On Tue, Apr 08, 2025 at 08:32:24AM -0400, Nick Mathewson via tor-dev wrote: > > Is tor able to use secondary groups? > > Hm. In src/lib/process.setuid.c, it looks like we're only calling > setgroups() with a single gid from the password database, not with any > additional groups. So I don't think the C tor implementation is set > up to handle _switching_ to secondary groups when you're telling it to > setuid.
I believe that choice was intentional because of security, long ago. The man page for the User torrc option says "On startup, setuid to this user and setgid to their primary group." More details at https://bugs.torproject.org/tpo/core/tor/848 including some useful insights from Steven Murdoch at the time. --Roger _______________________________________________ tor-dev mailing list -- tor-dev@lists.torproject.org To unsubscribe send an email to tor-dev-le...@lists.torproject.org
