Collaborate Disseminate
I have a Laravel 5.8 app in a server running Apache/2.4.53 (cPanel) and PHP 7.4 (ea-php74) and i have VPS root WHM/cPanel access there. as any Laravel project, the "public" directory is web accessible and the subdomain points to … Continue reading unknown (malicious?) code and file in public dir (Laravel 5.8, apache/cPanel)
If there is a program written by a normal user that requires root privileges (eg. a program that interacts with root processes) what is the difference between running this program using sudo vs. changing the program permissions with chown … Continue reading Security difference between changing permissions versus using sudo to execute
We’re currently trying to prioritize our mitigations for CVE-2021-44228.
The obvious priority is to deal with any Internet facing java (apache?) applications that use a vulnerable log4j library and\or Java binary first.
For multi-user Linu… Continue reading Clarification on log4j Service Requirements
I’ve looked extensively for a duplicate question, but I couldn’t find anything that answers this question exactly.
I have a SQL Server that will be used to store data for a multi-tenant application. Every tenant will have their own databas… Continue reading How should SQL Server users be managed for a multi-tenant application?
How do Android devices (at least all the non-enterprise personal devices I remember owning) display the wallpaper (usually chosen from the ‘downloads’ folder) on the lock screen when it first is turned on if the image file is supposed to b… Continue reading Storage access permissions before initial unlock upon startup
When I use scp to upload file to server using scp:
scp -o "StrictHostKeyChecking no" -i "${rsa_key}" /local/file.txt "me@server:~/"
Now when I check this file permission, I got the following:
770:-rwxrwx— … Continue reading SCP and rsync upload getting weird group name
When I use scp to upload file to server using scp:
scp -o "StrictHostKeyChecking no" -i "${rsa_key}" /local/file.txt "me@server:~/"
Now when I check this file permission, I got the following:
770:-rwxrwx— … Continue reading SCP and rsync upload getting weird group name
These days I see many apps request access to photos on iPhone. I understand app request access to photos to iOS which then request access to me, that sounds ok. In that context I can allow access to all photos or just some (I don’t rememb… Continue reading What happens when app have access to your photos?
I’m trying to understand what the permissions granted to a Google Drive connected app actually mean. The example I’m looking at is MindMup 2 For Google Drive, but it could be almost any as the permissions requested seem typical.
Google Acc… Continue reading Actual Meaning of Google Drive App Permissions?
Is it possible to restrict access to the registry keys, just like Microsoft does on some of the keys(ex. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend)?
I was able to get a similar result by setting SYSTEM owner to the key… Continue reading Secure Registry Keys