GustavoM

GustavoM, 1 year ago (edited 1 year ago)

Curiosity, mostly. And Ubuntu giving away freebies.

Took me a couple years to get out of the “Why change a winning team?” mentality and my baby duck syndrome.

GustavoM, 1 year ago

Arch on my “desktop PC”, Armbian on my rpi 4, Dietpi soon ™ on my Orange pi zero 3.

GustavoM, 1 year ago

So… install a minimal distro image and the usual with the only caveat of being forced to type something that I want to run in the CLI instead of setting up hotkeys? Such challenge, much horror.

GustavoM, 1 year ago

I drink water. So does my wife. Haha

GustavoM, 1 year ago

This. Edit /etc/sources/apt, switch to sid, sudo apt update and you’ll have “a better ubuntu.”

GustavoM, 1 year ago

Yep. Did this on my orange pi zero 3 (which has no support on Linux) and it worked. :^)

GustavoM, 1 year ago

Any distro is “stable” if you know how to use it.

A-bleeping-men. All GNU/Linux distros are equally good.

GustavoM, 1 year ago

Eh, I don’t have anything “complex” to add, other than buying a raspberry pi and using it as a DNS sinkhole/recursive dns under docker/ipvlan network, and then “hiding” it behind a macvlan connection + ufw. Been doing this over several years and never had any problems with it. You can even use it as a music player of sorts by configuring a hotkey to bring up mpv with a playlist, and another one to close it. Oh, and even as a “live stream player 24/7” if you are into it.

GustavoM, 1 year ago

Not really relevant, but I’ve got a “rule of thumb” for all security-related issues;

“If it doesn’t nuke my PC, then I’m good. If it does, then I’m still good since backups and logs exist, and if it was related to the latest seucirty issue? Then I make a quick patch and/or update. Then back to 1.”

GustavoM, 1 year ago

Glad to hear! Thanks.

GustavoM, 1 year ago

Because I’m doing this as a “self-learning” process. Plus, docker is an excellent tool and even “silly” images like this one can give me an edge while looking for (more) jobs, so there’s that. Coding could grant me the same “edge” as well yes, but docker has “more value” since it requires you to code -AND- to have some knowledge/depth regarding typical “dockerization” processes.

GustavoM, 1 year ago

Eh, that was meant to be a slight mockery for “ex-redditors” (since they are mostly composed of “downvote-happy” users).

GustavoM, 1 year ago

Oh. Thank you then. :p

GustavoM, 1 year ago

Eh…the usual “FROM: alpine:edge”, pull everything in with git, change the code as needed, static compiling everything, strip dead code out of the binary, send the binary in a scratch image and then assigning a non-root user to it.

GustavoM, 1 year ago

OH COME ON MAN

GustavoM, 1 year ago

“But can Linux install things via a single .exe file? HAHAH EAT IT NERD!”

• 10’ish years ago past me, before discovering the magical wonders of the package manager

GustavoM, 2 years ago

Stop talkimg about your ex, Cartman.

GustavoM, 2 years ago (edited 1 year ago)

Alright, first one returned me “bash: alias: nano: not found”. Second one, “nano is hashed (/usr/bin/nano)”. Third one, my sudoer username. And the fourth one shows my sudoer username at the top of the list, with both uid and gid at 1000.

And I honestly can’t really think of much to add, other than the username in the docker image being completely nonexistant (It’s just a bunch of numbers, and it doesn’t even have a name). I don’t know, maybe someone managed to breach the container and gave this “nonexistant user” root privileges but haven’t managed to do much or something like that. I’m not that much of a tech savvy, but I guess it doesn’t hurt to try to guess something. Maybe there is something inside the container? Idk, I’m gonna (try to) check it out (It’s a “distroless” image – it doesn’t even have a shell in it.).

GustavoM, 2 years ago

Just did it, and it shows my sudoer username with ownership of the created file. umask returns me 0002.

GustavoM, 2 years ago

No and yes. And it returns me only a single line with $mysudoerusername 28596 0.0 0.1 5896 2016 pts/0 5+ 15:52 0:00 grep nano.

GustavoM, 2 years ago

-rw-rw-r-- 1 $sudoer $sudoer $date $createdfilename.

GustavoM, 2 years ago

No. ps aux remains the same. And yes, “My sudoer username” is my non-root user with sudo privileges. Therefore, the “sudoer”.

And I’m not really “pulling my hair out” because of this, honestly – just curious if this can be mentioned as a hack, a hack attempt, or whatevertheheck. Because this is the first time in my entire life that this happened with me, so yep.

GustavoM, 2 years ago (edited 1 year ago)

Just adding more (relevant) info, since its my “security hole” as of now. As mentioned in the OP.

GustavoM, 2 years ago

I already talked about it in this thread – it shows my sudoer username on both columns.