mention socket perms and same-group requirement

This reflects the result of an email discussion between FD and CG.
author: Thien-Thi Nguyen <ttn@gnuvola.org> 2021-01-11 00:24:30 -0500
committer: Thien-Thi Nguyen <ttn@gnuvola.org> 2021-01-11 00:24:30 -0500
commit: be4b567666c0f05a68be01ec20b2e81212a32a2f (patch)
tree: 55160745a32e2aa043f263dffed5d9f5b1c3f98a
parent: 02a00c78cfae37e18c613d606ef24b92df927dc3 (diff)
download: docs-be4b567666c0f05a68be01ec20b2e81212a32a2f.tar.gz
docs-be4b567666c0f05a68be01ec20b2e81212a32a2f.tar.bz2
docs-be4b567666c0f05a68be01ec20b2e81212a32a2f.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/taler-exchange-manual.rst b/taler-exchange-manual.rst
index 2d47671..79a3bdf 100644
--- a/taler-exchange-manual.rst
+++ b/taler-exchange-manual.rst
@@ -234,6 +234,9 @@ integration support.
 Functionality
 ^^^^^^^^^^^^^
 
+The UNIX domain sockets have mode 0620 (u+rw, g+w).  The exchange process
+MUST be in the same group as the the crypto helper processes.
+
 The two helper processes will create the required private keys, and allow
 anyone with access to the UNIX domain socket to sign arbitrary messages with
 the keys or to inform them about a key being revoked.  The helper processes
author	Thien-Thi Nguyen <ttn@gnuvola.org>	2021-01-11 00:24:30 -0500
committer	Thien-Thi Nguyen <ttn@gnuvola.org>	2021-01-11 00:24:30 -0500
commit	be4b567666c0f05a68be01ec20b2e81212a32a2f (patch)
tree	55160745a32e2aa043f263dffed5d9f5b1c3f98a
parent	02a00c78cfae37e18c613d606ef24b92df927dc3 (diff)
download	docs-be4b567666c0f05a68be01ec20b2e81212a32a2f.tar.gz docs-be4b567666c0f05a68be01ec20b2e81212a32a2f.tar.bz2 docs-be4b567666c0f05a68be01ec20b2e81212a32a2f.zip