On Fri, 21 Aug 2020, Peter Stuge wrote: > Damien Miller wrote: > > A few people have asked for non-root tun forwarding over the years, > > but nobody has come forward with a design for how it could work in > > practice. > > > > I'd certainly be open to a design that used some sort of plug-in > > helper program to do the configuration steps, and let OpenSSH punt > > all the decision-making to that :) > > Would it be an option to keep the tun/tap code and teach it privsep? That the code allowed a non-root user to partially configure a tun/tap interface when privsep was disabled was a bug and not a feature. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
