"James Yonan" <j...@yonan.net> schreef in bericht news:491ca5bd.1010...@yonan.net... >
> I totally agree with you that we should not be breaking the semantics > for calling external programs, and it wasn't our intention to do so. > Our original hope was that the security benefits of migrating from > system() to execve() on unix and CreateProcess() on Windows could be > done transparently. But seeing that that's not the case, I would > suggest that we offer the previous system() semantics as a deprecated > option, using the syntax > > script-security <level> <mode> > > where mode is "execve" by default, (which means to use execve() on unix > family platforms or CreateProcess on Windows) or "system" which means to > use system(). > > This means that any OpenVPN config prior to 2.1_rc9 could continue to > use system() by adding: > > script-security 2 system > > OpenVPN would issue a warning about system() usage being deprecated, but > would continue to use pre-2.1_rc9 external program calling semantics. > > Comments? > > James > > Hello, Now it's possible again the use external programs with the "depreciated" option 'script-security 3 system'. I can finally upgrade form 2.1rc7 to 2.1rc15. But it's still not clear and I couldn't find what the correct new syntax would be. So in my (Windows) clients I want to add a registry setting on connecting to remove that setting a disconnection Until 2.1rc7 I used: up regedit -s addsettings.reg down regedit -s removesettings.reg How would be the syntax to used with the default option 'script-security 3 execve' be? regards, John > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's > challenge > Build the coolest Linux based applications with Moblin SDK & win great > prizes > Grand prize is a trip for two to an Open Source event anywhere in the > world > http://moblin-contest.org/redirect.php?banner_id=100&url=/