Quotidien Shaarli

Tous les liens d'un jour sur une page.

07/08/25

sudo without a setuid binary or SSH over a UNIX socket

In this post, I will detail how to replace sudo (a setuid binary) by using SSH over a local UNIX socket.

I am of the opinion that setuid/setgid binaries are a UNIX legacy that should be deprecated. I will explain the security reasons behind that statement in a future post.

This is related to the work of the Confined Users SIG in Fedora

Le retour du root : SSH au lieu de su/sudo

En lieu et place de sudo, je préfère utiliser SSH. Je détaille dans cet article mon utilisation d'SSH et ma configuration pour réduire sa surface d'attaque. Accessoirement, je me plains encore.

Why you might want to use bcrypt for web applications

Why you might want to use bcrypt for web applications

Beyond Bcrypt

In 2010, bcrypt was the only clearly good answer for password hashing in most programming languages.

In the intervening almost fifteen years, we’ve learned a lot more about passwords, password cracking, authentication mechanism beyond passwords, and password-based cryptography.