Hello,
I haven't followed the netlink conversion in detail, so please
tell me if the following was already discussed and I've just
missed it.
On Mon, Apr 23, 2018 at 11:28:13AM +0200, Christian Hesse wrote:
> if ENABLE_SYSTEMD
> +if ENABLE_IPROUTE
> +SYSTEMD_USER=root
> +SYSTEMD_CAPS_OPTION=Capa
Hi,
I'm just wondering what happened to the proposed 2.4.6 release? Will it
come anytime soon?
Regards,
Simon
> Hi,
>
> Here's the summary of the IRC meeting.
> ---
>
> COMMUNITY MEETING
>
> Place: #openvpn-meeting on irc.freenode.net
> Date: Wednesday 18th Apr 2018
> Time: 11:30 CET (10:30 UTC)
Simon Ruderich on Tue, 2018/04/24 10:38:
> I haven't followed the netlink conversion in detail, so please
> tell me if the following was already discussed and I've just
> missed it.
No, it has not been discussed and needs a review.
> On Mon, Apr 23, 2018 at 11:28:13AM +0200, Christian Hesse wrot
Hi,
On Tue, Apr 24, 2018 at 11:33:19AM +0200, Simon Matter wrote:
> I'm just wondering what happened to the proposed 2.4.6 release? Will it
> come anytime soon?
Windows driver signing did not work as planned.
Right now it looks like "release will happen today", stay tuned :-)
gert
--
"If was o
On Tue, Apr 24, 2018 at 12:03:37PM +0200, Christian Hesse wrote:
> The above snippet holds code for both, netlink and iproute2 versions.
>
> The iproute2 version (that is what is used currently) uses systemd option
> "CapabilityBoundingSet" to limit the capabilities to the given set. If
> configure
Hi,
On 24/04/18 21:08, Simon Ruderich wrote:
>> I do not agree that the process is running with root privileges. It has some
>> extra capabilities, but it can not kill processes, fork away and change
>> cgroups, etc.
>> IMHO that is what we want to achieve.
>
> I disagree. A process with CAP_DAC_
Antonio Quartulli on Tue, 2018/04/24 23:08:
> OTOH I understand that there are people that don't care about having a
> working tunnel reconfiguration and are fine with starting openvpn as
> root (and then dropping privileges).
>
> For these people, adding the above capabilities results in giving
From: Selva Nair
The driver version (taken from the INF) and the file version of
tap0901.sys file (from its resource) will now display like
9.22.1.601.
The driver details tab will continue to show the text form of
the version as "major.minor.revision (major/minor)".
Eg., "9.22.1 (9/22)"
Signed-
Malformed input data on the service pipe towards the OpenVPN interactive
service (normally used by the OpenVPN GUI to request openvpn instances
from the service) can result in a double free() in the error handling code.
This usually only leads to a process crash (DoS by an unprivileged local
accou
Hi,
On Tue, Apr 24, 2018 at 10:25:20PM -0400, selva.n...@gmail.com wrote:
> From: Selva Nair
>
> The driver version (taken from the INF) and the file version of
> tap0901.sys file (from its resource) will now display like
> 9.22.1.601.
>
> The driver details tab will continue to show the text f
On Sat, Apr 14, 2018 at 3:26 AM, Gert Doering wrote:
> Malformed input data on the service pipe towards the OpenVPN interactive
> service (normally used by the OpenVPN GUI to request openvpn instances
> from the service) can result in a double free() in the error handling code.
>
> This usually o
Your patch has been applied to the master and release/2.4 branch.
commit 1394192b210cb3c6624a7419bcf3ff966742e79b (master)
commit da242af8d3750a231bfd687d0a92cf2004dae988 (release/2.4)
Author: Gert Doering
Date: Sat Apr 14 09:26:17 2018 +0200
Fix potential double-free() in Interactive Serv
Hi,
On Sat, Apr 14, 2018 at 09:26:17AM +0200, Gert Doering wrote:
> Malformed input data on the service pipe towards the OpenVPN interactive
> service (normally used by the OpenVPN GUI to request openvpn instances
> from the service) can result in a double free() in the error handling code.
[..]
13 matches
Mail list logo
