Hi Lev, On Tue, Nov 19, 2019 at 12:23 PM Lev Stipakov <lstipa...@gmail.com> wrote:
> Hi, > > Apart from the error message, there is a larger issue especially when we >> use iservice. In that case, we have to preserve privilege separation and >> allowing a user to open a device handle in use by another has to be avoided. >> > > Do you see it as a security issue when handle can be opened by another > process? > I don't know the internals of wintun to know that for sure. > > To read / write to tunnel one needs to register ring buffers, and this > call will fail for any other process. Am I missing something here? > Hopefully, Simon can confirm whether that provides a sufficient safety net. Selva
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
