Changes between Initial Version and Version 1 of Ticket #925, comment 2


Ignore:
Timestamp:
08/08/17 19:32:23 (4 years ago)
Author:
David Sommerseth
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #925, comment 2

    initial v1  
    77What I think is a far better approach: Have a look at moving the whole OpenVPN management interface code over to a plug-in and expose all the needed features over the plug-in interface.  This way we can isolate the risks and stability to a more easily replaceable plug-in.  Which could enable other management approaches as well, not just TCP or TLS over TCP.  And if the management plug-in is not loaded, there's no management code to exploit by attackers.
    88
    9 But even this effort will quite massive and an intrusive change as well.
     9But even this effort will be quite massive and an intrusive change as well.
    1010