Check if OpenVPN for Android app is running as root or an unpriviledged user

[FlexMcMurphy]

I am using the OpenVPN for Android app on a Pixel4a that is not rooted. In the OpenVPN manual it states:

--user user Change the user ID of the OpenVPN process to user after initialization, dropping privileges in the process. This option is useful to protect the system in the event that some hostile party was able to gain control of an OpenVPN session.

But does the OpenVPN for Android app use those options? If not then does it run as root user even on a phone that is not rooted or does it run as some unpriviledged user? This is what I want.

When I open Termux in the phone and try commands like ps, top, htop, pstree I am unable to see what user is running the OpenVPN for Android app process. Maybe that is because my phone is not rooted.

On the OpenVPN server side I run this command and get that result:

root@OPENWRT:~# ps | grep openvpn
10831 root      1228 S    grep openvpn
31966 root      5256 S    /usr/sbin/openvpn --syslog openvpn(server) --status /var/run/openv

This just tells me that OpenVPN server is being run as the root user.

Is there a way for me to check if the OpenVPN connection from my phone is being run as an unpriviledged user or as root user?

Cheers,

Flex

[schwabe]

Each app runs as unprivileged user anyway. So the --user option is ignored on import since it would not would work. Unless you rooted your phone the OpenVP app has not a way to gain root privileges anyway. As for checking. I think adb shell and ps aux should still work even on a non-rooted phone.

[FlexMcMurphy]

Thanks a lot Arne!

I installed ADB in Manjaro using these instructions then used these commands to see that user u0_a253 was running the OpenVPN for Android App.

# adb shell
sunfish:/ $ top | grep openvpn
20901 shell        20   0  10G 2.8M 2.1M S  0.0   0.0   0:00.00 grep openvpn
20901 shell        20   0  10G 2.8M 2.1M S  0.0   0.0   0:00.00 grep openvpn
19186 u0_a253      20   0  14G  96M  49M S  0.6   1.7   0:02.23 de.blinkt.openvpn:openvpn
19186 u0_a253      20   0  14G  96M  49M S  0.3   1.7   0:02.25 de.blinkt.openvpn:openvpn
19186 u0_a253      20   0  14G  96M  49M S  0.6   1.7   0:02.26 de.blinkt.openvpn:openvpn

I was glad to satisfy myself that it is not being run as the root user.

Cheers,

Flex