There’s been a number of issues lately found by fuzzing input files (strings, lesspipe, various image issues, etc.), but these are all stateless apps / libraries. It’s much easier to fuzz input for strings for example, than client input to mysql server. The fuzzing project is actually concentrating on …
read moreThings that go boom and hang with vagrant and arch
Here’s a list of things that currently fail when trying to run vagrant under Arch. Hopefully I hit most of the keywords from errors and you’re reading this because you ran into one of those.
Vagrant is not an official Arch package.
It’s in AUR though - https …
read moreUbuntu unattended upgrades the salt way
There are many ways to turn on the unattended upgrades in Ubuntu. Creating files in /etc/apt/apt.conf.d, reconfiguring the package by hand, reinstalling after debconf, etc.
Here’s a simple way to do it with salt without breaking the Ubuntu / debconf integration:
read moreunattended-upgrades: debconf.set: - data …
Are your data archives append-only?
Any long-term data archives you keep - backups, copies of logs, code repositories, audit entries, etc. Are they append-only? I don’t mean from the perspective of the account owner. Of course the operator is able to do whatever he wants with those files, including deleting them.
But what about your …
read more