Wyllys Ingersoll wrote:
>
> I exchanged email with the lead engineer for the Tor project and he told
> me that
> Tor will use whatever it considers reasonable defaults if it doesn't
> find a config file (/etc/torrc). So, instead of delivering a sample
> config file, I think it is better to deliver a working config file in
> /etc/torrc with 2 ports enabled by default - 9050 for socks, and 9001
> for the standard Tor relay connections. I will not deliver the sample
> file.
> Also, Tor may be configured to listen on privileged ports such as 443 if
> it is set up as a bridge relay, so it will need the priv_net_privaddr
> privilege in addition to the "basic" set, I will add this to the
> /usr/lib/tor entry in /etc/security/exec_attr.
>
I'm confused. Isn't /usr/lib/tor started by an SMF service? I would
think you'd need to specify the privilege in the service manifest rather
than exec_attr.
Scott
--
Scott Rotondo
Principal Engineer, Solaris Security Technologies
President, Trusted Computing Group
Phone/FAX: +1 408 850 3655 (Internal x68278)
