control socket owned by root
when Tor creates a ControlSocket at startup it does so before dropping its privileges which causes the socket to be owned by root:
intrepid:/var/run/tor# ls -l control srw-rw---- 1 root debian-tor 0 Jun 17 23:08 control=
[this is 0.2.2.28 + 54d7d31c]
I would expect the socket to be owned by the user that Tor is running as.
(Obviously if one adds a second control socket at run time that one gets opened/created as and is owned by the tor user).
This isn't something we need to fix right away, but it does seem wrong.
Maybe one option is to create unix sockets after dropping privileges. But then we cannot create a socket in a root owned directory that we do not have write privileges too. (I don't think the current check_private_dir() check allos for directories like that but it could be argued it should.)
Another option would be to chown the socket. I wonder how portable that is tho.