HackerLangs
トップ新着トレンドコメント過去質問紹介求人

cpach

7,988 カルマ登録 18 年前
Sono Rintracciabile.

Residing in Södermanland, Sweden.

Get in touch? E-mail: c (at) tunnel53 (dot) net

Website: https://www.tunnel53.net/

Interesting HN people to follow: ('tptacek 'cperciva 'tlb 'FiloSottile 'Animats 'DannyBee 'mcpherrinm 'phasmantistes 'pbsd 'patio11)

投稿

IBM looks beyond short-term AI gains, tripling entry-level hiring

cio.com
3 ポイント·投稿者 cpach·4 か月前·0 コメント

Lessons Learned from 20 Years and Why You Should Blog

adamcaudill.com
2 ポイント·投稿者 cpach·6 か月前·0 コメント

Using DNS for responding to ACME challenges

hsm.tunnel53.net
2 ポイント·投稿者 cpach·10 か月前·0 コメント

コメント

cpach
·昨日·議論
Why does it matter?
cpach
·3 日前·議論
Direct link to Hoot: https://spritely.institute/hoot/
cpach
·15 日前·議論
Brother HL-L2350DW (monochrome). Those things are very reliable.
cpach
·16 日前·議論
dupe: https://news.ycombinator.com/item?id=48660159
cpach
·16 日前·議論
See also https://news.ycombinator.com/item?id=48660159 (1 comment so far)
cpach
·18 日前·議論
Why is this on the front page? :)
cpach
·22 日前·議論
Feel free to launch your own CA.
cpach
·24 日前·議論
Interesting!
cpach
·28 日前·議論
Reading, writing, cooking, child-rearing.
cpach
·先月·議論
What’s the performance when you do that?
cpach
·先月·議論
Dupe: https://news.ycombinator.com/item?id=48265498
cpach
·2 か月前·議論
Uhm… cryptography or cryptocurrency?
cpach
·2 か月前·議論
For those who can I would recommend upgrading to Wireguard.
cpach
·2 か月前·議論
If it was for personal use, surely there would be some kind of consumer organization or ombudsman one could contact for advice?

For B2B, I guess the local chamber of commerce might be able to advice.
cpach
·2 か月前·議論
Same here, zero plugins for me.
cpach
·2 か月前·議論
Regarding su…

  su -
might yield better results.
cpach
·2 か月前·議論
Does anyone know how to mitigate this one? Is it sufficient to disable the esp4/esp6/rxrpc modules?
cpach
·2 か月前·議論
Main discussion here: https://news.ycombinator.com/item?id=48058393
cpach
·2 か月前·議論
Welcome to Hacker News! Please write in English here. Thank you in advance from a long-time member :)
cpach
·2 か月前·議論
No, I haven’t.

My concern is to try to understand the mechanisms of the exploit.

Copy Fail is not simply ”hey, kernel, give me root”. I would say it’s more general than that. It’s rather: ”Hey, kernel, when you present file /foo to a process, make the contents of that file appear according to my wishes”. Which can be used (in various ways) to advance the attacker’s position.

That’s why I think it’s interesting to ponder if that power allows the attacker to simply sneak past security policies such as allowPrivilegeEscalation=false.