]> git.ipfire.org Git - thirdparty/openvpn.git/commit
projects / thirdparty / openvpn.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 414f428) | patch
interactive.c: Improve access control for gui<->service pipe
authorLev Stipakov <lstipakov@gmail.com>
Wed, 19 Jun 2024 14:46:08 +0000 (17:46 +0300)
committerGert Doering <gert@greenie.muc.de>
Thu, 20 Jun 2024 09:19:39 +0000 (11:19 +0200)
commitbabf312ee0486e50ff1f7db5b544afc72ff7c922
tree8094fb6a12787aebd2c6f9f071cc736653a5add0tree
parent414f428fa29694090ec4c46b10a8aba419c85659commit | diff
interactive.c: Improve access control for gui<->service pipe

At the moment everyone but anonymous are permitted
to create a pipe with the same name as interactive service creates,
which makes it possible for malicious process with SeImpersonatePrivilege
impersonate as local user.

This hardens the security of the pipe, making it possible only for
processes running as SYSTEM (such as interactive service) create the
pipe with the same name.

While on it, replace EXPLICIT_ACCESS structures with SDDL string.

CVE: 2024-4877

Change-Id: I35e783b79a332d247606e05a39e41b4d35d39b5d
Reported by: Zeze with TeamT5 <zeze7w@gmail.com>
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Selva Nair <selva.nair@gmail.com>
Message-Id: <20240619144629.1718-2-lev@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28808.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
src/openvpnserv/interactive.c diff | blob | blame | history
Mirror of https://github.com/OpenVPN/openvpn.git