tor/bug11946 at 2d21a8f4d6f8b010f74d80c5abe969d3e0508460 - tor - Git with a cup of Datura seeds

nihilist/tor

mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 21:23:58 +01:00

Nick Mathewson 9b4ac986cb Use tor_getpw{nam,uid} wrappers to fix bug 11946

When running with User set, we frequently try to look up our
information in the user database (e.g., /etc/passwd).  The seccomp2
sandbox setup doesn't let us open /etc/passwd, and probably
shouldn't.

To fix this, we have a pair of wrappers for getpwnam and getpwuid.
When a real call to getpwnam or getpwuid fails, they fall back to a
cached value, if the uid/gid matches.

(Granting access to /etc/passwd isn't possible with the way we
handle opening files through the sandbox.  It's not desirable either.)

2014-05-14 13:53:14 -04:00

6 lines

209 B

Plaintext

Raw Blame History

   o Minor bugfixes (sandbox):
     - Handle failures in getpwnam()/getpwuid() when running with the
       User option set and the Linux syscall sandbox enabled. Fixes bug
 ; bugfix on 0.2.5.1-alpha.