Hi,
Some precisions on my last email below.
Alan <alan@???> wrote:
> intrigeri <intrigeri@???> wrote:
> > I can imagine that we have a totally separate backend that monitors
> > Tor's connectivity status
>
> Please note that I'm not aware of such a concept of "connectivity
> status" in Tor. If you know about it, don't hesitate to point me to
> relevant documentation.
>
There is a 'bootstrap-status' client status event (and associated
GETINFO) which gives information on the 1st bootstrap, but Tor doesn't
seem aware of lost connection (unless system clock jumps)
> An advantage if such an approach is that there is no reason why the
> DBus service would run the same unix user as the UI. So if the UI would
> only get its information from the DBus service, then we don't need any
> access to the Tor control port for the user running the UI.
>
Here is a diagram on what I though for more privilege separation:
control socket
Tor <----------------> TorMonitorD
^
debian-tor user |
.............................DBus............................
desktop user syetem bus
/ \
/ \
gnome-shell Tor Monitor
tor monitor application
extension
Pros:
- only one connection to the Tor daemon
- better isolation between the controller and X
Cons:
- much more complicated design
- more work to implement
