"James Yonan" <j...@yonan.net> schreef in bericht 
news:491ca5bd.1010...@yonan.net...
>

> I totally agree with you that we should not be breaking the semantics
> for calling external programs, and it wasn't our intention to do so.
> Our original hope was that the security benefits of migrating from
> system() to execve() on unix and CreateProcess() on Windows could be
> done transparently.  But seeing that that's not the case, I would
> suggest that we offer the previous system() semantics as a deprecated
> option, using the syntax
>
>   script-security <level> <mode>
>
> where mode is "execve" by default, (which means to use execve() on unix
> family platforms or CreateProcess on Windows) or "system" which means to
> use system().
>
> This means that any OpenVPN config prior to 2.1_rc9 could continue to
> use system() by adding:
>
>   script-security 2 system
>
> OpenVPN would issue a warning about system() usage being deprecated, but
> would continue to use pre-2.1_rc9 external program calling semantics.
>
> Comments?
>
> James
>
>
Hello,

Now it's possible again the use external programs with the "depreciated" 
option 'script-security 3 system'. I can finally upgrade form 2.1rc7 to 
2.1rc15. But it's still not clear and I couldn't find what the correct new 
syntax would be.

So in my (Windows) clients I want to add a registry setting on connecting to 
remove that setting a disconnection
Until 2.1rc7 I used:
up regedit -s addsettings.reg
down regedit -s removesettings.reg

How would be the syntax to used with the default option 'script-security 3 
execve' be?

regards,

John








>
> -------------------------------------------------------------------------
> This SF.Net email is sponsored by the Moblin Your Move Developer's 
> challenge
> Build the coolest Linux based applications with Moblin SDK & win great 
> prizes
> Grand prize is a trip for two to an Open Source event anywhere in the 
> world
> http://moblin-contest.org/redirect.php?banner_id=100&url=/ 




Reply via email to