baod_rate, baod_rate@programming.dev
Instance: programming.dev
Joined: a year ago
Posts: 0
Comments: 4
Posts and Comments by baod_rate, baod_rate@programming.dev
Posts by baod_rate, baod_rate@programming.dev
Comments by baod_rate, baod_rate@programming.dev
you’re not wrong but you could’ve delivered that more nicely lmfao
personally, I find it useful as a crude heuristic for identifying software that probably won’t make someone wake me up in the middle of the night because it crashed because of some ridiculous bug caused by the dev doing clumsy ad hoc string parsing or poor null checking (more common than memory safety issues, IME)
There’s generally a culture of comprehensiveness and solidity I find lacking in most mainstream programming communities
Debian says they intentionally opted not to remove these images from Docker Hub and to leave them as historical artifacts, telling users to only use up-to-date images and not old ones.
The maintainers made this decision as they believe the requirements for exploitation are unlikely, such as requiring sshd installed and running on the container, the attacker having network access to the SSH service on that container, and using a private key that matches the backdoor's trigger logic.
Idk that seems pretty reasonable to me. I think I've eojly ever needed to enable ssh on a container once
SQLite continues to be the "Do Nothing. Win" of databases
you’re not wrong but you could’ve delivered that more nicely lmfao
personally, I find it useful as a crude heuristic for identifying software that probably won’t make someone wake me up in the middle of the night because it crashed because of some ridiculous bug caused by the dev doing clumsy ad hoc string parsing or poor null checking (more common than memory safety issues, IME)
There’s generally a culture of comprehensiveness and solidity I find lacking in most mainstream programming communities
Idk that seems pretty reasonable to me. I think I've eojly ever needed to enable ssh on a container once
SQLite continues to be the "Do Nothing. Win" of databases