Running OC as Root: Security Implications?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks David.

So, assuming there's no unknown security "bug" in OpenConnect, running
it as root introduces no additional vulnerabilities to internet
threats?

You mentioned that the Cisco client also runs as root.  Is this true,
even though a connection could be established by running the gui as a
normal (non-root) user?

Finally, what's the recommended way to terminate a VPN session
initiated form OpenConnect?  Ctrl-C?

OL


On Wed, Jun 27, 2012 at 3:51 AM, David Woodhouse <dwmw2 at infradead.org> wrote:
> Fairly much, yes. It's vaguely possible for someone with a packet
> sniffer in the path between you and the server to see your TCP or UDP
> traffic and maybe inject a packet ? but almost impossible for them to
> get the MAC on that packet correct, which will result in the TCP
> connection closing, or their UDP packet being silently discarded.
>
> And of course, such a vulnerability shouldn't exist.



[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux