desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #79666
[Bug 1386361] Re: network-manager-openvpn leaks while connecting
** Description changed:
Network-manager-openvpn leaks while connecting. Maybe that is intended
behavior when activating a VPN-connection manually but it also leaks
when "Automatically connect to VPN when using this connection" is
checked.
+
+ By "leaking" I mean that there are packages leaving/entering the machine
+ without passing through the VPN.
Verfied the following way:
1. Set up a VPN that connects via UDP (verify it).
2. Configure a Wifi network that blocks UDP, check "Automatically connect to VPN..." and preselect your special VPN.
3. Connect to that newly configured Wifi network.
4. Browse the internet.
Another way:
1. Type "traceroute ubuntu.com" into a terminal but don't press enter.
2. Start the Wifi network that uses the "Automatically connect... VPN..." feature.
3. Go back to the terminal press enter.
4. After the VPN has connected repeat the command.
5. Compare the first hop of the traceroute results.
I consider this a security bug since it endangers users relying on a
working/leak-free VPN.
** Description changed:
Network-manager-openvpn leaks while connecting. Maybe that is intended
- behavior when activating a VPN-connection manually but it also leaks
+ behavior when activating a VPN-connection manually but it also *leaks
when "Automatically connect to VPN when using this connection" is
- checked.
+ checked*.
By "leaking" I mean that there are packages leaving/entering the machine
without passing through the VPN.
Verfied the following way:
1. Set up a VPN that connects via UDP (verify it).
2. Configure a Wifi network that blocks UDP, check "Automatically connect to VPN..." and preselect your special VPN.
3. Connect to that newly configured Wifi network.
4. Browse the internet.
Another way:
1. Type "traceroute ubuntu.com" into a terminal but don't press enter.
2. Start the Wifi network that uses the "Automatically connect... VPN..." feature.
3. Go back to the terminal press enter.
4. After the VPN has connected repeat the command.
5. Compare the first hop of the traceroute results.
I consider this a security bug since it endangers users relying on a
working/leak-free VPN.
** Description changed:
Network-manager-openvpn leaks while connecting. Maybe that is intended
- behavior when activating a VPN-connection manually but it also *leaks
+ behavior when activating a VPN-connection manually but it also **leaks
when "Automatically connect to VPN when using this connection" is
- checked*.
+ checked**.
By "leaking" I mean that there are packages leaving/entering the machine
without passing through the VPN.
Verfied the following way:
1. Set up a VPN that connects via UDP (verify it).
2. Configure a Wifi network that blocks UDP, check "Automatically connect to VPN..." and preselect your special VPN.
3. Connect to that newly configured Wifi network.
4. Browse the internet.
Another way:
1. Type "traceroute ubuntu.com" into a terminal but don't press enter.
2. Start the Wifi network that uses the "Automatically connect... VPN..." feature.
3. Go back to the terminal press enter.
4. After the VPN has connected repeat the command.
5. Compare the first hop of the traceroute results.
I consider this a security bug since it endangers users relying on a
working/leak-free VPN.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1386361
Title:
network-manager-openvpn leaks while connecting
Status in “network-manager” package in Ubuntu:
New
Status in “network-manager-openvpn” package in Ubuntu:
New
Bug description:
Network-manager-openvpn leaks while connecting. Maybe that is intended
behavior when activating a VPN-connection manually but it also **leaks
when "Automatically connect to VPN when using this connection" is
checked**.
By "leaking" I mean that there are packages leaving/entering the
machine without passing through the VPN.
Verfied the following way:
1. Set up a VPN that connects via UDP (verify it).
2. Configure a Wifi network that blocks UDP, check "Automatically connect to VPN..." and preselect your special VPN.
3. Connect to that newly configured Wifi network.
4. Browse the internet.
Another way:
1. Type "traceroute ubuntu.com" into a terminal but don't press enter.
2. Start the Wifi network that uses the "Automatically connect... VPN..." feature.
3. Go back to the terminal press enter.
4. After the VPN has connected repeat the command.
5. Compare the first hop of the traceroute results.
I consider this a security bug since it endangers users relying on a
working/leak-free VPN.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1386361/+subscriptions
References