Re: Using WireGuard on Windows as non-admin - proper solution?

[Phillip McMahon <phillip.mcmahon@gmail.com>]

Hey Jason,

Won't drag this already long and confusing thread out. Not challenging
the current implementation, just the notion that any other suggestion
is a dead end and the topic is closed.

I will continue to use wg daily and now add in the non-admin elements
to test those out too. Appreciate the progress here and all that hard
work.

Phill

On Sun, 29 Nov 2020 at 18:52, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> Hi Phillip,
>
> On Sun, Nov 29, 2020 at 2:40 PM Phillip McMahon
> <phillip.mcmahon@gmail.com> wrote:
> > I have been following the wider thread and maybe I misunderstood but
> > believe the solution requires some registry tweaks and membership to
> > the Network Operators Group, along with Windows Home requiring the
> > creation of a group not officially supported on that platform. Correct
> > or not?
> >
> > It was with all the in mind that I wrote the two points.
>
> I must admit I misunderstood your first message. Sorry for that. I
> understand you now to be questioning two things:
>
> - That this is gated behind a registry key;
> - That it works by using the network operators group.
>
> The first point is something I could imagine changing down the line as
> we learn more about the NCO group's usage. To start, and for now, I
> prefer to put "risky" settings behind a flag.
>
> But the latter point I'm much more hesitant to change. You recalled
> that I was initially entirely wary of this feature all together. This
> is true. It was only upon hearing the excellent idea of the NCO group
> that it became tenable for me. The reason is that the NCO group is a
> preexisting designation as part of the operating system that confers
> these privileges. And there's an easy argument to be made that adding
> the ability to stop/start tunnels does not add anything extra beyond
> what NCO can already do (like changing IP addresses or disabling
> adapters). Therefore, the brilliance of the NCO suggestion, in my
> mind, was that we're not adding any additional holes to the Windows
> security model. That makes it very compelling to me.
>
> It seems like you want to go back to challenge the initial hesitation
> again: maybe we _should_ add additional caveats to the existing
> Windows model, you suggest. Maybe. But if we can avoid doing so, I
> really would prefer that, and it seems like NCO group strikes a good
> balance.
>
> What's the situation you have in mind in which an administrator would
> permit a user to enable and disable tunnels but would not permit the
> other privileges conferred by NCO? What is the impedance mismatch that
> you are thinking about?
>
> Jason



-- 
Use this contact page to send me encrypted messages and files

https://flowcrypt.com/me/phillipmcmahon

P.S. Drowning in email? Try SaneBox and take back control:
http://sanebox.com/t/old3m. I love it.