2018-01-18 22:11 GMT+05:00 Selva Nair <selva.n...@gmail.com>:
>
> On Thu, Jan 18, 2018 at 3:49 AM, Илья Шипицин <chipits...@gmail.com>
> wrote:
>
>> Hello,
>>
>> changes https://github.com/OpenVPN/openvpn-gui/pull/197 actually make
>> openvpn-gui less dependent on registry
>>
>>
>> we sometimes see similar issue with interactive service:
>>
>> openvpnserv error: Не удается найти указанный файл. (0x2) Error querying
>> registry value: HKLM\SOFTWARE\OpenVPN\exe_path
>>
>> (I've no idea why "exe_path" was deleted)
>>
>> @selvanair , what do you think if we'll try to guess exe_path by picking
>> directory from where openvpnserv was started ? (it is a good guess to
>> assume openvpn.exe is in the same directory)
>>
>
> Patch 86 (https://patchwork.openvpn.net/patch/86/) does this. The only
> registry key that will be required would be HKLM\Software\OpenVPN whose
> default value should point to the installation directory.
>
> One of the security features of the service is that it starts only
> "authorized" openvpn.exe executables -- so we need to have at least the
> installed location set by the admin. Then we can safely guess the rest of
> the parameters if not explicitly set. Eliminating all registry dependence
> wouldn't be safe for the service.
>
I do not think that speciying a path is somewhat related to security (for
example, I can put a malware named "openvpn.exe" in that path).
However, patch is very good, why is it still not applied ?
>
> That wouldn't fix issues faced by users who delete registry keys or use
> non-standard installation methods. Generally those are power users who can
> fix things on their own. If not, just ask them to re-install openvpn.
>
as those users say, they do not delete anything. it happens after "install
windows updates" + "reboot"
(there was an earlier case with running ccleaner, which wipes registry in
random way)
>
> Selva
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
