On #linux, when mounting an untrusted #filesystem (eg: external drive) the filesystem might have executable files with capabilities declared in their extended attributes. This is pretty similar to files being #suid. Is there an equivalent to nosuid so I can #mount the filesystem ignoring those capabilities?

Permisos en Linux: usuarios, grupos y bits especiales (SUID, SGID y Sticky Bit) #software_y_hardware #chmod #chown #grupos_linux #permisos_en_linux #seguridad_linux #sgid #sticky_bit #suid #teoría_linux #usuarios_linux
https://notilinux.com/permisos-en-linux-usuarios-grupos-y-bits-especiales/

I finally took the plunge:

❱❱❱ sudo
bash: sudo: command not found

One less #suid root binary on my system! I don't need root on my laptop often anyway, mostly just for the weekly `bootc upgrade` and the occasional journal check. `run0` works just fine for that. (I do pretty much everything in #toolbx)

Now the remaining stuff in `find /usr -perm -4000` has mostly stuff that I don't really need, except `unix_chkpwd` and possibly `pkexec`. Getting closer!

https://github.com/martinpitt/workstation-bootc/commit/ce76ffc083baad7ad05b1eac471df9525bd71d9a

advertisers are playing fast and loose with safety when it comes to marketing of #nursingpillows. Did you know that nursing pillows turn up in 5% of cases of sudden unexplained infant death? #SIDS #publichealth #pedsky 🩺 #parenting #SUID

#covid #suid #sids

“ The risk of sudden unexpected infant death (SUID) and sudden infant death syndrome (SIDS) increased during the COVID-19 pandemic compared to the pre-pandemic period, especially in 2021, according to a new study led by researchers at the Penn State College of Medicine.” https://www.psu.edu/news/research/story/rates-sudden-unexpected-infant-death-changed-during-covid-19-pandemic

#TIL in Linux, the SUID (Set User ID) bit is a special file permission that allows a binary to run with the privileges of the file’s owner rather than the user who executed it. This feature is useful for tasks that require elevated permissions, like allowing regular users to perform specific administrative functions.

However, SUID binaries also pose a security risk. If a SUID binary is improperly configured or contains vulnerabilities, an attacker with limited privileges could exploit it to escalate their privileges, potentially gaining root access. This makes it crucial to regularly audit SUID binaries on your system.

To find SUID binaries, use:
find / -type f -perm -4000 -ls 2>/dev/null

#linux #security #cybersecurity #suid #LeastPrivilege #debian

#firejail is a #suid... Oh! I stopped reading here ;)

Администрирование Линукс (Linux) - Урок 73 - Получаем рута на компрометированном хосте через SUID

https://peertube.su/videos/watch/ea0a85ee-5928-48a4-b2bd-dedf0aa14c7a

Kenobi - I have just completed this room! Check it out: https://tryhackme.com/room/kenobi #tryhackme #samba #pathvarmanipulation #suid #smb #kenobi via @RealTryHackMe

Cool bug 🐞

#Readline crime: exploiting a #SUID logic #bug

// by trailofbits

https://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline/

Dat het elders nog een stuk ingewikkelder kan, maakte ik op uit een artikel dat ik onlangs las op Forverts onder de getranscribeerde titel ‘Malay Afrikaans as Muslim Yiddish’. Waar komt het in het kort op neer? Een Germaanse taal (Afrikaans) wordt de voertaal van Maleis-sprekenden, vervolgens opgeschreven in Arabisch schrift, en daarna vandaaruit weer getranscribeerd naar hedendaags Latijns schrift.

https://rivieren-en-meren.online/2023/04/26/jiddisch-en-afrikaans/

#Yiddish #Afrikaans #Suid-Afrika #transliteratie #Maleis #Kaapstad

Kenobi - I have just completed this room! Check it out: https://tryhackme.com/room/kenobi #tryhackme #samba #path var manipulation #suid #smb #kenobi via @RealTryHackMe