[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-docs] 01/02: add subsection "Socket permission details"
From: |
gnunet |
Subject: |
[taler-docs] 01/02: add subsection "Socket permission details" |
Date: |
Mon, 11 Jan 2021 06:27:04 +0100 |
This is an automated email from the git hooks/post-receive script.
ttn pushed a commit to branch master
in repository docs.
commit 02a00c78cfae37e18c613d606ef24b92df927dc3
Author: Thien-Thi Nguyen <ttn@gnuvola.org>
AuthorDate: Mon Jan 11 00:18:27 2021 -0500
add subsection "Socket permission details"
This reflects the result of an email discussion between FD and CG.
---
design-documents/010-exchange-helpers.rst | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/design-documents/010-exchange-helpers.rst
b/design-documents/010-exchange-helpers.rst
index a299948..a304d8e 100644
--- a/design-documents/010-exchange-helpers.rst
+++ b/design-documents/010-exchange-helpers.rst
@@ -42,6 +42,12 @@ running under a different user ID (UID), creating in effect
a software
security module. The exchange's HTTP process will be required to interact
with those helpers via a UNIX domain socket.
+Socket permission details:
+
+* The socket will be chmod 0620 (u+rw, g+w) regardless of umask.
+* That the group is the same group of the crypto helpers must
+ still be ensured by the operator.
+
General design details:
* The helpers will process requests from the exchange to sign and revoke keys.
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.