Episode 276: CGroups Vulnerability Explained

In this episode we answer your questions then explain that latest vulnerability in Linux! -- During The Show -- 00:50 Steve's Week iSCSI targets 01:50 Charlie asks about Liquid Sensor 12V Liquid Level Sensor Switch Relay Module (https://www.aliexpress.com/item/1005003118991336.html) Very DIY 05:20 Contact Sensors and Home Assistant Feedback - The Linux Trucker Moved to ESPHome ESPHome (https://esphome.io/) vs Tasmota (https://tasmota.github.io/docs/) Nextion Screens (https://nextion.tech/) Tasmotizer (https://github.com/tasmota/tasmotizer) 11:15 Experience from a Data Center - Ronald Rack ATS (https://www.apc.com/shop/us/en/products/RACK-ATS-230V-16A-C20-IN-8-C13-1-C19-OUT/P-AP4423) iLO = Energy Vampire Flashable Smart Plugs (http://www.amazon.com/dp/B09JZDSLNC/?tag=minddripmedia-20) 17:40 Containers & Home Assistant questions - Tyler Docker vs Podman Containerized UniFi Controller Home Assistant Core and Supervisor Home Assistant Backup/Migration Code Ready Containers (https://developers.redhat.com/products/codeready-containers/overview) Single Node OpenShift (https://upstreamwithoutapaddle.com/blog%20post/2022/01/16/Let-It-Sno.html) 24:40 Keith suggestion for the show Show for electricians going opensource? Please write back in! 27:50 Baby Monitor Feedback - Ciaran IR Light Exposure 29:45 Pick of the Week MD-to_PDF (https://www.npmjs.com/package/md-to-pdf) Markdown to PDF on the CLI cat file.md | md-to-pdf > path/to/output.pdf 32:43 Steve - WikiJS Wiki.JS (https://docs.requarks.io/) Markdown Wiki WYSIWYG Editor 36:09 News Wire Rocket Chat and Nextcloud (https://news.itsfoss.com/rocket-chat-nextcloud-collaboration/) AMDGPU Linux Driver Update (https://wccftech.com/amdgpu-linux-driver-update-allows-multiple-users-across-several-engines-to-execute-simultaneously/) Wii U Linux Patches (https://www.phoronix.com/scan.php?page=news_item&px=Wii-U-March-2022-Linux) CVE-2022-0492 High-Severity Container Escape Vulnerability Unit 42 (https://unit42.paloaltonetworks.com/cve-2022-0492-cgroups/) Hacker News (https://thehackernews.com/2022/03/new-linux-kernel-cgroups-vulnerability.html) Dirty Pipe (https://www.zdnet.com/article/dirty-pipe-linux-vulnerability-discovered-fixed/) Package Typo Squatting (https://www.computing.co.uk/news/4045953/researchers-warn-malicious-typosquatting-packages-open-source-repositories) Open Source Security Foundation gains 23 New Members (https://venturebeat.com/2022/03/01/the-open-source-security-foundation-gains-support-from-huawei-spotify-and-23-new-organizations/) LISH and OpenSSF List Top 1000 Libraries ZDnet (https://www.zdnet.com/article/the-top-1000-open-source-libraries/) DevOps.com (https://devops.com/linux-foundation-lists-top-open-source-libraries/) Steam Survey (https://www.phoronix.com/scan.php?page=news_item&px=Steam-Survey-February-2022) PolyCoder (https://venturebeat.com/2022/03/04/researchers-open-source-code-generating-ai-they-claim-can-beat-openais-codex/) Armbian 22.02 Released (https://www.theregister.com/2022/03/03/armbian_project_releases_version_2202/) Nitrux 2.0.1 (https://9to5linux.com/nitrux-2-0-1-switches-to-mesa-22-1-by-default-for-linux-gaming-ships-with-kde-plasma-5-24-lts) Budgie 10.6 Released (https://github.com/BuddiesOfBudgie/budgie-desktop/releases/tag/v10.6) 38:00 C Groups Vulnerability Containers Basics CVE-2022-0492 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0492) How it works SELinux and AppArmor Protect you Network Name Spaces Learn SELinux (Do Not Shut it off) Permissive Mode Who is at risk Linux Name Spaces (https://www.redhat.com/sysadmin/7-linux-namespaces) PID Name Space (https://www.redhat.com/sysadmin/pid-namespace) UTS Name Space (https://www.redhat.com/sysadmin/uts-namespace) Mount Name Spaces (https://www.redhat.com/sysadmin/mount-namespaces) Building Container Name Spaces (https://www.redhat.com/sysadmin/building-container-namespaces) CGroups Series Part 1 (https://www.redhat.com/sysadmin/cgroups-part-one) Part 2 (https://www.redhat.com/sysadmin/cgroups-part-two) Part 3 (https://www.redhat.com/sysadmin/cgroups-part-three) Part 4 (https://www.redhat.com/sysadmin/cgroups-part-four) -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/276) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they’re excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed) Special Guest: JT Pennington.