search

pia-foss / manual-connections

Scripts for manual connections to Private Internet Access
MIT License
612 stars 170 forks source link

[feature request] Use /tmp and /run instead of /opt/piavpn-manual #23

Open solsticedhiver opened 3 years ago

solsticedhiver commented 3 years ago

/opt should be considered read-only by the scripts.

Temporary files should be stored in /tmp or better a directory in /tmp created with mktemp. For example

tmpdir=`mktemp -d -p /tmp -t piavpn-manual-XXXXX.d`
echo $tmpdir
/tmp/piavpn-manual-k5cVRf.d

The random portion of the directory name is crucial for the security and avoid race conditions.

It is not yet in the FHS, but it is already largely used that /run is used for transient like pid_file of process or services.

For example in /run/piavpn-manual could store resolv_conf_backup, pia_pid, route_info, etc ... if some are not stored in /tmp

This is linux-centered and I don't know of BSDs ...

And the port used for port forwarding needs to be exported somewhere (in run/piavpn-manual ?) to be available to other process that needs that port.

I had to add line to port_forwarding.sh to get that done but that is expected I guess from the README.md

g00nix commented 3 years ago

Temporary files should be stored in /tmp or better a directory in /tmp created with mktemp It is not yet in the FHS, but it is already largely used that /run is used for transient like pid_file of process or services. For example in /run/piavpn-manual could store resolv_conf_backup, pia_pid, route_info, etc ... if some are not stored in /tmp

The PIA Desktop app currently uses /opt/piavpn/ so we are currenly using /opt/piavpn-manual/ for consistency, however I do agree that /tmp/ would be better fitted for keeping the temporary configs.

If you have time to open a PR, please also test the change extensively (preferably on multiple distributions) to be sure it does not break current functionality (the scripts were designed to disconnect the previous connection before creating a new one) and doesn't have any other random effects.

The random portion of the directory name is crucial for the security and avoid race conditions.

  1. Regarding security: The VPN technology will create an encrypted tunnel between your machine and the VPN server. This means the internet will prevent you against at attackers that have enough access on your network to be able to see your traffic. If you machine is already compromised (somebody else has access on your Laptop and is able to read all files on the system), you will first have to deal with the malicious software on your system. Using a random temporary folder might help, however if you have concerns regarding other software on your system, please try to isolate that specific software by using: QEMU, SELinux, Docker etc..
  2. Regarding race conditions: The scripts were not designed to run in parallel. If you need to multihop, please create a fork and modify the scripts to fit your requirement.

And the port used for port forwarding needs to be exported somewhere (in run/piavpn-manual ?) to be available to other process that needs that port.

Agreed, though this a different topic/ticket. A PR for this change would be a lot easier to approve, as it can't really break anything.

If you have time to open a PR, please use different file names for OpenVPN and WireGuard. The name of the file can not be random, as it would defeat the purpose.

I had to add line to port_forwarding.sh to get that done but that is expected I guess from the README.md

Yes. The idea behind the repo is to enable you to configure your system the way you like it. This is also the reason why we can't go to deep into technology on this repo, as it has to be easy to read and to understand.