On Fri, 2011-07-15 at 01:38 +0000, openconnect at lakedaemon.net wrote:
>
> + if(strcmp("--passwd-on-stdin", argv[i]) == 0) {
> + data = strdup(argv[i + 1]);
> + i++;
Seriously, just *don't* support that. The only invocation of openconnect
that you ever want mtp to do is
openconnect --cookie-on-stdin $HOSTNAME:$PORT --servercert $FINGERPRINT
Four fixed arguments (including the cookie). And maybe --script would be
a fifth.
Note also that if you really want privilege separation so openconnect
doesn't run as root, you need to:
- Set up the tun device for it in advance (TUNSETPERSIST, TUNSETOWNER)
- Arrange for the routing setup to be done somewhere other than in the
script that it spawns. That script obviously won't have root privs
*either*, so won't be allowed to configure the network. In the
NetworkManager case, the --script argument points to a simple DBus
client that sends all the information back to NetworkManager, which
does the setup accordingly.
--
dwmw2
