David Zeuthen wrote: > On Mon, 2006-10-02 at 15:02 +1300, Steve Wray wrote: >> How about giving the option to pull in a regular, normal openvpn config >> file and stuff that into the NetworkManager settings? That would be just >> brilliant... >> >> Or even just to get NetworkManager to point at an openvpn config file >> (under 'advanced' with a 'browse for a file to use instead of the gconfd >> stuff')? >> >> I mean gconfd is all very well but actually using config files that the >> underlying software itself actually uses shouldn't be *too* hard eh? > > Hardly brilliant. It's waaay to dangerous to do that. At least if > openvpn is anything like vpnc where you can specify things like > "--script <command>". Allowing this basically gives the unprivileged > user at the desktop console root powers. As such it would be considered > an exploit. Hence why we're validating options we read from gconf.
openvpn runs in user space; when root runs it, it drops priviledges (usually to 'nobody') I believe that there is no need for priviledge escalation. It should be able to run with the priviledges of the user who invokes it. That said, I havn't tested this. Actually, I'd assumed that this is how NetworkManager actually operates with openvpn... I didn't notice it asking for the root password... > So the only sane way to fix this is do what Dan says; extend the > function nm_openvpn_config_options_validate() etc. etc. to only include > options that does not give the full power of root to the unprivileged > desktop user. > > David > > _______________________________________________ NetworkManager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
