On 6/21/18 8:41 PM, Jason A. Donenfeld wrote:
So, the question we need to ask is whether this problem is important enough that these useful features should be_removed_? Or if there's a way to make them safer? Or if it just doesn't matter that much and we shouldn't do anything.
We use wg-quick with PostUp/PostDown/PreUp/PreDown and would prefer that feature be retained.
However, looking ahead I believe Wireguard's speed, simplicity, and simple, straightforward configuration and operation is going to attract marginally competent amateur users that definitely do not qualify as a system or network admin.
So, while it should be obvious, it wouldn't hurt to add a short warning (in bold) to the wg-quick man page that lets these "amateur" users know of the potential danger. Something along the lines of "Using a config written by someone else that you do not understand and have not vetted for security is stupid and can be dangerous. For example, the PostUp/PostDown/PreUp/PreDown commands can be used to enable malicious code. So always be certain your configuration and the code it executes does only what you expect."
Sincere regards, -- Andy Dorman Ironic Design, Inc. AnteSpam.com _______________________________________________ WireGuard mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/wireguard
