hak5
/
openwrt-owl
mirror of https://github.com/hak5/openwrt-owl.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

openvpn: let instances drop to nobody in default config. 

This is for security precautions.  As persist_tun and persist_key are
already there, this should not cause compatibility issue.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

SVN-Revision: 45961
owl
Felix Fietkau 2015-06-14 17:41:43 +00:00
parent 3f726e7b2e
commit 2c9fbdf0bc
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/network/services/openvpn/files/openvpn.config
View File

@ -253,6 +253,7 @@ config openvpn sample_server
# of the privilege downgrade. # of the privilege downgrade.
option persist_key 1 option persist_key 1
option persist_tun 1 option persist_tun 1
option user nobody
# Output a short status file showing # Output a short status file showing
# current connections, truncated # current connections, truncated
@ -337,6 +338,7 @@ config openvpn sample_client
# Try to preserve some state across restarts. # Try to preserve some state across restarts.
option persist_key 1 option persist_key 1
option persist_tun 1 option persist_tun 1
option user nobody
# If you are connecting through an # If you are connecting through an
# HTTP proxy to reach the actual OpenVPN # HTTP proxy to reach the actual OpenVPN