Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 120425
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Roy Marples (RETIRED) <uberlord@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Matej Stepanek <dito2@centrum.cz>
Add CC:
CC:
URL:
Summary:
Status Whiteboard:
Keywords:

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 120425 depends on: Show dependency tree
Bug 120425 blocks:
Votes: 0    Show votes for this bug    Vote for this bug

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-01-26 07:13 0000 
After installing openvpn, /etc/passwd doesn't contain openvpn user. The default
configuration file contains user nobody to run under. I suggest user openvpn
to be added and the default configuration file patched to contain openvpn
instead of nobody.

Using nobody decreases the security because if more programs use nobody,
exploiting one means exploiting the other as well (for example the gained user
can  stop and attach the process and read out key material from semiconductor
memory).

------- Comment #1 From Roy Marples (RETIRED) 2006-05-09 02:24:59 0000 ------- 
Fixed in openvpn-2.1_beta14
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug