From: Antonio Quartulli <a@unstable.cc>
To: Jordan Glover <Golden_Miller83@protonmail.ch>
Cc: "baines.jacob@gmail.com" <baines.jacob@gmail.com>,
WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: PostUp/PreUp/PostDown/PreDown Dangerous?
Date: Fri, 22 Jun 2018 18:53:27 +0800 [thread overview]
Message-ID: <6645df4c-3f98-6df9-fc48-6748ad4d6c00@unstable.cc> (raw)
In-Reply-To: <CgE9_flxwDk6vYs9xSAoTvLJp5qHdNF20xieK4syAMzldOBqEq5lZ3gZN77A7ambiqtFeuBfm-jXarYLMvcY4LAn1aC9ub1su871JPhDpUo=@protonmail.ch>
[-- Attachment #1.1: Type: text/plain, Size: 1568 bytes --]
On 22/06/18 18:46, Jordan Glover wrote:
> On June 22, 2018 3:56 AM, Antonio Quartulli <a@unstable.cc> wrote:
>>
>> In case this might be useful: in OpenVPN there is an additional
>>
>> parameter called "--script-security" that requires to be set to a
>>
>> certain level before allowing configured scripts to be executed.
>>
>> Unfortunately there is no real protection against the clueless user, who
>>
>> can and will blindly enable that setting if asked by a $random VPN provider.
>>
>> However, I still believe (and hope) that forcing the user to enable a
>>
>> specific knob may raise the level of attention.
>>
>> Maybe something similar could be added as a command line parameter to
>>
>> wg/wg-quick so that it will execute the various
>>
>> PostUp/PreUp/PostDown/PreDown only if allowed to?
>>
>> Just as a side note: this is not a VPN specific problem, this is
>>
>> something users can end up with everytime they execute some binary with
>>
>> a configuration they have not inspected. So, be careful out there ;-)
>>
>> Cheers,
>>
>
> Attacker can pass appropriate "--script-security" level with the very same config
> containing malicious commands so this isn't solving problem of not looking at
> the content of config files.
that's why I suggested to implement it as a command line knob for
wg/wg-quick.
But I totally agree with you that against this kind of issues there is
not really a lot the developer can do - each of us is free to shoot
himself in the foot.
Regards,
--
Antonio Quartulli
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2018-06-22 10:48 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-22 1:34 PostUp/PreUp/PostDown/PreDown Dangerous? Jason A. Donenfeld
2018-06-22 1:35 ` Jason A. Donenfeld
2018-06-22 1:41 ` Jason A. Donenfeld
2018-06-22 1:55 ` logcabin
2018-06-22 1:56 ` Antonio Quartulli
2018-06-22 10:46 ` Jordan Glover
2018-06-22 10:53 ` Antonio Quartulli [this message]
2018-06-22 13:08 ` Jacob Baines
2018-06-22 14:47 ` Andy Dorman
2018-06-22 15:14 ` Matthias Urlichs
2018-06-22 17:11 ` Jason A. Donenfeld
2018-06-22 4:01 ` Matthias Urlichs
2018-06-22 5:44 ` Reto Brunner
2018-06-22 14:07 ` Andy Dorman
2018-06-23 19:16 ` Reto Brunner
2018-06-22 19:26 ` Lonnie Abelbeck
2018-06-22 22:13 ` Jordan Glover
2018-06-23 2:36 ` Antonio Quartulli
2018-06-23 7:02 ` Dario Bosch
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6645df4c-3f98-6df9-fc48-6748ad4d6c00@unstable.cc \
--to=a@unstable.cc \
--cc=Golden_Miller83@protonmail.ch \
--cc=baines.jacob@gmail.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.