* Posts by Blasio Muscat

5 posts • joined 24 Jul 2007

Oh ****... Sudo has a 'make anyone root' bug that needs to be patched – if you're unlucky enough to enable pwfeedback

Blasio Muscat

You want to look at /etc/sudoers.d/0pwfeedback. Change its contents to:

Default !pwfeedback

or just remove the file until sudo gets patched.

Kernel.org Linux repository rooted in hack attack

Blasio Muscat

Git uses the SHA1 to uniquely identify blobs/trees/commits. It was/is not intended to provide security, although that is a desirable side effect.

Blasio Muscat

Normally you'd pull in commits on the branches you're interested in when you need them, rather than pulling in all branches in a cron job. Still, if you did have such an automated process and someone messed with the source repository the pull would fail.

An attacker could however add commits at the tip of any branch and those would get through.

Pope praises Galileo, celebrates the Solstice

Blasio Muscat

Actually he did not say Meridian...

The word he used is 'Meridiana', which is italian for Sundial. What the pope says in his speech is that the obelisk at the centre of the square, together with the shape of the square itself act as a giant sundial.

Astronauts chuck fridge off space station

Blasio Muscat

Re: Probability

Actually there's a probability of 1 in 5000 that it will hit anyone at all. The probability that it hits you if it does hit someone would be 1/6.6billion assuming a uniform distribution, but since it's in orbit around the earth, the probability is much higher under the orbit, and tapers out to zero the farther out you move. Quite frankly I've no idea what the actual distribution ends up being. I'd guess Guassian with a really tight sigma.


Biting the hand that feeds IT © 1998–2020