Bump.
On Wed, Apr 8, 2020 at 7:32 PM Wes Turner wrote:
> A thread for discussing OpenWRT for #DisasterRelief: LoRA: ClusterDuck,
> LTE, Mesh
>
> (cc'ing and re-formatting from
> https://twitter.com/westurner/status/1238859774567026688 )
>
> Please LMK if the forums are
Would it make sense to integrate support for a wwan interface and zone that
just no-ops when there's no wwan interface defined?
The case of a 4G/5G modem will likely be more popular in the future.
"[OpenWrt-Devel] RFI: OpenWRT for #DisasterRelief: LoRA: ClusterDuck, LTE,
5G, Mesh, Throttling"
htt
FWIW, k8s has Liveness, Readiness and Startup Probes
https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
::
> The kubelet uses startup probes to know when a container application has
started. If such a probe is configured, it disables liveness and
d as will it introduce issues at the
> expense of separation and flexibility.
>
> That potentially could mitigate some of your concerns, but I feel the
> preposition for me is openwrt is not multi-user by default OOTB for most
> (if not all) targets; and if you want it to be
>From a least privileges perspective:
- chmod o-rwx /var/run/hostapd-phyX.conf
- chmod o-x uci # setfacl?
Compromise of a service running as a different user should not result in
disclosure of sensitive keys only necessary for different services.
https://openwrt.org/docs/guide-user/security/secu
A thread for discussing OpenWRT for #DisasterRelief: LoRA: ClusterDuck,
LTE, Mesh
(cc'ing and re-formatting from
https://twitter.com/westurner/status/1238859774567026688 )
Please LMK if the forums are the appropriate place for these questions.
## Project OWL ClusterDuck
Homepage: http://clusterd
/etc in git + Shell script + Ansible
I wrote a shell script that drops lock files in /etc/setup when that
function has successfully run without error.
If the lock file exists (test -f "/etc/setup/${lockname}"), the function
doesn't run again whenever I re-run the shell script.
I include /etc/setup
What is the reason that creating a script in /etc/hotplug.d/iface/ that
checks $ACTION and $DEVICENAME doesn't solve for this use case?
https://openwrt.org/docs/guide-user/base-system/hotplug
On Fri, Mar 20, 2020, 11:02 AM Felix Fietkau wrote:
> On 2020-03-20 15:21, Florian Eckert wrote:
> > net
On Fri, Mar 13, 2020, 12:39 PM Jo-Philipp Wich wrote:
> Hi Wes,
>
> > Are there *new* security implications of allowing keep-alive?
>
> I don't see any immediate concerns. You can trigger resource intensive
> calls
> via GET, HEAD, PATCH, PUT or DELETE as well, all of them were allowed for
> keep
Are there *new* security implications of allowing keep-alive?
Slowloris DoS comes to mind:
https://en.wikipedia.org/wiki/Slowloris_(computer_security)
And the article mentions a number of tools.
Older devices are likely somewhat trivially DoS-able without this patch;
but maybe include a config o
Thanks for clarifying.
How can a user add a usign EdDSA ed25519 key for e.g. a self-hosted package
set?
https://openwrt.org/docs/guide-user/security/release_signatures links to
https://openwrt.org/docs/guide-user/security/keygen which describes how to
generate release signing keys with GPG and us
Saw this post and thought I'd forward it along here.
https://news.ycombinator.com/item?id=22208557
"""
It's definitely an issue that the sha256 checksum check was broken.
But, can someone explain why a person who is MITM'ing ipk downloads
would change the package and not the checksum?
Are there GP
12 matches
Mail list logo
