From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6D361C2D0E4 for ; Fri, 20 Nov 2020 19:09:06 +0000 (UTC) Received: from krantz.zx2c4.com (krantz.zx2c4.com [192.95.5.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 6456C22240 for ; Fri, 20 Nov 2020 19:09:05 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6456C22240 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=patanne.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=wireguard-bounces@lists.zx2c4.com Received: by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id fa145d27; Fri, 20 Nov 2020 19:03:46 +0000 (UTC) Received: from mail-00.helpbox.biz (mail-00.helpbox.biz [207.245.78.62]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 02537b1f for ; Fri, 20 Nov 2020 13:05:07 +0000 (UTC) Received: from sc-mail-gw-06d6 (localhost [127.0.0.1]) by sc-mail-gw-06d6.localdomain (Proxmox) with ESMTP id DBC8B3BE; Fri, 20 Nov 2020 08:10:06 -0500 (EST) X-Footer: cGF0YW5uZS5jb20= Subject: Re: Using WireGuard on Windows as non-admin - proper solution? To: "Jason A. Donenfeld" Cc: Patrik Holmqvist , "vh217@werehub.org" , WireGuard mailing list References: <3415567b-5441-f3b1-7a38-f0bae3a14cfc@werehub.org> <665e0a8610984d938ab013ec2aac8517@su.se> <6c0c1208b52848bea8b1d0f1ac0dfa3a@su.se> From: Patrick Fogarty Message-ID: Date: Fri, 20 Nov 2020 08:10:02 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 PostboxApp/7.0.37b3 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Mailman-Approved-At: Fri, 20 Nov 2020 20:03:45 +0100 X-BeenThere: wireguard@lists.zx2c4.com X-Mailman-Version: 2.1.30rc1 Precedence: list List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: wireguard-bounces@lists.zx2c4.com Sender: "WireGuard" Jason That method has the challenge of having to get a static configuration correct at the time of provisioning. A perfect example of when that won't work is during COVID. We have had client offices shut down, requiring us to migrate the VPN endpoint to a different office of the client. A machine in the field needs different configurations at that point. You mentioned in a previous email you do not like the idea of allowing users to be able to change default routes. That was the reasoning behind requiring admin rights. Extremely valid point. With tools we have written in-house for matters unrelated to WireGuard we write them so config files cannot be loaded unless they are digitally signed with approved certificates, thereby allowing non-admins the ability to apply configuration files while on the road beyond our reach. It constrains what the user can do to what we distribute. The theory is, if we do our job correctly the user cannot hurt themselves. So far so good. Patrick Fogarty Jason A. Donenfeld wrote on 11/20/2020 7:52 AM: > Hi Patrik, > > Why not provision the config for the users when you're provisioning > the rest of the machine for their ownership? > > Jason >