Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 120425 - openvpn user for running the openvpn process
Summary: openvpn user for running the openvpn process
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Core system (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Roy Marples (RETIRED)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-01-26 07:13 UTC by Matej Stepanek
Modified: 2006-05-09 02:24 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Matej Stepanek 2006-01-26 07:13:14 UTC 
After installing openvpn, /etc/passwd doesn't contain openvpn user. The default
configuration file contains user nobody to run under. I suggest user openvpn
to be added and the default configuration file patched to contain openvpn instead of nobody.

Using nobody decreases the security because if more programs use nobody, exploiting one means exploiting the other as well (for example the gained user can  stop and attach the process and read out key material from semiconductor memory).
Comment 1 Roy Marples (RETIRED) gentoo-dev 2006-05-09 02:24:59 UTC 
Fixed in openvpn-2.1_beta14