• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Why does PFsense use such insecure daemon configuration?

Scheduled Pinned Locked Moved General pfSense Questions
3 Posts 3 Posters 1.4k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T
    techi
    last edited by Jan 31, 2010, 2:35 PM

    Hi

    sorry if i am wrong here, using mainly linux but looking at the sshd configuration i see UsePrivilegeSeparation is not set. As far as i know this should be always enabled!?

    And also for OpenVPN the feature to drop the user rights to nobody after starting is commented out at the config.

    May i ask whats the cause for this kind of configuration?

    cheers

    1 Reply Last reply Reply Quote 0
    • B
      Bern
      last edited by Jan 31, 2010, 4:18 PM

      How useful is UsePrivilegeSeparation when you're logging in as root?

      1 Reply Last reply Reply Quote 0
      • J
        jimp Rebel Alliance Developer Netgate
        last edited by Jan 31, 2010, 9:33 PM

        Those options might be useful on a multi-user system, but on pfSense most everything runs as root anyhow, and you're logging in as either root or admin, which is just an alternate account for root. There are no other users.

        As for OpenVPN, the user rights don't matter much, again, because everything else is running as root. If it's commented out, it's likely because something broke with that enabled, but feel free to try it again and see if it works.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received