#superuser — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #superuser, aggregated by home.social.
-
Как стать postgres в чужом облаке: краш-тест безопасности управляемых БД
Меня зовут Евгений Ефимкин, я руковожу группой Platform Reliability в Yandex Cloud. В числе прочего мы занимаемся безопасностью наших managed‑сервисов. В managed PostgreSQL мы не выдаём клиенту привилегии superuser — иначе он сможет выйти за пределы своей базы прямо в операционную систему. Чтобы клиент при этом мог выполнять привилегированные операции: создавать базы, заводить роли, менять настройки кластера, — мы пишем сервисы Control Plane и выдаём специальные ограниченные роли (без выхода в ОС и без обхода проверок прав). Несколько лет назад, занимаясь поддержкой логической репликации, я понял, что и этого мало: у PostgreSQL остаются места, где он сам, изнутри, выполняет код от superuser в обход всей конструкции. Дальше — два случая повышения привилегий у двух разных публичных облачных провайдеров. Оба вектора к моменту публикации закрыты — и в апстриме PostgreSQL, и у самих сервисов; оба провайдера своевременно проинформированы.
https://habr.com/ru/companies/yandex_cloud_and_infra/articles/1040504/
#postgresql #superuser #logical_replication #search_path #pg_hint_plan #operator_injection
-
I'm preferring my new way to degoogle. Instead of manually doing it like I have done in the past, I am now installing Shizuku and using shizuku privileges to precipitate the process. - De-google my life! ⚡
I am old-tech USB ADB and SU Root guy that's learning new tricks of the trade. Rooting is not really needed like it used to be way back in the day. Having an MS Windows OS available 247 is also something in the past.
-
Copy fail : depuis 2017, une faille dans le noyau Linux permettait à un utilisateur de passer root.
30 avril 2026 - Martin Clavey
Depuis 2017, une vulnérabilité dans le module cryptographique authencesn du noyau Linux laissait à un compte d’un simple utilisateur la possibilité de passer en root. Elle concerne la plupart des grandes distributions jusqu’au déploiement du patch, qui est déjà en cours.
1/
#Linux #CopyFail #Xint #Root #authencesn #SuperUser #Docker #Kubernetes #Vulnerability #Debian #Python #Patch #Cybersecurity #InfoSec #Data_Breach #PrivilegeEscalation #Privilege #Kernel #AEAD #AuthenticatedEncryption
-
Copy fail : depuis 2017, une faille dans le noyau Linux permettait à un utilisateur de passer root.
30 avril 2026 - Martin Clavey
Depuis 2017, une vulnérabilité dans le module cryptographique authencesn du noyau Linux laissait à un compte d’un simple utilisateur la possibilité de passer en root. Elle concerne la plupart des grandes distributions jusqu’au déploiement du patch, qui est déjà en cours.
1/
#Linux #CopyFail #Xint #Root #authencesn #SuperUser #Docker #Kubernetes #Vulnerability #Debian #Python #Patch #Cybersecurity #InfoSec #Data_Breach #PrivilegeEscalation #Privilege #Kernel #AEAD #AuthenticatedEncryption
-
Copy fail : depuis 2017, une faille dans le noyau Linux permettait à un utilisateur de passer root.
30 avril 2026 - Martin Clavey
Depuis 2017, une vulnérabilité dans le module cryptographique authencesn du noyau Linux laissait à un compte d’un simple utilisateur la possibilité de passer en root. Elle concerne la plupart des grandes distributions jusqu’au déploiement du patch, qui est déjà en cours.
1/
#Linux #CopyFail #Xint #Root #authencesn #SuperUser #Docker #Kubernetes #Vulnerability #Debian #Python #Patch #Cybersecurity #InfoSec #Data_Breach #PrivilegeEscalation #Privilege #Kernel #AEAD #AuthenticatedEncryption
-
Copy fail : depuis 2017, une faille dans le noyau Linux permettait à un utilisateur de passer root.
30 avril 2026 - Martin Clavey
Depuis 2017, une vulnérabilité dans le module cryptographique authencesn du noyau Linux laissait à un compte d’un simple utilisateur la possibilité de passer en root. Elle concerne la plupart des grandes distributions jusqu’au déploiement du patch, qui est déjà en cours.
1/
#Linux #CopyFail #Xint #Root #authencesn #SuperUser #Docker #Kubernetes #Vulnerability #Debian #Python #Patch #Cybersecurity #InfoSec #Data_Breach #PrivilegeEscalation #Privilege #Kernel #AEAD #AuthenticatedEncryption
-
Copy fail : depuis 2017, une faille dans le noyau Linux permettait à un utilisateur de passer root.
30 avril 2026 - Martin Clavey
Depuis 2017, une vulnérabilité dans le module cryptographique authencesn du noyau Linux laissait à un compte d’un simple utilisateur la possibilité de passer en root. Elle concerne la plupart des grandes distributions jusqu’au déploiement du patch, qui est déjà en cours.
1/
#Linux #CopyFail #XintIo #Root #authencesn #SuperUser #Docker #Vulnerability #Debian #Python #Patch #Cybersecurity #InfoSec #Data_Breach #PrivilegeEscalation #Privilege #Kernel #AEAD #AuthenticatedEncryption
-
I got an email from "[email protected]" about a Stack Overflow survey. Most of my participation on the Stack Exchange network is actually on SuperUser, but I figured my contributions might still be useful/relevant. I imagine the populations between the two are pretty similar. They were looking for users from the United States.
Info Sheet: http://tiny.cc/Sheet1233
The Actual Survey: http://tiny.cc/Survey1233
I got nerd-sniped hard by what I considered to be (mostly) excellent questions surrounding DEI-type concerns. I ended up spending way longer than 15-30 minutes on them anyway. So... I'm dumping my responses here in a thread before going to bed for the night.
-
#Sudo 1.9.16p2 has been released (#SuperUser / #PrivilegeAuthorization) https://sudo.ws/
-
This is a secret test to see how many people wince at "sudo su", isn't it?
And whether it exceeds the number of people wincing at the output of a WWW page GET being piped into a superuser shell?
(-:
-
#Sudo 1.9.15p4 has been released (#SuperUser / #PrivilegeAuthorization) https://sudo.ws/
-
Así perdieron Adán y Eva su inocencia #root #linux #superuser #sudo #chmod777 👦 👧 🐍 💻
-
Learned this morning that if a #postgres user compromises their password, if you aren't a #superuser, you can't change their password for them....
...but they can change their own password in #pgAdmin!!
-
How To Find All Sudo Users In Linux $sudo #sudouser #Linux #Linuxhowto #Linuxadmin #Linuxusermanagement #superuser
https://ostechnix.com/find-sudo-users-linux-system/ -
How To Find All Sudo Users In Linux $sudo #sudouser #Linux #Linuxhowto #Linuxadmin #Linuxusermanagement #superuser
https://ostechnix.com/find-sudo-users-linux-system/ -
How To Find All Sudo Users In Linux $sudo #sudouser #Linux #Linuxhowto #Linuxadmin #Linuxusermanagement #superuser
https://ostechnix.com/find-sudo-users-linux-system/ -
How To Find All Sudo Users In Linux $sudo #sudouser #Linux #Linuxhowto #Linuxadmin #Linuxusermanagement #superuser
https://ostechnix.com/find-sudo-users-linux-system/ -
How To Find All Sudo Users In Linux $sudo #sudouser #Linux #Linuxhowto #Linuxadmin #Linuxusermanagement #superuser
https://ostechnix.com/find-sudo-users-linux-system/ -
#Firmware #vulnerabilities in millions of computers could give #hackers #superuser status | Ars Technica
BMCs give near-total control over entire fleets of servers. What happens when they're hacked?
-
-
How To Force Sudo Password Authentication In Linux #Sudo #SuperUser #Sudopassword #Linux #Linuxtips #Linuxhowto #Linuxcommands
https://ostechnix.com/force-sudo-password-authentication-in-linux/ -
Linux Fu: Superpowers for Mere Mortals - You can hardly mention the sudo command without recalling the hilarious XKCD strip... - https://hackaday.com/2021/07/26/linux-fu-superpowers-for-mere-mortals/ #hackadaycolumns #linuxhacks #superuser #sudoers #visudo #linux #root #sudo #su
-
How To Change Sudo Password Timeout In Linux #sudo #SuperUser #Linux #Linuxtips #Linuxcommands
https://ostechnix.com/how-to-change-sudo-password-timeout-in-linux/ -
Add, Delete And Grant Sudo Privileges To Users In Alpine Linux #Sudo #Superuser #SudoPrivileges #AlpineLinux #Linux #Linuxbasics #Linuxcommands #Linuxadministration
https://ostechnix.com/add-delete-and-grant-sudo-privileges-to-users-in-alpine-linux/ -
Add, Delete And Grant Sudo Privileges To Users In Arch Linux #Sudo #Superuser #ArchLinux #Linux #LinuxAdministration #Linucommands #Linuxbasics
https://ostechnix.com/add-delete-and-grant-sudo-privileges-to-users-in-arch-linux/ -
How To Add A User To Sudo In Debian Jessie #debian #superuser #sudo
https://linuxwebdevelopment.com/add-user-sudo-debian-jessie/ -
How To Add A User To Sudo In Debian Jessie #debian #superuser #sudo
https://linuxwebdevelopment.com/add-user-sudo-debian-jessie/ -
How To Reset Sudo Password In Ubuntu 20.04 LTS #sudo #superuser #resetpassword #rescuemode #Ubuntu #Linux #linuxhowto
https://www.ostechnix.com/how-to-reset-sudo-password-in-ubuntu-20-04-lts/ -
How To Change Default Sudo Log File In Linux #sudo #SuperUser #SudoLogFile #Syslog #Linux #linuxcommands
https://www.ostechnix.com/how-to-change-default-sudo-log-file-in-linux/ -
How To Add A User To Sudo In Debian Jessie #debian #superuser #sudo
https://linuxwebdevelopment.com/add-user-sudo-debian-jessie/ -
How To Add, Delete And Grant Sudo Privileges To Users In Linux #adduser #deleteuser #UserManagement #sudo #SudoUser #SuperUser #Linuxhowto #LinuxCommands #Linux
https://www.ostechnix.com/how-to-add-delete-and-grant-sudo-privileges-to-users-in-linux/ -
How To Add A User To Sudo In Debian Jessie #debian #superuser #sudo
https://linuxwebdevelopment.com/add-user-sudo-debian-jessie/
