diff options
| author |   Matthias Maier <tamiko@gentoo.org> | 2014-11-21 23:51:23 +0000 |
|---|---|---|
| committer | Matthias Maier <tamiko@gentoo.org> | 2014-11-21 23:51:23 +0000 |
| commit | 0e4173b87fd62d49547249e40a2b008f81c2ede2 (patch) | |
| tree | f12b5aad53f77b599717b2f7a2957b5f59db52b6 /net-misc/tor | |
| parent | dev-util/gprof2dot: Fix use of python-r1 eclass (bug #528714) (diff) | |
| download | gentoo-2-0e4173b87fd62d49547249e40a2b008f81c2ede2.tar.gz gentoo-2-0e4173b87fd62d49547249e40a2b008f81c2ede2.tar.bz2 gentoo-2-0e4173b87fd62d49547249e40a2b008f81c2ede2.zip | |
set additional hardening options for tor.service file, wrt bug #529212
(Portage version: 2.2.14/cvs/Linux x86_64, signed Manifest commit with key BD3A97A3)
Diffstat (limited to 'net-misc/tor')
| -rw-r--r-- | net-misc/tor/ChangeLog | 10 | ||||
| -rw-r--r-- | net-misc/tor/files/tor.service | 13 | ||||
| -rw-r--r-- | net-misc/tor/tor-0.2.5.10-r3.ebuild (renamed from net-misc/tor/tor-0.2.5.10-r2.ebuild) | 2 | ||||
| -rw-r--r-- | net-misc/tor/tor-0.2.6.1_alpha-r3.ebuild (renamed from net-misc/tor/tor-0.2.6.1_alpha-r2.ebuild) | 2 |
4 files changed, 21 insertions, 6 deletions
diff --git a/net-misc/tor/ChangeLog b/net-misc/tor/ChangeLog index 7a45d9a99c8e..63b795270135 100644 --- a/net-misc/tor/ChangeLog +++ b/net-misc/tor/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for net-misc/tor # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/tor/ChangeLog,v 1.448 2014/11/20 14:41:41 blueness Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/tor/ChangeLog,v 1.449 2014/11/21 23:51:22 tamiko Exp $ + +*tor-0.2.6.1_alpha-r3 (21 Nov 2014) +*tor-0.2.5.10-r3 (21 Nov 2014) + + 21 Nov 2014; Matthias Maier <tamiko@gentoo.org> +tor-0.2.5.10-r3.ebuild, + +tor-0.2.6.1_alpha-r3.ebuild, -tor-0.2.5.10-r2.ebuild, + -tor-0.2.6.1_alpha-r2.ebuild, files/tor.service: + set additional hardening options for tor.service file, wrt bug #529212 *tor-0.2.5.10-r2 (20 Nov 2014) *tor-0.2.6.1_alpha-r2 (20 Nov 2014) diff --git a/net-misc/tor/files/tor.service b/net-misc/tor/files/tor.service index 9d84caa6f690..8fcc6740ed91 100644 --- a/net-misc/tor/files/tor.service +++ b/net-misc/tor/files/tor.service @@ -3,12 +3,19 @@ Description=The Onion Router [Service] ExecStartPre=/usr/bin/tor --verify-config -f /etc/tor/torrc -ExecStart=/usr/bin/tor --runasdaemon 0 -f /etc/tor/torrc -ExecStop=/bin/kill -INT $MAINPID +ExecStart=/usr/bin/tor --RunAsDaemon 0 -f /etc/tor/torrc ExecReload=/bin/kill -HUP $MAINPID +KillSignal=SIGINT TimeoutStopSec=32 LimitNOFILE=30000 -Group=tor + +# Hardening options: +CapabilityBoundingSet = CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE +PrivateTmp = yes +PrivateDevices = yes +ProtectHome = yes +ProtectSystem = full +NoNewPrivileges = yes [Install] WantedBy=multi-user.target diff --git a/net-misc/tor/tor-0.2.5.10-r2.ebuild b/net-misc/tor/tor-0.2.5.10-r3.ebuild index 00747bc6be52..e7f28de12442 100644 --- a/net-misc/tor/tor-0.2.5.10-r2.ebuild +++ b/net-misc/tor/tor-0.2.5.10-r3.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/tor/tor-0.2.5.10-r2.ebuild,v 1.1 2014/11/20 14:41:41 blueness Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/tor/tor-0.2.5.10-r3.ebuild,v 1.1 2014/11/21 23:51:22 tamiko Exp $ EAPI="5" diff --git a/net-misc/tor/tor-0.2.6.1_alpha-r2.ebuild b/net-misc/tor/tor-0.2.6.1_alpha-r3.ebuild index a0dfa826e04d..577cfb746ae3 100644 --- a/net-misc/tor/tor-0.2.6.1_alpha-r2.ebuild +++ b/net-misc/tor/tor-0.2.6.1_alpha-r3.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/tor/tor-0.2.6.1_alpha-r2.ebuild,v 1.1 2014/11/20 14:41:41 blueness Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/tor/tor-0.2.6.1_alpha-r3.ebuild,v 1.1 2014/11/21 23:51:22 tamiko Exp $ EAPI="5" |