manager: allow S-1-5-32-556 users to launch a limited UI - wireguard-windows

diff options

author	Jason A. Donenfeld <Jason@zx2c4.com>	2020-11-13 03:10:00 +0100
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2020-11-22 22:00:32 +0100
commit	1c7606cea18e908cf76201ce1534b0afdc04cc89 (patch)
tree	56c591b462989278a9bc89fafe927d7347122db5 /version
parent	tunnel: only enable DNS blocking for 0/0 configs (diff)
download	wireguard-windows-1c7606cea18e908cf76201ce1534b0afdc04cc89.tar.xz wireguard-windows-1c7606cea18e908cf76201ce1534b0afdc04cc89.zip

manager: allow S-1-5-32-556 users to launch a limited UI

I still have serious security reservations about this, both conceptually -- should users be allowed to do this stuff? -- and pratically -- there are issues with this implementation that need some examination. TODO: - Is that registry key a secure path? Should we double check it? - Are we leaking handles to the unpriv'd process from the manager? Audit this too. - IPC notifications are blocking. Should we move this to a go routine to mitigate DoS potential? - Is GOB deserialization secure? Can an NCO user crash or RCE the manager? Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

Diffstat (limited to 'version')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: