Antonio Quartulli <a...@unstable.cc> on Tue, 2018/04/24 23:08: > OTOH I understand that there are people that don't care about having a > working tunnel reconfiguration and are fine with starting openvpn as > root (and then dropping privileges). > > For these people, adding the above capabilities results in giving the > openvpn process more power than before. > > Maybe users willing to adopt this stricter behaviour should have a knob > somewhere that will enable the usual > run-as-root-and-then-drop-priv-with-no-caps?
NAK. :-p
I think the solution for this dilemma is pretty easy: I should strip the part
from my patch that disables user switching when started from systemd. We can
start as user "openvpn" any way - as long as the process has capabilities
CAP_SETGID and CAP_SETUID it still can switch user context and drop
privileges.
So users have two options: keep the process running as user "openvpn" with
capabilities for more flexibility or switch to unprivileged user for more
security.
No need to have root involved. Sounds good?
--
main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH"
"CX:;",b;for(a/* Best regards my address: */=0;b=c[a++];)
putchar(b-1/(/* Chris cc -ox -xc - && ./x */b/42*2-3)*42);}
pgpCuVux2kjDG.pgp
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
