[stunnel-users] Public domain [PATCH] support environment variables in config file

Dmitry Bakshaev dab1818 at gmail.com
Tue May 31 14:24:35 CEST 2016


2016-05-31 12:02 GMT+04:00 Pierre Delaage <delaage.pierre at free.fr>:

> Did not have a look at the code yet, but should it be possible to replace
> envvars usage by some keys in the registry on windows platform and/or
> %userprofile%/config-file ?
>
> Anyway, my opinion on the patch is that there is no real interest for
> "generic/self-expanding" config file , and it is even dangerous :
> I would not trust stunnel if, at run time, its config could be modified by
> USER envvars...
>

which difference between %userprofile%/config-file and USER envvars?
both are USER owned and USER controlled.
certificate and keys also USER private data.
and stunnel started by USER owned by USER.
if stunnel started by SYSTEM/ADMIN he uses SYSTEM/ADMIN envvars (if
needed), certs, keys, etc.

global "generic/self-expanding" config file is ADMIN owned.
USER has permissions to substitute some values, restricted by ADMIN.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20160531/a0d3d386/attachment.html>


More information about the stunnel-users mailing list