PostUp/PreUp/PostDown/PreDown Dangerous?
Andy Dorman
adorman at ironicdesign.com
Fri Jun 22 16:07:43 CEST 2018
On 6/21/18 8:41 PM, Jason A. Donenfeld wrote:
> So, the question we need to ask is whether this problem is important
> enough that these useful features should be_removed_? Or if there's a
> way to make them safer? Or if it just doesn't matter that much and we
> shouldn't do anything.
We use wg-quick with PostUp/PostDown/PreUp/PreDown and would prefer that
feature be retained.
However, looking ahead I believe Wireguard's speed, simplicity, and
simple, straightforward configuration and operation is going to attract
marginally competent amateur users that definitely do not qualify as a
system or network admin.
So, while it should be obvious, it wouldn't hurt to add a short warning
(in bold) to the wg-quick man page that lets these "amateur" users know
of the potential danger. Something along the lines of "Using a config
written by someone else that you do not understand and have not vetted
for security is stupid and can be dangerous. For example, the
PostUp/PostDown/PreUp/PreDown commands can be used to enable malicious
code. So always be certain your configuration and the code it executes
does only what you expect."
Sincere regards,
--
Andy Dorman
Ironic Design, Inc.
AnteSpam.com
More information about the WireGuard
mailing list