Error: Unsafe OpenVPN command detected
For Viscosity to be able to establish a VPN connection and make the necessary network changes to your computer, Viscosity runs certain components with full administrator (root) permissions, including OpenVPN.
Because of this, certain commands OpenVPN provides (such as the ability to call scripts, and write to files) will be run with full administrator rights as well. This is potentially dangerous to the security of your computer, as it could allow a malicious user with normal rights on your computer to trick OpenVPN into granting them full administrator rights. For this reason by default Viscosity blocks the use of these commands.
If you are receiving an "Error: Unsafe OpenVPN command detected" message when trying to connect to your VPN connection, it means one of more of the commands Viscosity blocks was found in your OpenVPN connection. In most cases these commands are not needed and so can simply be removed from your connection like so:
- Take note of the unsafe command listed in the error message when you try and connection to your VPN connection.
- Open Viscosity's Preferences window and make sure the Connections toolbar icon is selected.
- Select your connection and click the Edit button.
- Click on the Advanced tab.
- Look for a line starting with the command noted earlier in the Advanced Commands area, and remove the entire line it is on.
- Click Save and try connecting.
If you absolutely require the use of unsafe commands for your connection, you can enable their use by following the steps below. This is only recommend for advanced users who understand the risk of having unsafe commands enabled.
- Open Viscosity's Preferences window and select the Advanced toolbar icon.
- Tick the "Allow unsafe OpenVPN commands to be used" check box.
- Enter the username and password of an Administrator to enable the option.
- Try connecting your VPN connection.