Help
RSS
API
Feed
Maltego
Contact
Domain > blog.bofh.it
×
Welcome!
Right click nodes and scroll the mouse to navigate the graph.
×
More information on this domain is in
AlienVault OTX
Is this malicious?
Yes
No
DNS Resolutions
Date
IP Address
2025-02-02
85.94.204.146
(
ClassC
)
Port 443
HTTP/1.1 200 OKContent-Type: text/htmlLast-Modified: Sun, 11 Feb 2024 16:12:14 GMTETag: 4c3e4c870989fdd3275f170e34ab1503Content-Length: 40699Strict-Transport-Security: max-age15768000Accept-Ranges: by !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01//EN>html>head>title>Md at debian.org/title>meta nameviewport contentwidthdevice-width, initial-scale1>meta http-equivContent-Type contenttext/html; charsetutf-8>link relshortcut icon href/favicon.ico>link relstylesheet typetext/css href/styles.css titleblue>link relalternate typeapplication/rdf+xml titleRSS href/?formatxml>link relalternate typeapplication/atom+xml titleATOM href/?formatatom>link relopenid.server hrefhttp://www.myopenid.com/server>link relopenid.delegate hrefhttp://rfc1036.myopenid.com/>link relmeta typeapplication/rdf+xml titleFOAF href/foaf.rdf>meta nameICBM content45.46388, 9.05500>/head>body>h1>Md at debian.org/h1>h2 classdescription>tales of a debian maintainer/h2>div idcontent> div classarticle> span classarticle-date>Sun, 11 Feb 2024/span> h3>a namedebian/468>Extending access to the systemd RuntimeDirectory with a POSIX ACL/a>/h3> p>a hrefhttps://packages.debian.org/sid/inn2>inn2/a> uses ephemeral UNIX domain sockets in tt>/run/news//tt> to communicate with the tt>ctlinnd/tt> program. Since the directory is only writeable by the news user, other unprivileged users are not able to use the command./p>p>I solved this by extending the tt>inn2.service/tt> systemd unit with a drop-in file which uses tt>setfacl/tt> to give access to my user md to the tt>RuntimeDirectory/tt> created by systemd. This is the content of tt>/etc/systemd/system/inn2.service.d/md-ctlinnd.conf/tt>:/p>pre classcode>Service# innd will change the permissions of /run/news/ when started: without# creating it now with mode 0775 then that will change the ACL mask.RuntimeDirectoryMode0775# allow user md to run ctlinnd(8), which creates sockets in /run/news/ExecStartPost/usr/bin/setfacl --modify user:md:rwx $RUNTIME_DIRECTORY/pre>p>The non-obvious issue here is that the innd daemon on startup will change the directory permissions in a way which sets a more restrictive (non group-writeable) a hrefhttps://www.oreilly.com/library/view/network-security-hacks/0596006438/ch01s05.
View on OTX
|
View on ThreatMiner
Please enable JavaScript to view the
comments powered by Disqus.
Data with thanks to
AlienVault OTX
,
VirusTotal
,
Malwr
and
others
. [
Sitemap
]