This is another "developed in secrecy on the security@ mailing list" patch, because it has security implications.
It affects windows builds, where it is possible to have two different processes provide a pipe with the same name (ewwww!), and a connecting client will might not end up at the interactive service but at "some random process". This is not a major issue in itself, but the GUI sends a "user credentials token" (so openvpn.exe can be run as "normal user" later on) and this can be abused by a malicious process to get access to the user running openvpn-gui.exe - now, it's a somewhat theoretical attack (malicious software having sufficient privileges to do use a user token, but not having either "that user access" or "system privs" to start with) - but it's worth fixing. So, just stay calm, don't panic, and upgrade to 2.6.11 ;-) I have not tested this beyond "does it compile?" on a local ubuntu/mingw build and on GHA. Lev, Selva and Heiko did all the grunt work on coming up with a solution and testing the patch. Your patch has been applied to the release/2.6 branch. A rebase to master is in the works (this conflicted with the snprintf() cleanup patch, which is "only in master" and was merged right after *this* was developed and tested). Backport to release/2.5 is not fully straightforward either - there have been a number of fixes to interactive.c, and not all of them have been backported. OTOH, we do not intend to provide 2.5.x windows binaries ever again (and said so at 2.5.10 release), so now is the time to upgrade your windows clients to 2.6.x commit 51301eb6c233c284270e3f4ed0c7f5781f2b5c62 (release/2.6) Author: Lev Stipakov Date: Wed Jun 19 16:44:23 2024 +0300 interactive.c: Improve access control for gui<->service pipe Signed-off-by: Lev Stipakov <l...@openvpn.net> Acked-by: Selva Nair <selva.n...@gmail.com> Message-Id: <20240619134451.222-1-...@openvpn.net> URL: https://www.mail-archive.com/search?l=mid&q=20240619134451.222-1-...@openvpn.net Signed-off-by: Gert Doering <g...@greenie.muc.de> -- kind regards, Gert Doering _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel