• 0 Posts
  • 33 Comments
Joined 2 years ago
cake
Cake day: June 16th, 2023

help-circle






  • so uh … I’ve been sorta contemplating preinastalled hardware. Think a mini pc you plug into your router. Or even a minipc that replaces your router and has a clean UI for picking a handful of curated self-hosted stuff you want.

    You could buy the hardware as a simple jumping off point to learn more or (and here is where I am not sure if there’s a market) you could pay me (or other sysadmins like me) to support it.

    What if self-hosted stuff worked a bit like your HVAC,. electrical or plumbing?









  • Mprotect stops any read and write and execute access to memory in both user and kernel lands (only rx or wx). Stuff like web browsers won’t work unless you have a program to mark it in elf to not use pax. However, this kills a lot of exploits with that turned on by itself (though there are probably work arounds if you are developing exploits which the other features would hopefully catch). That’s why people installed 3rd party unmainlined security patches, but that’s just me maybe idk.

    I am having a hard time following what this does or why this is desirable. You’re saying there’s a patch this thing provides that … disables memory access … unless a flag is set in an executable … which will then bypass the security?