The CVE is found by Xint Code and it is well-explained here: https://copy.fail
Here is an Ansible playbook that follows the official interim mitigation before a patched kernel is rolled out.
The sudo command is one of the most powerful and commonly used tools
on Unix-like systems. It allows a permitted user to execute commands as
another user---typically the root user. But not all sudo usage is
equal: flags change its behavior, and logs record what users do for
auditing and security purposes.
This post explains:
sudo flags\When configuring SSH, most developers know the basics— Host, HostName, IdentityFile, and so on. But once you start using Match blocks and Include statements in more complex setups (multiple keys, multiple users, multiple environments), you can easily run into a very subtle problem:
In the world of SRE, we talk a lot about observability, such as metrics, logs, and traces. In most cases, these three pillars of observability are related to infrastructure metrics or business metrics. For example, the current CPU usage of a Kubernetes pod, the number of videos played by online users per minute, etc. Besides this, there is another important area that is being explored nowadays: FinOps.
This blog documents some cool tools that I have installed on my MacBook.