Hi On Mon, Feb 18, 2019 at 9:24 AM Gert Doering <g...@greenie.muc.de> wrote:
> Hi, > > On Sat, Feb 16, 2019 at 08:55:41PM -0500, selva.n...@gmail.com wrote: > > From: Selva Nair <selva.n...@gmail.com> > > > > - Add a new return value (-2) for openvpn_execve() when external > > program execution is not allowed due to a low script-security > > setting. > > > > - Add a corresponding error message > > I find this a useful way forward (because it will not introduce new FATALs > where we had none before, just make the errors more clear). > > Since David had reservations on the other patch, I want to have explicit > agreement from him before going on - and will poke on IRC to make sure I > get attention. > Just to be explicit: Since David pointed out the "regressive" nature of the earlier patch, I too have reservations about it, and prefer this approach. Nevertheless, as we agreed to tag 2.4.7 *today* to make the release tomorrow > and meet the Debian deadline, I will not include this in 2.4.7. The planned script-security over-ride feature in the GUI is pretty intrusive. Taking time to give it more thought, and preferably get some user feedback, is not a bad thing. Selva
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel