|
|
On Tue, Feb 03, 2004 at 04:50:25PM +0100, christian laubscher wrote:
> is there a possibility to enjoy successful ping restarts besides
> letting run openvpn as root or using a 'noprivileged' socket (ie
Just curious: why not just use a nonprivileged socket? What do you gain
from using a low port? Once your port is bound, no one else will be able
to bind it. AFAICT you're only avoiding the small likelihood of a non-
root user binding that port before you can ... ahhh, and maybe such an
attacker could intercept traffic from the peer? Is that it?
If so my choice would be to get rid of the untrusted shell accounts on
the VPN server. :) If that's not easily done, perhaps something like I
do: user-mode Linux?
Rob - /dev/rob0
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|