Home Explore Help
Register Sign In
OpenWrt
/
openwrt
mirror of https://github.com/openwrt/openwrt.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

openvpn: let instances drop to nobody in default config.

This is for security precautions.  As persist_tun and persist_key are
already there, this should not cause compatibility issue.

Signed-off-by: Yousong Zhou <[email protected]>

SVN-Revision: 45961
Felix Fietkau 10 years ago
parent
3f726e7b2e
commit
2c9fbdf0bc
1 changed files with 2 additions and 0 deletions
Split View Show Diff Stats
  1. 2 0
      package/network/services/openvpn/files/openvpn.config

+ 2 - 0
package/network/services/openvpn/files/openvpn.config
View File 

@@ -253,6 +253,7 @@ config openvpn sample_server
 
 	# of the privilege downgrade.
 
 	option persist_key 1
 
 	option persist_tun 1
 
+	option user nobody
 
 
 	# Output a short status file showing
 
 	# current connections, truncated
 
@@ -337,6 +338,7 @@ config openvpn sample_client
 
 	# Try to preserve some state across restarts.
 
 	option persist_key 1
 
 	option persist_tun 1
 
+	option user nobody
 
 
 	# If you are connecting through an
 
 	# HTTP proxy to reach the actual OpenVPN