On June 22, 2018 3:56 AM, Antonio Quartulli <a...@unstable.cc> wrote: > > In case this might be useful: in OpenVPN there is an additional > > parameter called "--script-security" that requires to be set to a > > certain level before allowing configured scripts to be executed. > > Unfortunately there is no real protection against the clueless user, who > > can and will blindly enable that setting if asked by a $random VPN provider. > > However, I still believe (and hope) that forcing the user to enable a > > specific knob may raise the level of attention. > > Maybe something similar could be added as a command line parameter to > > wg/wg-quick so that it will execute the various > > PostUp/PreUp/PostDown/PreDown only if allowed to? > > Just as a side note: this is not a VPN specific problem, this is > > something users can end up with everytime they execute some binary with > > a configuration they have not inspected. So, be careful out there ;-) > > Cheers, >
Attacker can pass appropriate "--script-security" level with the very same config containing malicious commands so this isn't solving problem of not looking at the content of config files. I think blindly using untrusted files from the web is indefensible. Sure, we could throw away this functionality completely but then we will punish people who bother to look at the configs before using them and make their life little harder while the others will still find their footgun somewhere else as this is rather generic issue not limited to wireguard or even networking. Jordan _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard