While this is arguably a misfeature, it's not like anyone reading the
documentation wouldn't know about it, and you have to explicitly enable
it. It does not seem too much of a problem to me.
Joachim
"Secure by default" is not just a catch phrase. it's a really good idea. By
making the default behaviour to be insecure (once enabled) the result will
be many more insecure sites than if it was secured (i.e. authentication
required) and had to be made insecure by design. Unfortunately although they
have disabled it by default, once enabled it presents a huge security hole
that most people would not expect. I would not expect an administrative
service to be completely lacking in security once enabled, I suspect others
are in the same boat.
As a developer:
If you disable it by default
And you make it use strong encryption such as TLS/SSL by default (linking to
OpenSSL isn't to terribly hard)
And you require a user account to be created and passworded, or provide the
ability to use PAM for example and require that a user belong to a specific
group (openvpnadmin for example)
Then you make it much more difficult for people to end up with an insecure
system.
-Kurt
