On Thu, Dec 12, 2019 at 8:12 PM zrm <z...@trustiosity.com> wrote: > It makes sense that users shouldn't be able to manipulate WireGuard > tunnels by default, but shouldn't it be possible to change the default > through something less drastic than giving the user full administrator > access?
I have no desire to add complex ACL schemes inside WireGuard. Catering to that kind of user demand inevitably results in a security disaster. Network and firewall config is an administrative task. Be administrator. If you want to do otherwise, you're free to run your own service that listens for commands on a named pipe with whatever ACLs you want. But the development of that kind of ACL'd backdoor is up to you and your organization. _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard