Helmut Hullen wrote:
>> Can anyone suggest why I get 'Permission denied' for this access?
>
>> May 14 16:01:27 regret dnsmasq-tftp[13285]: cannot access
>> /home/Steve/Shared/workspace/xxx/xxx/bootrom.pxe.0: Permission denied
>> May 14 16:01:27 regret dnsmasq-tftp[13285]: cannot access
>> /home/S
Simon Kelley wrote:
> clemens fischer wrote:
>
>> To me your changes from test25..test27 were quite adequate by using
>> the bogus-priv checks. Rob said he wants his VPN remotes to resolve.
>> I can imagine he just enters the remotes as rebind-domain-ok domains
>> and be happy.
>
> I think so to
clemens fischer wrote:
> Hi Simon, did you intend to send this privately? The dnsmasq list was
> not Cc'ed.
>
>> Simon Kelley:
>
>> clemens fischer wrote:
>>
>>> Simon Kelley wrote:
The fact that stop-dns-rebind blocks 127.0.0.0 is bit of a
coincidence, which comes from the fact that i
Steve Elliott wrote:
Simon,
Thanks for the response.
I do not have --tftp-secure.
But I do launch with
sudo /etc/rc.d/initd/dnsmasq
So it seems that it will be run by root.
No, it will be running as non-privileged user, "nobody" or "dnsmasq"
unless you have user=root somewhere.
Try "su
Hallo, Steve,
Du meintest am 15.05.10:
> But I do launch with
> sudo /etc/rc.d/initd/dnsmasq
> So it seems that it will be run by root.
> Therefore I need world readable permission on my bootrom.pxe.0.
> I thought I had that!
> ---
> /home/Steve/Shared/workspace/xxx/xxx/
> -rwxrwxr-x
Am 14.05.2010 16:08, schrieb Simon Kelley:
Different versions of dnsmasq? I only looked at the latest code to see
how it would behave with repeated IP addresses, older code may break
differently
dnsmasq -v prints the same Version 2.52 *strange*
Simon,
Thanks for the response.
I do not have --tftp-secure.
But I do launch with
sudo /etc/rc.d/initd/dnsmasq
So it seems that it will be run by root.
Therefore I need world readable permission on my bootrom.pxe.0.
I thought I had that!
---
/home/Steve/Shared/workspace/xxx/xxx/
-r
Simon Kelley wrote:
> The fact that stop-dns-rebind blocks 127.0.0.0 is bit of
> a coincidence, which comes from the fact that it uses the same
> address-checking code as --bogus-priv. My understanding of the rebind
> attack is that it can't be done via 127.0.0.1: That might get you
> a backdoor i