Re: [Openvpn-devel] OVPN Interactive Service for non-admin users

On Fri, Aug 11, 2017 at 10:05 AM, Simon Rozman via Openvpn-devel < openvpn-devel@lists.sourceforge.net> wrote: > > But that's what I wanted in the first place, as I believe Interactive > Service "security" scheme makes no sense. > > Why does OpenVPN restrict non-admin users from using Interactive

Re: [Openvpn-devel] OVPN Interactive Service for non-admin users

Hi, On Fri, Aug 11, 2017 at 6:21 AM, Pasi Kärkkäinen wrote: > Hi, > > On Wed, Aug 09, 2017 at 02:31:58PM +, Simon Rozman via Openvpn-devel > wrote: > >Hi! > > > >I am developing an eduVPN client for Windows. Imagine the eduVPN > client as > >a custom OpenVPN GUI.

Re: [Openvpn-devel] OVPN Interactive Service for non-admin users

Hi, > > Wasn't this changed in the latest version, allowing config files to be under > user home/profile directory? > Nope, 2.4.3 refuses to run the openvpn.exe if --config points to an .ovpn file in the user home directory (namely user's temporary folder). I also did a brief openvpnserv

Re: [Openvpn-devel] OVPN Interactive Service for non-admin users

Hi, On Wed, Aug 09, 2017 at 02:31:58PM +, Simon Rozman via Openvpn-devel wrote: >Hi! > >I am developing an eduVPN client for Windows. Imagine the eduVPN client as >a custom OpenVPN GUI. The client uses openvpn.exe for connecting, the >configuration file is provided by eduVPN

Re: [Openvpn-devel] OVPN Interactive Service for non-admin users

Hi, > But that would open the OpenVPN Interactive Service to any user and > application. This is why we would like your opinion first. > > Yes the service will then launch openvpn with arbitrary configs as any > user, but that is what you want isn't it? > > > > True, I want that indeed. I was

Re: [Openvpn-devel] OVPN Interactive Service for non-admin users

Hi Selva, Is there any specific reason, why Interactive Service is so paranoid, knowing that it launches openvpn.exe and all external scripts as the interactive user anyway? The service does privileged operations so some admin has to bless a user to allow certain options when launching

Re: [Openvpn-devel] OVPN Interactive Service for non-admin users

Hi Simon, Adding to what I wrote in my reply to your private email: > I am developing an eduVPN client for Windows. Imagine the eduVPN client as > a custom OpenVPN GUI. The client uses openvpn.exe for connecting, the > configuration file is provided by eduVPN server once user authenticates >

[Openvpn-devel] OVPN Interactive Service for non-admin users

Hi! I am developing an eduVPN client for Windows. Imagine the eduVPN client as a custom OpenVPN GUI. The client uses openvpn.exe for connecting, the configuration file is provided by eduVPN server once user authenticates using OAuth. User running the eduVPN client is not an administrator.