Joey Hess wrote: > drwxr-xr-x root root /var/lib/tor_hidden_service_sockets > drwxr-x--- joey debian-tor /var/lib/tor_hidden_service_sockets/joeyservice > -rw-r----- joey debian-tor > /var/lib/tor_hidden_service_sockets/joeyservice/socket
Actually, I can't create a socket file owned by debian-tor, and I need to be the one to create the socket (when my hidden service binds it). So, it would really look like this: drwxr-xr-x root root /var/lib/tor_hidden_service_sockets drwxr-x--- joey debian-tor /var/lib/tor_hidden_service_sockets/joeyservice -rw-r--r-- joey joey /var/lib/tor_hidden_service_sockets/joeyservice/socket This still only lets debian-tor read from the socket due to the permissions of the directory, which is good. -- see shy jo
signature.asc
Description: PGP signature