Sudo Flaw Lets Linux Users Run Commands As Root Even When They’re Restricted

What’s more interesting is that this flaw can be exploited by an attacker to run commands as root just by specifying the user ID “-1” or “4294967295.”

That’s because the function which converts user id into its username incorrectly treats -1, or its unsigned equivalent 4294967295, as 0, which is always the user ID of root user..

Source: Sudo Flaw Lets Linux Users Run Commands As Root Even When They’re Restricted

Computer historians crack passwords of Unix’s early pioneers

Dennis MacAlistair Ritchie’s was “dmac”, Bourne’s was “bourne”, Schmidt’s was “wendy!!!” (his wife’s name), Feldman’s was “axlotl”, and Kernighan’s was “/.,/.,”.

Source: Computer historians crack passwords of Unix’s early pioneers / Boing Boing

and Ken Thompson’s was “p/q2-q4!” (chess notation for a common opening move).

CentOS 8 is finally here

CentOS offers a bit of a different take on installing and updating packages. First off, the default package manager has migrated from YUM to DNF. The command structure for each is quite similar, so instead of running a command like:

sudo yum install httpd

You’d issue the command:

sudo dnf install httpd

For more information on DNF, see How to use the DNF package manager.

Source: CentOS 8 is finally here – TechRepublic

Why putting a script in /etc/cron.hourly is not working?

As you’ve probably seen in the comments to your question, the cronjobs in /etc/cron.hourly (and the other, similar directories) are executed by run-parts. run-parts is a little picky about filenames. By default it doesn’t execute files whose filenames contain anything other than (all of those from ASCII)

  • uppercase letters
  • lowercase letters
  • digits
  • underscores
  • dashes (“minus signs”)

So if your script has a filename of for example “myscript.sh”, it just is ignored, because run-parts does not like the dot.

Source: Why putting a script in /etc/cron.hourly is not working? – Ask Ubuntu

LOL!

How to Free up Unused Memory in Ubuntu/Linux Mint

In this tutorial, we will see how to use the terminal to clean up unused memory that was not released properly after being used by your system. No need to use any third-party software, just a few commands will do the job pretty easily.

Source: How to Free up Unused Memory in Ubuntu/Linux Mint

Have a little problem with a server freezing which might be memory related.  This simple tutorial was very helpful.

You can free up unused memory under Ubuntu/Linux Mint using this command:

sudo sysctl -w vm.drop_caches=3

Linux systemd Affected by Memory Corruption Vulnerabilities, No Patches Yet

The bugs exist in ‘journald’ service, tasked with collecting and storing log data, and they can be exploited to obtain root privileges on the target machine or to leak information. No patches exist at the moment.

Source: Linux systemd Affected by Memory Corruption Vulnerabilities, No Patches Yet

Windows Isn’t a Service; It’s an Operating System

An operating system that runs on millions of different hardware configurations is not a service. It can’t be updated as easily, and you’ll run into issues with hardware, drivers, and software when you change things. The upgrade process isn’t instant and transparent—it’s a big download and can take a while to install.

Source: Windows Isn’t a Service; It’s an Operating System

Researcher finds simple way of backdooring Windows PCs and nobody notices for ten months

The technique does not allow a hacker to remotely infect a computer unless that computer has been foolishly left exposed on the Internet without a password.

Source: Researcher finds simple way of backdooring Windows PCs and nobody notices for ten months | ZDNet

Since registry keys are also boot persistent, any modifications made to an account’s RID remain permanent, or until fixed.