openvpn: let instances drop to nobody in default config.

This is for security precautions.  As persist_tun and persist_key are
already there, this should not cause compatibility issue.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
SVN-Revision: 45961

diff --git a/package/network/services/openvpn/files/openvpn.config b/package/network/services/openvpn/files/openvpn.config
index 5cf0ba6be6ef7e25f0c28f3ea3e8798f36606b0b..3e053c36a9924bcecdc2b61c2f98e04d149f4640 100644 (file)
--- a/package/network/services/openvpn/files/openvpn.config
+++ b/package/network/services/openvpn/files/openvpn.config
@@ -253,6 +253,7 @@ config openvpn sample_server
        # of the privilege downgrade.
        option persist_key 1
        option persist_tun 1
+       option user nobody
 
        # Output a short status file showing
        # current connections, truncated
@@ -337,6 +338,7 @@ config openvpn sample_client
        # Try to preserve some state across restarts.
        option persist_key 1
        option persist_tun 1
+       option user nobody
 
        # If you are connecting through an
        # HTTP proxy to reach the actual OpenVPN