Hi, On Tue, Apr 24, 2018 at 10:16:36PM +0200, Christian Hesse wrote: > No need to have root involved. Sounds good?
This is not our traditional approach of "give people rope to hang themselves
if they want so". So I'll NAK any patch that *requires* use of systemd,
capabilities and non-root users on Linux.
As an option, welcome.
(I'm not finding a really good reason right now why I would need to run
openvpn as root which couldn't be done with CAP_NET_ADMIN, so the
recommendation should certainly be "use non-root" - but then, we're not
enforcing --setuid today either)
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
