From: Selva Nair <[email protected]> Access is restricted to SYSTEM and pipe client user (the user starting openvpn.exe). The default is full access to Administrtors, owner, and read access to everyone. This hardens the pipe further.
Change-Id: I8aa1cf1585e2320fca9329bdd0227976606fe71e Signed-off-by: Selva Nair <[email protected]> Acked-by: Gert Doering <[email protected]> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1397 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1397 This mail reflects revision 2 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering <[email protected]> diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c index 7a0a075..4583077 100644 --- a/src/openvpnserv/interactive.c +++ b/src/openvpnserv/interactive.c @@ -3418,9 +3418,26 @@ GetCurrentThreadId(), pipe_uuid_str); RpcStringFree(&pipe_uuid_str); + /* make a security descriptor for the named pipe with access + * restricted to the user and SYSTEM + */ + + SECURITY_ATTRIBUTES sa; + PSECURITY_DESCRIPTOR pSD = NULL; + LPCWSTR szSDDL = L"D:(A;;GA;;;SY)(A;;GA;;;OW)"; + if (!ConvertStringSecurityDescriptorToSecurityDescriptorW( + szSDDL, SDDL_REVISION_1, &pSD, NULL)) + { + ReturnLastError(pipe, L"ConvertSDDL"); + goto out; + } + sa.nLength = sizeof(sa); + sa.lpSecurityDescriptor = pSD; + sa.bInheritHandle = FALSE; + ovpn_pipe = CreateNamedPipe( ovpn_pipe_name, PIPE_ACCESS_DUPLEX | FILE_FLAG_FIRST_PIPE_INSTANCE | FILE_FLAG_OVERLAPPED, - PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_WAIT | PIPE_REJECT_REMOTE_CLIENTS, 1, 128, 128, 0, NULL); + PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_WAIT | PIPE_REJECT_REMOTE_CLIENTS, 1, 128, 128, 0, &sa); if (ovpn_pipe == INVALID_HANDLE_VALUE) { ReturnLastError(pipe, L"CreateNamedPipe"); _______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
