wg-quick: allow enumeration of socket files

These OSes have an unpriv'd ifconfig, so this isn't an even larger info
leak.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2018-05-23 15:31:47 +02:00
parent 3d089e07e2
commit 86dd5587a9
2 changed files with 2 additions and 2 deletions

View file

@ -107,7 +107,7 @@ get_real_interface() {
add_if() { add_if() {
export WG_TUN_NAME_FILE="/var/run/wireguard/$INTERFACE.name" export WG_TUN_NAME_FILE="/var/run/wireguard/$INTERFACE.name"
mkdir -m 0700 -p "/var/run/wireguard/" mkdir -p "/var/run/wireguard/"
cmd "${WG_QUICK_USERSPACE_IMPLEMENTATION:-wireguard-go}" utun cmd "${WG_QUICK_USERSPACE_IMPLEMENTATION:-wireguard-go}" utun
get_real_interface get_real_interface
} }

View file

@ -98,7 +98,7 @@ get_real_interface() {
add_if() { add_if() {
export WG_TUN_NAME_FILE="/var/run/wireguard/$INTERFACE.name" export WG_TUN_NAME_FILE="/var/run/wireguard/$INTERFACE.name"
mkdir -m 0700 -p "/var/run/wireguard/" mkdir -p "/var/run/wireguard/"
cmd "${WG_QUICK_USERSPACE_IMPLEMENTATION:-wireguard-go}" tun cmd "${WG_QUICK_USERSPACE_IMPLEMENTATION:-wireguard-go}" tun
get_real_interface get_real_interface
} }