Quotidien Shaarli
07/08/25
In this post, I will detail how to replace sudo (a setuid binary) by using SSH over a local UNIX socket.
I am of the opinion that setuid/setgid binaries are a UNIX legacy that should be deprecated. I will explain the security reasons behind that statement in a future post.
This is related to the work of the Confined Users SIG in Fedora
En lieu et place de sudo, je préfère utiliser SSH. Je détaille dans cet article mon utilisation d'SSH et ma configuration pour réduire sa surface d'attaque. Accessoirement, je me plains encore.
Why you might want to use bcrypt for web applications
In 2010, bcrypt was the only clearly good answer for password hashing in most programming languages.
In the intervening almost fifteen years, we’ve learned a lot more about passwords, password cracking, authentication mechanism beyond passwords, and password-based cryptography.