Open jonjonw opened 6 years ago
The ip-unrooted.sh and the config file get created with write permissions for the openvpn user.
I would recommend changing the user/group/permissions from: -rwx------ 1 openvpn openvpn ip-unrooted.sh -rw------- 1 openvpn openvpn vpn-unrooted.conf
to: -rwxr-x--- 1 root openvpn ip-unrooted.sh -rw-r----- 1 root openvpn piagate.conf
So the openvpn user isn't able to alter the script and config.
The ip-unrooted.sh and the config file get created with write permissions for the openvpn user.
I would recommend changing the user/group/permissions from: -rwx------ 1 openvpn openvpn ip-unrooted.sh -rw------- 1 openvpn openvpn vpn-unrooted.conf
to: -rwxr-x--- 1 root openvpn ip-unrooted.sh -rw-r----- 1 root openvpn piagate.conf
So the openvpn user isn't able to alter the script and config.