
+++ b/src/or/control.c
@@ -542,6 +542,14 @@ control_ports_write_to_file(void)
    log_warn(LD_CONTROL, "Writing %s failed: %s",
             options->ControlPortWriteToFile, strerror(errno));
  }
+#ifndef MS_WINDOWS
+  if (options->ControlPortFileGroupReadable) {
+    if (chmod(options->ControlPortWriteToFile, 0640)) {
+      log_warn(LD_FS,"Unable to make %s group-readable.",
+               options->ControlPortWriteToFile);
+    }
+  }
+#endif
  tor_free(joined);
  SMARTLIST_FOREACH(lines, char *, cp, tor_free(cp));
  smartlist_free(lines);

--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2876,6 +2876,8 @@ typedef struct {

  /** File where we should write the ControlPort. */
  char *ControlPortWriteToFile;
+  /** Should that file be group-readable? */
+  int ControlPortFileGroupReadable;

 } or_options_t;