summaryrefslogtreecommitdiff
path: root/taler-exchange-manual.rst
diff options
context:
space:
mode:
authorThien-Thi Nguyen <ttn@gnuvola.org>2021-01-11 00:24:30 -0500
committerThien-Thi Nguyen <ttn@gnuvola.org>2021-01-11 00:24:30 -0500
commitbe4b567666c0f05a68be01ec20b2e81212a32a2f (patch)
tree55160745a32e2aa043f263dffed5d9f5b1c3f98a /taler-exchange-manual.rst
parent02a00c78cfae37e18c613d606ef24b92df927dc3 (diff)
downloaddocs-be4b567666c0f05a68be01ec20b2e81212a32a2f.tar.gz
docs-be4b567666c0f05a68be01ec20b2e81212a32a2f.tar.bz2
docs-be4b567666c0f05a68be01ec20b2e81212a32a2f.zip
mention socket perms and same-group requirement
This reflects the result of an email discussion between FD and CG.
Diffstat (limited to 'taler-exchange-manual.rst')
-rw-r--r--taler-exchange-manual.rst3
1 files changed, 3 insertions, 0 deletions
diff --git a/taler-exchange-manual.rst b/taler-exchange-manual.rst
index 2d47671..79a3bdf 100644
--- a/taler-exchange-manual.rst
+++ b/taler-exchange-manual.rst
@@ -234,6 +234,9 @@ integration support.
Functionality
^^^^^^^^^^^^^
+The UNIX domain sockets have mode 0620 (u+rw, g+w). The exchange process
+MUST be in the same group as the the crypto helper processes.
+
The two helper processes will create the required private keys, and allow
anyone with access to the UNIX domain socket to sign arbitrary messages with
the keys or to inform them about a key being revoked. The helper processes