You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To make it easy for users, Masq provides a fairly straight forward dns implementation. It is however very detrimental to security, and as such there is a beter path.
Solution (Mid Tier)
Before startup grant MASQNode cap_net_bind_service permissions with:
Because security schizos want to maximize security, i also dont want to grant potentially lethal workaround permissions to the masq node. Therefore a good solution would be to allow evry port to be customizable, as well as the option of using an external dns server.
The text was updated successfully, but these errors were encountered:
Overview
To make it easy for users, Masq provides a fairly straight forward dns implementation. It is however very detrimental to security, and as such there is a beter path.
Solution (Mid Tier)
Before startup grant MASQNode
cap_net_bind_service
permissions with:Solution (Chad Tier)
Because security schizos want to maximize security, i also dont want to grant potentially lethal workaround permissions to the masq node. Therefore a good solution would be to allow evry port to be customizable, as well as the option of using an external dns server.
The text was updated successfully, but these errors were encountered: