I've installed the OpenVPN client on a winXP-SP2 box.
I use it with OpenVPN GUI and eToken. The account is non-admin one.
I'm trying to secure this installation and so far I see some strange
1) "ta.key" file must be accessible for a non-admin user. Why? I
thought this file is for openvpn.exe's use as the service. It
should not be user-accessible, should it?
2) no matter OpenVPN is v2.1b11 - it takes to add a user to the
"Network Configuration Operators" group to be able to control the
TAP-Win32 instance in "tap" mode. The v2.1x changelog says the
plain mortal now is capable of controlling it. What I did wrong?
Please CC me, I'm not subscribed to the list now.
Thank you in advance.