On Wed, Feb 29, 2012 at 12:16 PM, Heiko Hund <heiko.h...@sophos.com> wrote: > > On Tuesday 28 February 2012 18:38:57 Alon Bar-Lev wrote: > > > Even though, the new communication pipe between the "helper service" > > > and > > > openvpn.exe might gain more features with time, which might cover > > > much > > > of what the management interface provides today too. But we're _not_ > > > trying to kill the management interface. > > > > There is no need for the helper service. > > Nobody care if the openvpn daemon is running in privilege mode. > > The problem is the user interaction. > > So I would have avoided to invest resources at the daemon side and > > invest > > resources at proper UI. > > The idea to have the service do the privileged operations instead of just > starting openvpn as "Local System" (or whatever) came from the fear of > privilege escalation in the scripts that are run by openvpn. So, at least > I > care that it's not running in privilege mode. Your point is invalid. =P >
It all a matter of priorities and the ability to execute each. Implementing proper UI is the least effort and greatest benefit. That's said, Nobody claims the fact that openvpn runs the scripts is OK. Proper/simple solution would be to deligate script execution via the management interface, leaving the openvpn to be small and secured. Hence, there are several possible solutions for the same problem, while the monolithic approach suffers from disadvantages. Alon.
