I like btdu which is essentially ncdu, but works in a way that is useful even if advanced btrfs features (CoW, compression etc.) are used.
- 0 Posts
- 5 Comments
Joined 1 year ago
Cake day: June 26th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
10·6 months agoI am afraid you are still a bit misled; WireGuard is exactly what they use for the demo video. In general the underlying protocol does not matter, since the vulnerability is about telling the system to direct the packages to the attacker, completely bypassing the VPN.
My understanding is that all issues are patched in the mentioned releases, the config flag is not needed for that.
The config flag has been added because supporting clients with different endianness is undertested and most people will never use it. So if it is going to generate vulnerabilities, it makes sense to be able to disable it easily, and to disable it by default on next major release. Indeed XWayland had it disabled by default already, so only the fourth issue (
ProcRenderAddGlyphs) is relevant there if that default is not changed.
4·7 months agoI got curious and decided to check this out. This value was set to the current one in 2009: https://github.com/torvalds/linux/commit/341c87bf346f57748230628c5ad6ee69219250e8 The reasoning makes sense, but I guess is not really relevant to our situation, and according to the newest version of the comment 2^16 is not a hard limit anymore.
It seems OP wanted to pass the file name to
-k, but this parameter takes the password itself and not a filename:-k password The password to derive the key from. This is for compatibility with previous versions of OpenSSL. Superseded by the -pass argument.So, as I understand, the password would be not the first line of
/etc/ssl/private/etcBackup.key, but the string/etc/ssl/private/etcBackup.keyitself. It seems that-kfile /etc/ssl/private/etcBackup.keyor-pass file:/etc/ssl/private/etcBackup.keyis what OP wanted to use.