On Sat, 17 Oct 2015 21:50:22 +0200
"Lukasz K." wrote:
> On Mon, 5 Oct 2015 21:43:23 +0200
> Steffan Karger wrote:
>
> > Thanks. This version looks good to me, but the patch won't apply.
> > Most likely your MUA messed up line wrapping. Could you resend
quested).
I'm sorry for the delay, I was unavailable lately.
Lukasz K.
From 35d268234fc65b75239b2dff8f9eb15c8c4a642a Mon Sep 17 00:00:00 2001
From: Lukasz Kutyla
List-Post: openvpn-devel@lists.sourceforge.net
Date: Sat, 17 Oct 2015 21:15:15 +0200
Subject: [PATCH] Fix privilege drop if firs
truct context_0
{
/* workspace for --user/--group */
bool uid_gid_specified;
- bool uid_gid_set;
+ /* helper to tell us whether we should keep trying to drop
privileges */
+ bool uid_gid_chroot_set;
struct platform_state_user platform_state_user;
struct platform_state_group platform_state_group;
};
--
Lukasz K.
pgpTkIF66sVH0.pgp
Description: OpenPGP digital signature
e function related like "context_0.uid_gid_chroot_set", to
make it more obvious for people who would look at the code in the
future that this member is actually meant for the function in general,
not only a certain part of it (UID/GID).
Lukasz K.
pgpLSptMPG7ZU.pgp
Description: OpenPGP digital signature
Hello,
On Sun, 30 Aug 2015 22:37:49 +0200
Gert Doering wrote:
> Hi,
>
> On Sun, Aug 30, 2015 at 04:25:34PM +0200, Lukasz K. wrote:
> > - if (c->first_time && c0 && !c0->uid_gid_set)
> > + if (c0 && !c0->uid_gid_set)
> >
Hello,
On Sun, 30 Aug 2015 13:54:44 +0200
Gert Doering wrote:
> Hi,
>
> On Sun, Aug 30, 2015 at 12:23:36AM +0200, Lukasz K. wrote:
> > Author: Lukasz Kutyla
> >
> > Interruption in first connection will prevent further privilege
> > dropping
>
> Whic
Author: Lukasz Kutyla
Interruption in first connection will prevent further privilege dropping
OpenVPN does not drop privileges (UID/GID/chroot) as requested
according to the configuration file and/or passed arguments if the first
connection is not established successfully, this also includes ap
