Date: Sat, 20 Oct 2018 08:28:16 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 185023] [tun] Closing tun<n> interface deconfigures IP address Message-ID: <bug-185023-227-HMVBRGhcZk@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-185023-227@https.bugs.freebsd.org/bugzilla/> References: <bug-185023-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D185023 --- Comment #6 from jphartmann@gmail.com --- Thank you. The current behaviour actually has a security issue as a non-privileged user can cause reconfiguration, i.e., remove the ip address from the interface.= =20 E.g., (from a linux system where this bug arrived some five years ago): openvpn --mktun --dev tun4 --user john --group john ifconfig tun4 up 10.0.0.32/30 pointopoint 10.0.0.33 User john now has escalated privileges with respect to the configuration of tun4, insofar as he can clear the IP address assigned simply by opening and closing the device. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-185023-227-HMVBRGhcZk>