diff options
author | Felix Fietkau <nbd@openwrt.org> | 2015-06-14 17:41:43 +0000 |
---|---|---|
committer | Felix Fietkau <nbd@openwrt.org> | 2015-06-14 17:41:43 +0000 |
commit | 2c9fbdf0bc7c9053ecbe362677b61e0278d6ac20 (patch) | |
tree | c5733b4f8bb490b6751d969f6a0d020acea8514e | |
parent | 3f726e7b2e113507b0359cb0161d253c6faab20a (diff) | |
download | upstream-2c9fbdf0bc7c9053ecbe362677b61e0278d6ac20.tar.gz upstream-2c9fbdf0bc7c9053ecbe362677b61e0278d6ac20.tar.bz2 upstream-2c9fbdf0bc7c9053ecbe362677b61e0278d6ac20.zip |
openvpn: let instances drop to nobody in default config.
This is for security precautions. As persist_tun and persist_key are
already there, this should not cause compatibility issue.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
SVN-Revision: 45961
-rw-r--r-- | package/network/services/openvpn/files/openvpn.config | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/package/network/services/openvpn/files/openvpn.config b/package/network/services/openvpn/files/openvpn.config index 5cf0ba6be6..3e053c36a9 100644 --- a/package/network/services/openvpn/files/openvpn.config +++ b/package/network/services/openvpn/files/openvpn.config @@ -253,6 +253,7 @@ config openvpn sample_server # of the privilege downgrade. option persist_key 1 option persist_tun 1 + option user nobody # Output a short status file showing # current connections, truncated @@ -337,6 +338,7 @@ config openvpn sample_client # Try to preserve some state across restarts. option persist_key 1 option persist_tun 1 + option user nobody # If you are connecting through an # HTTP proxy to reach the actual OpenVPN |