Hi, On 13-07-18 16:16, [email protected] wrote: > From: Selva Nair <[email protected]> > > The error is treated as a warning only if its triggered due > to script_security < SSEC_SCRIPTS. > > This helps user interfaces enforce a safer script-security setting > without causing a FATAL error.
But does it make sense at all to accept configs that have a --up script without a sufficiently-high script-security set? I do agree that the current place where the code checks this not nice, so maybe we should perform this check somewhere in the options_postprocess_verify* functions? That way we error out early, instead of only when trying to execute the script. -Steffan _______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
