[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnunet] a few more questions on GNUnet operation
|
From: |
Ivan Shmakov |
|
Subject: |
[Help-gnunet] a few more questions on GNUnet operation |
|
Date: |
Sun, 21 Oct 2012 13:42:28 +0700 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/23.2 (gnu/linux) |
A bunch of questions I've got after running a few GNUnet nodes,
for a few days, which, I hope, will be answered here. TIA.
• Unless topology/FRIENDS-ONLY is set to YES, what the ‘friends’
list is used for? Is it used to specify the preferred peers
to which the connections are established?
• gnunet-peerinfo(1) lists some 27 peers on a couple of
dual-stacke nodes. Is it normal?
• What are the meanings of CHK (content hash key?), SKS, KSK,
Loc (location)? What's their syntax and semantics?
• Are, for instance, the “content hash” and “query hash” parts
of an CHK URI base32hex-encoded SHA-512 values?
• But what is the meaning of “query hash”? Is it a hash over
the metadata? If so, does such metadata include further
piece-wise (or block-wise) hashes of the content? Are such
pieces fixed-length (nearly 64 KiB?) octet sequences?
• Is it possible to search for identifiers under a known
namespace?
• Where are the implemented --meta= keys are listed?
• It seems that gnunet-pseudonym(1) blocks SIGINT, SIGTERM, and
SIGQUIT. Why?
• I've published a file on node A a couple of days ago, and it's
now shown among the gnunet-serach(1) results on node B, but
not on node C. What could've gone wrong?
• There's the transport/DISABLEV6 option to disable the use of
IPv6. Is there a complementary DISABLEV4 one? (One of my
nodes is IPv4-firewalled against “The World”, so I'd rather
disable the use of IPv4 on it altogether.) Is it generally
possible to set the addresses (or interfaces) the node will
listen at?
• A number of binaries (as per the gnunet-server 0.9.3-2 Debian
package) come set-UID root:
gnunet-helper-dns
gnunet-helper-exit
gnunet-helper-fs-publish
gnunet-helper-nat-client
gnunet-helper-nat-server
gnunet-helper-transport-wlan
gnunet-helper-vpn
While I understand that such privileges are necessary for
certain operations (like the creation of TUN/TAP devices),
this raises security concerns, and also (in the case of
gnunet-helper-fs-publish) has practical implications for a
particular use case. (Not to mention that it's generally
possible to pre-create a TUN/TAP device and grant access to it
to a particular user.) How these set-UID binaries are used,
and what'd be the consequences of dropping set-UID from them?
--
FSF associate member #7257
- [Help-gnunet] a few more questions on GNUnet operation,
Ivan Shmakov <=