Security Leftovers
-
Admins, update your databases to avoid the MySQL bug
MySQL, MariaDB, and PerconaDB administrators need to check their database versions, as attackers can chain two critical vulnerabilities and completely take over the server hosting the database.
The two critical vulnerabilities, which can lead to arbitrary code execution, root privilege escalation, and server compromise, affect MySQL and forks like Percona Server, Percona XtraDB Cluster, and MariaDB, according to security researcher Dawid Golunski, who provided details of the vulnerability on LegalHackers. Administrators should install the latest updates as soon as possible, or in cases where the patches cannot be applied, they should disable symbolic link support within the database server configuration by setting symbolic-links=0 in my.cnf.
-
OOPS! MySQL Falls Down…
While programming, it’s easy to get tunnel-vision or to accept some “tiny” risk that things could go wrong at some point but write the code that way anyway. That’s what happened with MySQL and MariaDB. Creating a database should not create a vulnerability but it does, because a repair operation allows changing permissions of a file with a particular name which a bad guy could substitute with malicious code…
-
Talk Recap: Holistic Security for OpenStack Clouds
Thanks to everyone who attended my talk at the OpenStack Summit in Barcelona! I really enjoyed sharing some tips with the audience and it was great to meet some attendees in person afterwards.
If you weren’t able to make it, don’t fret! This post will cover some of the main points of the talk and link to the video and slides.
-
[Older, out of paywall now] Dirty COW and clean commit messages
-
Book Review: PAM Mastery
Linux, FreeBSD, and Unix-like systems are multi-user and need some way of authenticating individual users. Back in the old days, this was done in different ways. You need to change each Unix application to use different authentication scheme. Also, authentication schemes differed between a variant of Unix systems. Porting was a nightmare. For example to use Windows Server (Active Directory) or LDAP for authentication you need to make changes to an application. Each application had its way of authenticating users. So Open Group lead to the development of PAM for the Unix-like system. Today Linux, FreeBSD, MacOS X and many other Unix-like systems are configured to use a centralized authentication mechanism called Pluggable Authentication Modules (PAM). The book “PAM Mastery” deals with the black magic of PAM.
- Login or register to post comments
- Printer-friendly version
- 1181 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago