| 1 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 2 |
DENIED
|
moderate
|
App\Entity\EntryComment {#1394
+user: Proxies\__CG__\App\Entity\User {#1369 …}
+entry: App\Entity\Entry {#1810 …}
+magazine: App\Entity\Magazine {#313
+icon: Proxies\__CG__\App\Entity\Image {#294 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#321
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#285 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#281 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#270 …}
+entries: Doctrine\ORM\PersistentCollection {#228 …}
+posts: Doctrine\ORM\PersistentCollection {#186 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#248 …}
+bans: Doctrine\ORM\PersistentCollection {#165 …}
+reports: Doctrine\ORM\PersistentCollection {#151 …}
+badges: Doctrine\ORM\PersistentCollection {#129 …}
+logs: Doctrine\ORM\PersistentCollection {#119 …}
+awards: Doctrine\ORM\PersistentCollection {#108 …}
+categories: Doctrine\ORM\PersistentCollection {#95 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#322
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#316
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+parent: null
+root: null
+body: """
About the root problem, as of now new installs are trying to let the user to run everything as a limited user. And the program is ran as root *inside* the container so in order to escape from it the attacker would need a double zero day exploit (one for doing rce in the container, one to escape the container)\n
\n
The alternative to “don’t really know what’s in the image” usually is: “just download this Easy minified and incomprehensible trustmeimtotallynotavirus.sh script and run it as root”. Requires much more trust than a container that you can delete with no traces in literally seconds\n
\n
If the program that you want to run requires python modules or node modules then it will make much more mess on the system than a container.\n
\n
Downgrading to a previous version (or a beta preview) of the app you’re running due to bugs it’s trivial, you just change a tag and launch it again. Doing this on bare metal requires to be a terminal guru\n
\n
Finally, migrating to a new fresh server is just `docker compose down`, then rsync to new server, and then `docker compose up -d`. And not praying to ten different gods because after three years you forgot how did you install the app in bare metal like that.\n
\n
Docker is perfect for common people like us self hosting at home, the professionals at work use kubernetes
"""
+lang: "en"
+isAdult: false
+favouriteCount: 28
+score: 0
+lastActive: DateTime @1720532755 {#1605
date: 2024-07-09 15:45:55.0 +02:00
}
+ip: null
+tags: null
+mentions: [
"@Shimitar@feddit.it"
]
+children: Doctrine\ORM\PersistentCollection {#1378 …}
+nested: Doctrine\ORM\PersistentCollection {#1371 …}
+votes: Doctrine\ORM\PersistentCollection {#2427 …}
+reports: Doctrine\ORM\PersistentCollection {#1902 …}
+favourites: Doctrine\ORM\PersistentCollection {#2485 …}
+notifications: Doctrine\ORM\PersistentCollection {#2483 …}
-id: 297660
-bodyTs: "'altern':62 'app':144,215 'attack':41 'bare':166,217 'beta':140 'bug':150 'chang':156 'common':225 'compos':184,194 'contain':32,55,60,95,132 'd':196 'day':47 'delet':99 'differ':202 'docker':183,193,221 'doubl':45 'downgrad':133 'download':76 'due':148 'easi':78 'escap':37,58 'everyth':18 'exploit':48 'final':174 'forgot':209 'fresh':179 'god':203 'guru':173 'home':232 'host':230 'imag':72 'incomprehens':81 'insid':30 'instal':9,213 'know':67 'kubernet':238 'launch':160 'let':13 'like':219,227 'limit':21 'liter':104 'make':123 'mess':126 'metal':167,218 'migrat':175 'minifi':79 'modul':116,119 'much':90,124 'need':43 'new':8,178,189 'node':118 'one':49,56 'order':35 'peopl':226 'perfect':223 'pray':199 'preview':141 'previous':136 'problem':4 'profession':234 'program':25,108 'python':115 'ran':27 'rce':52 're':146 'realli':66 'requir':89,114,168 'root':3,29,88 'rsync':187 'run':17,85,113,147 'script':83 'second':105 'self':229 'server':180,190 'system':129 'tag':158 'ten':201 'termin':172 'three':206 'trace':102 'tri':11 'trivial':153 'trust':92 'trustmeimtotallynotavirus.sh':82 'us':228 'use':237 'user':15,22 'usual':73 'version':137 'want':111 'work':236 'would':42 'year':207 'zero':46"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.it/comment/4826104"
+editedAt: null
+createdAt: DateTimeImmutable @1704928662 {#1377
date: 2024-01-11 00:17:42.0 +01:00
}
} |
|
Show voter details
|
| 3 |
DENIED
|
edit
|
App\Entity\EntryComment {#1394
+user: Proxies\__CG__\App\Entity\User {#1369 …}
+entry: App\Entity\Entry {#1810 …}
+magazine: App\Entity\Magazine {#313
+icon: Proxies\__CG__\App\Entity\Image {#294 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#321
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#285 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#281 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#270 …}
+entries: Doctrine\ORM\PersistentCollection {#228 …}
+posts: Doctrine\ORM\PersistentCollection {#186 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#248 …}
+bans: Doctrine\ORM\PersistentCollection {#165 …}
+reports: Doctrine\ORM\PersistentCollection {#151 …}
+badges: Doctrine\ORM\PersistentCollection {#129 …}
+logs: Doctrine\ORM\PersistentCollection {#119 …}
+awards: Doctrine\ORM\PersistentCollection {#108 …}
+categories: Doctrine\ORM\PersistentCollection {#95 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#322
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#316
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+parent: null
+root: null
+body: """
About the root problem, as of now new installs are trying to let the user to run everything as a limited user. And the program is ran as root *inside* the container so in order to escape from it the attacker would need a double zero day exploit (one for doing rce in the container, one to escape the container)\n
\n
The alternative to “don’t really know what’s in the image” usually is: “just download this Easy minified and incomprehensible trustmeimtotallynotavirus.sh script and run it as root”. Requires much more trust than a container that you can delete with no traces in literally seconds\n
\n
If the program that you want to run requires python modules or node modules then it will make much more mess on the system than a container.\n
\n
Downgrading to a previous version (or a beta preview) of the app you’re running due to bugs it’s trivial, you just change a tag and launch it again. Doing this on bare metal requires to be a terminal guru\n
\n
Finally, migrating to a new fresh server is just `docker compose down`, then rsync to new server, and then `docker compose up -d`. And not praying to ten different gods because after three years you forgot how did you install the app in bare metal like that.\n
\n
Docker is perfect for common people like us self hosting at home, the professionals at work use kubernetes
"""
+lang: "en"
+isAdult: false
+favouriteCount: 28
+score: 0
+lastActive: DateTime @1720532755 {#1605
date: 2024-07-09 15:45:55.0 +02:00
}
+ip: null
+tags: null
+mentions: [
"@Shimitar@feddit.it"
]
+children: Doctrine\ORM\PersistentCollection {#1378 …}
+nested: Doctrine\ORM\PersistentCollection {#1371 …}
+votes: Doctrine\ORM\PersistentCollection {#2427 …}
+reports: Doctrine\ORM\PersistentCollection {#1902 …}
+favourites: Doctrine\ORM\PersistentCollection {#2485 …}
+notifications: Doctrine\ORM\PersistentCollection {#2483 …}
-id: 297660
-bodyTs: "'altern':62 'app':144,215 'attack':41 'bare':166,217 'beta':140 'bug':150 'chang':156 'common':225 'compos':184,194 'contain':32,55,60,95,132 'd':196 'day':47 'delet':99 'differ':202 'docker':183,193,221 'doubl':45 'downgrad':133 'download':76 'due':148 'easi':78 'escap':37,58 'everyth':18 'exploit':48 'final':174 'forgot':209 'fresh':179 'god':203 'guru':173 'home':232 'host':230 'imag':72 'incomprehens':81 'insid':30 'instal':9,213 'know':67 'kubernet':238 'launch':160 'let':13 'like':219,227 'limit':21 'liter':104 'make':123 'mess':126 'metal':167,218 'migrat':175 'minifi':79 'modul':116,119 'much':90,124 'need':43 'new':8,178,189 'node':118 'one':49,56 'order':35 'peopl':226 'perfect':223 'pray':199 'preview':141 'previous':136 'problem':4 'profession':234 'program':25,108 'python':115 'ran':27 'rce':52 're':146 'realli':66 'requir':89,114,168 'root':3,29,88 'rsync':187 'run':17,85,113,147 'script':83 'second':105 'self':229 'server':180,190 'system':129 'tag':158 'ten':201 'termin':172 'three':206 'trace':102 'tri':11 'trivial':153 'trust':92 'trustmeimtotallynotavirus.sh':82 'us':228 'use':237 'user':15,22 'usual':73 'version':137 'want':111 'work':236 'would':42 'year':207 'zero':46"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.it/comment/4826104"
+editedAt: null
+createdAt: DateTimeImmutable @1704928662 {#1377
date: 2024-01-11 00:17:42.0 +01:00
}
} |
|
Show voter details
|
| 4 |
DENIED
|
moderate
|
App\Entity\EntryComment {#1394
+user: Proxies\__CG__\App\Entity\User {#1369 …}
+entry: App\Entity\Entry {#1810 …}
+magazine: App\Entity\Magazine {#313
+icon: Proxies\__CG__\App\Entity\Image {#294 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#321
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#285 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#281 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#270 …}
+entries: Doctrine\ORM\PersistentCollection {#228 …}
+posts: Doctrine\ORM\PersistentCollection {#186 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#248 …}
+bans: Doctrine\ORM\PersistentCollection {#165 …}
+reports: Doctrine\ORM\PersistentCollection {#151 …}
+badges: Doctrine\ORM\PersistentCollection {#129 …}
+logs: Doctrine\ORM\PersistentCollection {#119 …}
+awards: Doctrine\ORM\PersistentCollection {#108 …}
+categories: Doctrine\ORM\PersistentCollection {#95 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#322
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#316
date: 2023-12-25 04:10:26.0 +01:00
}
}
+image: null
+parent: null
+root: null
+body: """
About the root problem, as of now new installs are trying to let the user to run everything as a limited user. And the program is ran as root *inside* the container so in order to escape from it the attacker would need a double zero day exploit (one for doing rce in the container, one to escape the container)\n
\n
The alternative to “don’t really know what’s in the image” usually is: “just download this Easy minified and incomprehensible trustmeimtotallynotavirus.sh script and run it as root”. Requires much more trust than a container that you can delete with no traces in literally seconds\n
\n
If the program that you want to run requires python modules or node modules then it will make much more mess on the system than a container.\n
\n
Downgrading to a previous version (or a beta preview) of the app you’re running due to bugs it’s trivial, you just change a tag and launch it again. Doing this on bare metal requires to be a terminal guru\n
\n
Finally, migrating to a new fresh server is just `docker compose down`, then rsync to new server, and then `docker compose up -d`. And not praying to ten different gods because after three years you forgot how did you install the app in bare metal like that.\n
\n
Docker is perfect for common people like us self hosting at home, the professionals at work use kubernetes
"""
+lang: "en"
+isAdult: false
+favouriteCount: 28
+score: 0
+lastActive: DateTime @1720532755 {#1605
date: 2024-07-09 15:45:55.0 +02:00
}
+ip: null
+tags: null
+mentions: [
"@Shimitar@feddit.it"
]
+children: Doctrine\ORM\PersistentCollection {#1378 …}
+nested: Doctrine\ORM\PersistentCollection {#1371 …}
+votes: Doctrine\ORM\PersistentCollection {#2427 …}
+reports: Doctrine\ORM\PersistentCollection {#1902 …}
+favourites: Doctrine\ORM\PersistentCollection {#2485 …}
+notifications: Doctrine\ORM\PersistentCollection {#2483 …}
-id: 297660
-bodyTs: "'altern':62 'app':144,215 'attack':41 'bare':166,217 'beta':140 'bug':150 'chang':156 'common':225 'compos':184,194 'contain':32,55,60,95,132 'd':196 'day':47 'delet':99 'differ':202 'docker':183,193,221 'doubl':45 'downgrad':133 'download':76 'due':148 'easi':78 'escap':37,58 'everyth':18 'exploit':48 'final':174 'forgot':209 'fresh':179 'god':203 'guru':173 'home':232 'host':230 'imag':72 'incomprehens':81 'insid':30 'instal':9,213 'know':67 'kubernet':238 'launch':160 'let':13 'like':219,227 'limit':21 'liter':104 'make':123 'mess':126 'metal':167,218 'migrat':175 'minifi':79 'modul':116,119 'much':90,124 'need':43 'new':8,178,189 'node':118 'one':49,56 'order':35 'peopl':226 'perfect':223 'pray':199 'preview':141 'previous':136 'problem':4 'profession':234 'program':25,108 'python':115 'ran':27 'rce':52 're':146 'realli':66 'requir':89,114,168 'root':3,29,88 'rsync':187 'run':17,85,113,147 'script':83 'second':105 'self':229 'server':180,190 'system':129 'tag':158 'ten':201 'termin':172 'three':206 'trace':102 'tri':11 'trivial':153 'trust':92 'trustmeimtotallynotavirus.sh':82 'us':228 'use':237 'user':15,22 'usual':73 'version':137 'want':111 'work':236 'would':42 'year':207 'zero':46"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.it/comment/4826104"
+editedAt: null
+createdAt: DateTimeImmutable @1704928662 {#1377
date: 2024-01-11 00:17:42.0 +01:00
}
} |
|
Show voter details
|
| 5 |
DENIED
|
edit
|
App\Entity\Magazine {#313
+icon: Proxies\__CG__\App\Entity\Image {#294 …}
+name: "selfhosted@lemmy.world"
+title: "selfhosted"
+description: """
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
\n
Rules:\n
\n
- Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
- No spam posting.\n
- Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
- Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
- No trolling.\n
\n
Resources:\n
\n
- [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
- [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
- [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
\n
> Any issues on the community? Report it using the report flag.\n
\n
> Questions? DM the mods!
"""
+rules: null
+subscriptionsCount: 1
+entryCount: 222
+entryCommentCount: 3916
+postCount: 0
+postCommentCount: 0
+isAdult: false
+customCss: null
+lastActive: DateTime @1729582735 {#321
date: 2024-10-22 09:38:55.0 +02:00
}
+markedForDeletionAt: null
+tags: null
+moderators: Doctrine\ORM\PersistentCollection {#285 …}
+ownershipRequests: Doctrine\ORM\PersistentCollection {#281 …}
+moderatorRequests: Doctrine\ORM\PersistentCollection {#270 …}
+entries: Doctrine\ORM\PersistentCollection {#228 …}
+posts: Doctrine\ORM\PersistentCollection {#186 …}
+subscriptions: Doctrine\ORM\PersistentCollection {#248 …}
+bans: Doctrine\ORM\PersistentCollection {#165 …}
+reports: Doctrine\ORM\PersistentCollection {#151 …}
+badges: Doctrine\ORM\PersistentCollection {#129 …}
+logs: Doctrine\ORM\PersistentCollection {#119 …}
+awards: Doctrine\ORM\PersistentCollection {#108 …}
+categories: Doctrine\ORM\PersistentCollection {#95 …}
-id: 120
+apId: "selfhosted@lemmy.world"
+apProfileId: "https://lemmy.world/c/selfhosted"
+apPublicUrl: "https://lemmy.world/c/selfhosted"
+apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
+apInboxUrl: "https://lemmy.world/inbox"
+apDomain: "lemmy.world"
+apPreferredUsername: "selfhosted"
+apDiscoverable: true
+apManuallyApprovesFollowers: null
+privateKey: null
+publicKey: null
+apFetchedAt: DateTime @1703473826 {#322
date: 2023-12-25 04:10:26.0 +01:00
}
+apDeletedAt: null
+apTimeoutAt: null
+visibility: "visible "
+createdAt: DateTimeImmutable @1703473826 {#316
date: 2023-12-25 04:10:26.0 +01:00
}
} |
|
Show voter details
|