Hey Jason, Won't drag this already long and confusing thread out. Not challenging the current implementation, just the notion that any other suggestion is a dead end and the topic is closed.
I will continue to use wg daily and now add in the non-admin elements to test those out too. Appreciate the progress here and all that hard work. Phill On Sun, 29 Nov 2020 at 18:52, Jason A. Donenfeld <[email protected]> wrote: > > Hi Phillip, > > On Sun, Nov 29, 2020 at 2:40 PM Phillip McMahon > <[email protected]> wrote: > > I have been following the wider thread and maybe I misunderstood but > > believe the solution requires some registry tweaks and membership to > > the Network Operators Group, along with Windows Home requiring the > > creation of a group not officially supported on that platform. Correct > > or not? > > > > It was with all the in mind that I wrote the two points. > > I must admit I misunderstood your first message. Sorry for that. I > understand you now to be questioning two things: > > - That this is gated behind a registry key; > - That it works by using the network operators group. > > The first point is something I could imagine changing down the line as > we learn more about the NCO group's usage. To start, and for now, I > prefer to put "risky" settings behind a flag. > > But the latter point I'm much more hesitant to change. You recalled > that I was initially entirely wary of this feature all together. This > is true. It was only upon hearing the excellent idea of the NCO group > that it became tenable for me. The reason is that the NCO group is a > preexisting designation as part of the operating system that confers > these privileges. And there's an easy argument to be made that adding > the ability to stop/start tunnels does not add anything extra beyond > what NCO can already do (like changing IP addresses or disabling > adapters). Therefore, the brilliance of the NCO suggestion, in my > mind, was that we're not adding any additional holes to the Windows > security model. That makes it very compelling to me. > > It seems like you want to go back to challenge the initial hesitation > again: maybe we _should_ add additional caveats to the existing > Windows model, you suggest. Maybe. But if we can avoid doing so, I > really would prefer that, and it seems like NCO group strikes a good > balance. > > What's the situation you have in mind in which an administrator would > permit a user to enable and disable tunnels but would not permit the > other privileges conferred by NCO? What is the impedance mismatch that > you are thinking about? > > Jason -- Use this contact page to send me encrypted messages and files https://flowcrypt.com/me/phillipmcmahon P.S. Drowning in email? Try SaneBox and take back control: http://sanebox.com/t/old3m. I love it.
