-
JavaScript transformer with code like:
var cmd = ["bash","-c", msg];
var proc = java.lang.Runtime.getRuntime().exec(cmd);
proc.waitFor();
var stdout = proc.getInputStream();
msg = org.apache.co…
-
JavaScript transformer with code like:
var cmd = ["bash","-c", msg];
var proc = java.lang.Runtime.getRuntime().exec(cmd);
proc.waitFor();
var stdout = proc.getInputStream();
msg = org.apache.co…
-
JavaScript transformer with code like:
var cmd = ["bash","-c", msg];
var proc = java.lang.Runtime.getRuntime().exec(cmd);
proc.waitFor();
var stdout = proc.getInputStream();
msg = org.apache.co…
-
Currently we run everything as `root` which is a Bad Thing.
To remediate:
- [x] Add ambient capabilities support https://github.com/moby/tool/pull/97
- [x] Add ability to set uid, gid on files
-…
-
JavaScript transformer with code like:
var cmd = ["bash","-c", msg];
var proc = java.lang.Runtime.getRuntime().exec(cmd);
proc.waitFor();
var stdout = proc.getInputStream();
msg = org.apache.co…
-
If you attempt to perform a pack install from a git repo it uses root ssh keys.
From docs:
>For SSH (URLs starting with git@) auth you have to create a deploy key, and require the system user runn…
-
cd /var/lib/sss/db/
rm -f *.ldb
reboot
as soon as machine is up, ssh as root or login as local root and do:
# > id labuser
uid=10019(labuser) gid=100(users) groups=100(users)
just system gid…
-
Hello,
We're testing Bastillion internally and one of the things that really bothers me is the fact that - from my understanding until now - Bastillion should be used/connected as "root" on all ass…
Razva updated
3 years ago
-
so I raised this long time ago but we didn't do anything about it. :(
so @gtanner raised as he was doing the Cordova port and it continues to be a weird api
I don't have a solution yet, this is more…
-
In experimenting with system security and UKIs, I noticed that it is currently impossible to generate kargs to boot one specific deployment hash, with a kernel parameter such as `ostree=/ostree/deploy…