|
|
@ -14,20 +14,26 @@ If something exists, Bad Apple!! will be played on it, so [in this post](https:/
|
|
|
|
|
|
|
|
|
|
|
|
The exozyme server recently switched from LDAP to PAM for user management, so both @a and @iacore wrote articles about some of the subtleties of the standard user management systems on Linux and other Unix-like OSes. On Linux, PAM authentication by default requires being root or having access to the password hashes in `/etc/passwd`, but @a found that [it's possible to use a tool called SSSD](https://a.exozy.me/posts/pam-auth-without-access-etc-shadow/) to get around that for better security. [@iacore's article](https://www.1a-insec.net/frag/37-posix-login/), among other things, discusses how it's legal for a UID to have more than one username and its the cursed consequences. I can't really think of legitimate use cases for that, so I guess this is one example where POSIX has too much flexibility. Another prime example is how only the null character and slashes are forbidden in filenames. That opens up filenames to a whole host of sketchy characters like control characters and newlines that have no business being in filenames and just cause bugs.
|
|
|
|
The exozyme server recently switched from LDAP to PAM for user management, so both @a and @iacore wrote articles about some of the subtleties of the standard user management systems on Linux and other Unix-like OSes. On Linux, PAM authentication by default requires being root or having access to the password hashes in `/etc/passwd`, but @a found that [it's possible to use a tool called SSSD](https://a.exozy.me/posts/pam-auth-without-access-etc-shadow/) to get around that for better security. [@iacore's article](https://www.1a-insec.net/frag/37-posix-login/), among other things, discusses how it's legal for a UID to have more than one username and its the cursed consequences. I can't really think of legitimate use cases for that, so I guess this is one example where POSIX has too much flexibility. Another prime example is how only the null character and slashes are forbidden in filenames. That opens up filenames to a whole host of sketchy characters like control characters and newlines that have no business being in filenames and just cause bugs.
|
|
|
|
|
|
|
|
|
|
|
|
## Static Site Hosting Providers
|
|
|
|
## Static site hosting providers
|
|
|
|
|
|
|
|
|
|
|
|
If you are thinking about hosting a static site, [in this post](https://www.1a-insec.net/blog/52-static-site-hosting-providers/) @iacore covers 3 static site hosting providers and the experience using them.
|
|
|
|
If you are thinking about hosting a static site, [in this post](https://www.1a-insec.net/blog/52-static-site-hosting-providers/) @iacore covers 3 static site hosting providers and the experience using them.
|
|
|
|
|
|
|
|
|
|
|
|
## Executable toki pona
|
|
|
|
## Executable toki pona
|
|
|
|
|
|
|
|
|
|
|
|
https://www.1a-insec.net/blog/54-2048-in-tokipona/
|
|
|
|
TODO: https://www.1a-insec.net/blog/54-2048-in-tokipona/
|
|
|
|
|
|
|
|
|
|
|
|
## Hackathon!
|
|
|
|
## Hackathon!
|
|
|
|
|
|
|
|
|
|
|
|
https://git.exozy.me/exozyme/golfathon/ and status page fixes (can also mention increasing timeout and basic auth)
|
|
|
|
https://git.exozy.me/exozyme/golfathon/ and status page fixes (can also mention increasing timeout and basic auth) TODO
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Puzzle of the month is back!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
We sadly didn't have a puzzle last month, so to make up for that, you get several puzzles this time! Go to our [Golfathon repo](https://git.exozy.me/exozyme/golfathon/) and try out the problems. Have fun!
|
|
|
|
|
|
|
|
|
|
|
|
## @dragongoose DSP and SDR stuff? It was mentioned on Matrix a few weeks ago
|
|
|
|
## @dragongoose DSP and SDR stuff? It was mentioned on Matrix a few weeks ago
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
TODO
|
|
|
|
|
|
|
|
|
|
|
|
## Licensing exozine and the status page
|
|
|
|
## Licensing exozine and the status page
|
|
|
|
|
|
|
|
|
|
|
|
We recently noticed that both exozine and the status page didn't have licenses, so we chose CC BY-SA 4.0 for exozine and AGPL for the status page. However, it's not so simple: to license or relicense software, you have to ask all the contributors to agree to the new license! The two projects have four and seven contributors respectively, so it took two days to ask everyone. Fortunately, everyone agreed! For much larger projects, relicensing can be a major headache, such as the [Dolphin emulator going from GPLv2 to GPLv2+](https://dolphin-emu.org/blog/2015/05/25/relicensing-dolphin/).
|
|
|
|
We recently noticed that both exozine and the status page didn't have licenses, so we chose CC BY-SA 4.0 for exozine and AGPL for the status page. However, it's not so simple: to license or relicense software, you have to ask all the contributors to agree to the new license! The two projects have four and seven contributors respectively, so it took two days to ask everyone. Fortunately, everyone agreed! For much larger projects, relicensing can be a major headache, such as the [Dolphin emulator going from GPLv2 to GPLv2+](https://dolphin-emu.org/blog/2015/05/25/relicensing-dolphin/).
|
|
|
@ -46,4 +52,8 @@ Note from @a: I recently switched from Nextcloud to Syncthing for file sync and
|
|
|
|
|
|
|
|
|
|
|
|
## https://daudix.codeberg.page/blog/rewriting-neocities-website/
|
|
|
|
## https://daudix.codeberg.page/blog/rewriting-neocities-website/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
TODO
|
|
|
|
|
|
|
|
|
|
|
|
## https://a.exozy.me/posts/end/
|
|
|
|
## https://a.exozy.me/posts/end/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
TODO
|
|
|
|