markstos

markstos , 1 month ago to Technology in Delivery Goes Wrong: New Cybertruck Slices Owner's Wrist During Inspection

Lower hood bonnet height. So victims get thrown on the hood with a better chance of survival. With a high hood height, people are more likely to get knocked down and run over.

markstos , 1 month ago to Selfhosted in Hosting a writefreely.org instance

Ghost is working on adding ActivityPub to their self-hostable blog software now.

markstos , 1 month ago to Selfhosted in Generate document from templates and database

I’ve generated HTML before and then used an HTML to PDF converter as a second step. If you were already familiar with building building webpages, this might be a good option.

markstos , 1 month ago to Selfhosted in Rootless podman adguard home failing [SEMI-SOLVED]

In both cases of rootless and rootful-with-non-root process your process is running as a non-root user with respect to the host.

To break out the container will require two steps. First, adguard itself must be exploited. A second exploit is then required elevate privileges from the adguard user to root.

If your attacker successfully gets that far, then having a rootless container would matter, because in a rootful container, root in the container equals root on the host. In a rootless container, "root" only gives you the abilities of the user running the rootless container.

But as you've found, rootless containers can be a pain.

Making sure your container is running as non-root user in a rootful container is better than giving up.

markstos , 1 month ago to Selfhosted in Rootless podman adguard home failing [SEMI-SOLVED]

You can get similar security in rootful mode, by making sure within the container the adguard binary is not running as root.

markstos , 1 month ago to Selfhosted in A friend joked about making accounts for their dog on self hosted services, so that it could turn lights on and off. What are some unconventional things you've seen for pets and homelabs?

My dog authenticates access to back yard with a Yubark Key that works over the wireless audio network.

markstos , 1 month ago to Memes in Zuckerberg meme

It’s all true. The bird muscle, the animal flesh, the carcasses and the propensity of humans to cook it so we can tolerate eat it. This is unlike obligate carnivores like our cats which enjoy ripping the flesh off the bone with their teeth and eating the bird muscle right off the fresh carcass.

markstos , 1 month ago to Memes in Zuckerberg meme

Vegans already think about grilling meat in terms of charring animal carcasses.

markstos , 2 months ago to linuxmemes in Well that wasn't what I expected had happened to neofetch.

I mean, had it been rewritten in Rust yet?

markstos , 2 months ago to Selfhosted in What to be aware of before opening port 25 on a postfix Raspberry Pi?

Agreed. I used to host email professionally and would not recommend managing your own mail server. It will constantly be under attack by spammers and if the inbox email address is exposed at all, soon 90% of incoming mail will be spam and you’ll need antispam software to filter it.

markstos , 2 months ago to Selfhosted in VPN into Homenetwork Security

Agreed. Tailscale is very easy to setup.

markstos , 2 months ago to Selfhosted in Recommendations please: Self-hosted web site analytics

I also host Matomo. It was easy to install and has been easy to maintain.

markstos , 2 months ago to Tesla in Tesla asks shareholders to approve Texas move and restore Elon Musk’s $56B pay

The same week they’re laying off 14,000 employees?

markstos , 2 months ago to Selfhosted in Do you encrypt your data drives?

It’s defense in depth. If I encrypt a rarely used file, capturing my keystrokes will eventually work, but it might be weeks or months before I return to decrypt that file. In the meantime, I might have realized I was hacked and restore the system.

markstos OP , 2 months ago to Selfhosted in Recommendation for outgoing-only SMTP server

In the issue I linked, the msmtp author makes a distinction with changing the envelope recipient, which msmtp can do, with rewriting the email headers like “To”, which msmtp does not do.