Hi, > > Wasn't this changed in the latest version, allowing config files to be under > user home/profile directory? >
Nope, 2.4.3 refuses to run the openvpn.exe if --config points to an .ovpn file in the user home directory (namely user's temporary folder). I also did a brief openvpnserv source code audit not to find anything supporting it. If you add that option, that would void entire Interactive Service "security" scheme, wouldn't it? But that's what I wanted in the first place, as I believe Interactive Service "security" scheme makes no sense. Why does OpenVPN restrict non-admin users from using Interactive Service in the first place, while Windows' out-of-the-box VPN connects them just fine? If you are afraid a malware would start connecting - they already can: using Windows' VPN. Flushing ARP cache, client DNS registration, and other tasks OpenVPN can't perform as non-admin user is a technical issue of OpenVPN running in user space. Not a security one. Interactive Service overcomes that, but in the same time it assumes it's a security sensitive issue. This limitation can and will be turned off with one or another simple administrator task (performed by eduVPN setup). So, this is no biggie... Just me ranting. :) Best regards, Simon
smime.p7s
Description: S/MIME cryptographic signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel