Il 24/08/2016 16:25, Jan Just Keijser ha scritto: >> Iservice works like this (we have a documentation page coming, but that's >> not there yet) >> >> - the GUI runs as "me" (gert) >> - the iservice runs as "local service", maximum privileges >> - the GUI connects to the iservice, and asks it "run openvpn.exe with >> the following arguments, using the credentials of the user the GUI >> runs >> with" (windows can do this - pass credentials across a pipe, which >> you >> can't fake) >> - the iservice forks openvpn.exe, and runs this as user (gert), and >> keeps a "service pipe" between iservice and openvpn.exe >> - if openvpn.exe wants to do ifconfig/route/dns stuff, it sends these >> as requests over the service pipe to the iservice, who will then >> execute them (and clean up should openvpn crash) >> - --up scripts are run by openvpn.exe itself, which is already running >> as "gert", so, all privileges are nicely in place >> >> so this cannot be used anymore for privilege escalation to admin (by >> running an --up script from openvpn which is run-as-admin). >> > thanks for your explanation - all clear to me now. All we have to do now > is to document this and add some tests to the buildbot ;) >
And why have perfectly good explanation get lost in the depths of a mailing list archive: <https://community.openvpn.net/openvpn/wiki/OpenVPNInteractiveService> Feel free to improve further :) -- Samuli Seppänen Community Manager OpenVPN Technologies, Inc irc freenode net: mattock ------------------------------------------------------------------------------ _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel