man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
Index ·| www.freedesktop.org
Index ·| www.freedesktop.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
GitLab product documentation.| docs.gitlab.com
Introduction| ipng.ch
I host my own GitLab CI/CD runners, and find that having coverage on the riscv64 CPU architecture is useful for testing things. The HiFive Premier P550 seems to be a common hardware choice. The P550 is possible to purchase online. You also need a (mini-)ATX chassi, power supply (~500W is more than sufficient), PCI-to-M2 converter and a NVMe storage device. Total cost per machine was around $8k/€8k for me. Assembly was simple: bolt everything, connect ATX power, connect cables for the front-...| Simon Josefsson's blog
Index ·| www.freedesktop.org
man7.org > Linux > man-pages| man7.org
Index ·| www.freedesktop.org
Index ·| www.freedesktop.org
A Book for understanding RootAsRole concepts and how to use it| lechatp.github.io
man7.org > Linux > man-pages| man7.org
Explore all the attributes the services top-level element can have.| Docker Documentation
Can you use Tetragon without Cilium? Yes you can! Learn how in this tutorial based walkthrough, get up & running in your environment today!| isovalent.com
man7.org > Linux > man-pages| man7.org
Index ·| www.freedesktop.org
sudo chroot without sudo... and mostly without the chroot| BrixIT Blog
Learn how to optimize your Docker image security with 12 useful tips. Understand the underlying attack vector, and the mitigation approaches.| AugmentedMind.de
man7.org > Linux > man-pages| man7.org
This article is the final part of a 3-part series on automating a backup for Nextcloud.| rair.dev
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
Providing better Pod security for service meshes with Kyverno.| Kyverno
Index ·| www.freedesktop.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
Index ·| www.freedesktop.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
Index ·| www.freedesktop.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
Intentions starts with a website where I’ll find and exploit a second order SQL injection to leak admin hashes. I’ll find a version of the login form that hashes client-side and send the hash to get access as admin. As admin, I have access to new features to modify images. I’ll identify this is using ImageMagick, and abuse arbitrary object instantiation to write a webshell. With a foothold, I’ll find credentials in an old Git commit, and pivot to the next user. This user can run a has...| 0xdf hacks stuff
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
A not so deep dive into Kubernetes Networking, Linux Namespaces, Networking, Capabilities, Wireguard.| tech.j4m3s.eu
man7.org > Linux > man-pages| man7.org
man7.org > Linux > man-pages| man7.org
A security context defines privilege and access control settings for a Pod or Container. Security context settings include, but are not limited to: Discretionary Access Control: Permission to access an object, like a file, is based on user ID (UID) and group ID (GID). Security Enhanced Linux (SELinux): Objects are assigned security labels. Running as privileged or unprivileged. Linux Capabilities: Give a process some privileges, but not all the privileges of the root user.| Kubernetes
man7.org > Linux > man-pages| man7.org
This post describes a breaking change in runc v1.0.0-rc93, that has subsequently had a workaround implemented that will presumably be included in v1.0.0-rc94. Thanks to @haircommander for talking through the issue with me and implementing the subsequent workaround, and to @mattomata for his consultation on the distroless/static:nonroot behavior. If you are not interested in the background of the issue, you can skip reading this post and take a look at my detailed testing scenarios on the Cros...| danielmangum.com