[Pkg-utopia-maintainers] Bug#632641: network-manager should work harder to prevent information leaks with VPN connections
Maik Zumstrull
maik at zumstrull.net
Mon Jul 4 10:35:20 UTC 2011
Package: network-manager-openvpn
Version: 0.8.999-1
When opening a VPN connection to an IPv4-only OpenVPN host, the only
thing NetworkManager currently does to direct traffic through the VPN
is switching the IPv4 default route to the tunnel device. In my
opinion, that is not enough to protect the user's communication.
First, if the user has local IPv6 service, it remains open. Any
services that (correctly) prefer v6 over v4 will default to
unencrypted communication.
Second, if the VPN goes down, any packets still queued will be sent
out unencrypted.
I think NetworkManager should take down any local routes, including
v6, to direct all traffic through the VPN. It should also use
source-based routing and/or iptables to make sure traffic meant for
the VPN never goes out through any other device, even if the default
route changes.
I ask that this is not downgraded to wishlist. Sending out unencrypted
traffic after the user has explicitly requested a VPN is kind of a big
deal, in my opinion.
More information about the Pkg-utopia-maintainers
mailing list