On Thu, Jun 15, 2017 at 8:32 AM, David Sommerseth <
open...@sf.lists.topphemmelig.net> wrote:
> On 13/06/17 22:51, Selva Nair wrote:
> > It takes only a few line sof code to exploit this on XP -- I have not
> > been able to exploit this on Vista but not 100% sure it has been
> > fixed for good on Vista+.
>
> But do we really care much for anything older than Win7 these days? For
> v2.3, perhaps yes - but v2.4 is the one introducing the interactive
> service.
Even so, I think its still prudent to err on the side of caution and not
allow a client running as admin hand out impersonation rights to a server
it connects to, unless some authentication could be put in place.
Note: Here client is the GUI and server is anything that listens on the
service named pipe --- which is normally the service, but could be a rogue
program. I'm being paranoid, and impersonation via named pipe is probably
secure in recent versions of Windows.
If the GUI is running as admin, so will openvpn and it then doesn't need
the service for any tasks. So no functionality is lost by not using the
service. However, running the GUI as admin is not a good idea, so a better
way would be to check whether iservice is available and if so drop
privileges and proceed. That way openvpn will also run with limited
privileges.
Indeed it would ease code maintenance if we can drop the numerous ways of
setting routes etc. and exclusively use the service. Until that becomes
acceptable, the use of iservice while admin brings in little benefit, if
any.
Selva
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
