The client downloads the contents of :
http://www.vpngate.net/api/iphone/
Then it looks for entries which match the selected countries, runs base64 decode on them, and writes out that decoded data to /tmp/openvpn.
The last step is to run "sudo openvpn /tmp/openvpn".
So pretty much, if the remote host wanted to, they could run arbitrary commands on your host, as root.
Personal bugbear: Assuming sudo is installed, and enabled. If you need root permissions make that clear and fail with an error.
Goes without saying - please don't use this for anything data sensitive.
The client downloads the contents of :
http://www.vpngate.net/api/iphone/
Then it looks for entries which match the selected countries, runs base64 decode on them, and writes out that decoded data to /tmp/openvpn.
The last step is to run "sudo openvpn /tmp/openvpn".
So pretty much, if the remote host wanted to, they could run arbitrary commands on your host, as root.
Personal bugbear: Assuming sudo is installed, and enabled. If you need root permissions make that clear and fail with an error.