Hello Gert, >> Dismiss the hole service starts openvpn in user context. It makes no >> sense.
> From a pure security perspective, you're right - maximum security would > be reached by running openvpn.exe in a completely unprivileged context > (unix way: chroot(/var/empty), setuid(nobody)) to make sure that any > possible bug that is network-exploitable cannot be used to gain access > to the system. You misunderstood me, the feature openvpn service creates openvpn process in user context didn't "work". It creates no additional security but instead lower it (the service has the privilege to spawn process in all user contexts). It has nothing to do with privilege seperation. My idea is the following: run openvpnhelperservice with "network operator privileges", run openvpn.exe als "local service", advance management interface to a point that is more usefull. Let a client run in users context that communicates via management interface. The execution of scripts can be done from client if it's something like pull git or connect to share. > Given that people have implemented all the script and plugin hooks because > someone actually *uses* them, taking this away would not be something > people like - so you want something that has flexibility, but does not > have "full system access" (unix: runs as root). Are there any plugins for windows? What do they do? Do the need to run in openvpn-context? greetings Carsten
