Is everybody aware that GitLab CI+docker-executor produces world-writable files?

This is a question for feedback, to find if the problem has a widespread impact.
Situation:
When using GitLab CI with the docker-executor, the ‘git clone’ of the repository in use is done with umask 0000,
This effectively makes all cloned … Continue reading Is everybody aware that GitLab CI+docker-executor produces world-writable files?

Build 2024: Microsoft to Update the Windows 11 Developer Experience

During its Build 2024 keynote, Microsoft revealed several updates to the Windows 11 developer experience spanning Dev Home, Dev Drive, WSL, and more.
The post Build 2024: Microsoft to Update the Windows 11 Developer Experience appeared first on Thurrot… Continue reading Build 2024: Microsoft to Update the Windows 11 Developer Experience

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)

New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a “clone” operation. About Git Git is a widely-popular distributed versio… Continue reading Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)