Chambers of commerce should be urgently talking with the FTC to try to stave off an imminent forced tax on their members, by Slack. NB: I have no vested interest in any company mentioned here, unless my retirement index-tracker fund has done so, in which case I'm probably hurting myself by writing this. Slack as a company makes Slack, the product. It’s for team communications and basic use is free but there are paid tiers which bill per active user.
Today I took a look at one particular git repository's configuration and saw something slightly off in the configuration for a credential helper, dating from an old experiment with AWS CodeCommit. I decided to dig deeper to figure out what the actual rules are for shell commands inside git configuration files. This side-diversion took a bit longer than expected. It's a Sunday. Ah well. I've seen too much cargo-culted incorrect information online, so it was time to figure out an accurate answer.
My home router is a Turris Omnia, which provides the option for running LXC containers; I use this for SSH jumphosts and other such things as belong “on the router itself”. Last night I decided that it was time to install an Alpine Linux container, to complement the Debian container which has been predominantly used to date. This presented a few issues, but all was done. In this post: networking from no-network, CIDR (classless) routes accepted over DHCP, and other quirks.
Using macOS with Docker can be “interesting”. When I got started, I followed the useful advice at https://pilsniak.com/how-to-install-docker-on-mac-os-using-brew/. This approach appealed to me, especially the use of xhyve. Because sometimes I just make life difficult for myself. Thus my initial setup was: brew install docker docker-machine xhyve docker-machine-driver-xhyve f=/usr/local/opt/docker-machine-driver-xhyve/bin/docker-machine-driver-xhyve sudo chown root:wheel $f; sudo chmod u+s $f # because yay, more setuid root binaries; it's written in Go, which is # something at least.
I'd like to set a couple of things straight, for the record. I'll cover the post/blog, and then I'd like to counter some misconceptions. While part of me thinks “I must've been very unclear to have so many people misunderstand”, I also saw how many people commented without bothering to read, so really there's a limit to how much self-flagellation will happen. I am not a security researcher. I do not try to get bug bounties.