diff options
author | Christian Grothoff <christian@grothoff.org> | 2021-01-13 21:27:31 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2021-01-13 21:27:31 +0100 |
commit | 07752fe8a333bf2aff0b525a7e2db35202533a2c (patch) | |
tree | d7299cd4d425025cff03338a3455ba76d26c47e6 /design-documents/010-exchange-helpers.rst | |
parent | bc99e88764505e05ac35682d9791e70143243152 (diff) | |
parent | 96b81f6089bdcc330fbfb52336a8d6e828455761 (diff) | |
download | docs-07752fe8a333bf2aff0b525a7e2db35202533a2c.tar.gz docs-07752fe8a333bf2aff0b525a7e2db35202533a2c.tar.bz2 docs-07752fe8a333bf2aff0b525a7e2db35202533a2c.zip |
Merge branch 'master' of git+ssh://git.taler.net/docs
Diffstat (limited to 'design-documents/010-exchange-helpers.rst')
-rw-r--r-- | design-documents/010-exchange-helpers.rst | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/design-documents/010-exchange-helpers.rst b/design-documents/010-exchange-helpers.rst index a2999487..a304d8ec 100644 --- a/design-documents/010-exchange-helpers.rst +++ b/design-documents/010-exchange-helpers.rst @@ -42,6 +42,12 @@ running under a different user ID (UID), creating in effect a software security module. The exchange's HTTP process will be required to interact with those helpers via a UNIX domain socket. +Socket permission details: + +* The socket will be chmod 0620 (u+rw, g+w) regardless of umask. +* That the group is the same group of the crypto helpers must + still be ensured by the operator. + General design details: * The helpers will process requests from the exchange to sign and revoke keys. |