Op 2011-08-27T15:22:53+0000 schreef Jaap van Wingerde
<mailinglists@vanwingerde.net> in bericht
<[🔎] 20110827152253.696dd3f1@jaap.jaap.custard.shrl.nl>, inzake "openvpn
script", het volgende:
> Hoe los ik dit op?
Ik heb nog even geëxperimenteerd met "script-security-level 2 system",
maar dat hielp niet.
<http://openvpn.net/index.php/open-source/documentation/manuals/69-openvpn-21.html>
"--script-security level [method]
This directive offers policy-level control over OpenVPN's usage of
external programs and scripts. Lower level values are more
restrictive, higher values are more permissive. Settings for level:
0 -- Strictly no calling of external programs.
1 -- (Default) Only call built-in executables such as ifconfig, ip,
route, or netsh. 2 -- Allow calling of built-in executables and
user-defined scripts. 3 -- Allow passwords to be passed to scripts
via environmental variables (potentially unsafe).
The method parameter indicates how OpenVPN should call external
commands and scripts. Settings for method:
execve -- (default) Use execve() function on Unix family OSes and
CreateProcess() on Windows. system -- Use system() function
(deprecated and less safe since the external program command line
is subject to shell expansion).
The --script-security option was introduced in OpenVPN 2.1_rc9. For
configuration file compatibility with previous OpenVPN versions,
use: --script-security 3 system"
--
Jaap van Wingerde
e-mail: 1234567890@vanwingerde.net
web: http://jaap.vanwingerde.net/
Attachment:
signature.asc
Description: PGP signature