I’d also like to know, is there a way to just turn off this ipv6 trashfire? Preferably in a universal, cross-distro way?
Seems like the most universal way is: GRUB_CMDLINE_LINUX_DEFAULT=“ipv6.disable=1 quiet splash”
I’d also like to know, is there a way to just turn off this ipv6 trashfire? Preferably in a universal, cross-distro way?
Seems like the most universal way is: GRUB_CMDLINE_LINUX_DEFAULT=“ipv6.disable=1 quiet splash”
None. Dashy’s authentication was famously literally security theatre even with Keycloak. You could just pause the load in browser and have full access to the config. Because it let you iframe whatever you could now do so with local services to enum. Somehow Jellyfin is unbustable though. So it’s a bit of a crapshoot. Look at past vulnerabilities. Stuff like XSS unless stored you don’t need to worry about, clickjacking, tab nabbing etc. On the other hand anything that’s arbitrary file read, SQLI, RCE, LFI, RFI, SSRF etc. I would look at seriously. E.g. don’t make your 13ft public because it can be used to literally enumerate your entire private network.
Yes I host everything public with cloudflare tunnels. Everything more heavy is VPN with DDNS on invite basis to friends and fam. For the former it’s Hassle-free HTTPS, no reverse proxy, no firewall, no nonsense.
That’s awesome. Glad we’re finally automating the most important things in life - internet arguments.
I used Linux for work. It was fine until we migrated to O365 from workspace. I’ve found enough workarounds that no one complains.
So basically you’re using Unix sockets on your LAN level between nginx and internal machines for finer grained access control and because you’re running out of ports. That’s really cool! I’ll have to read into this myself.
Compatible with Unix sockets?
Screenfetch :)
God that ages me.
Ah didn’t realize you were actually using slackware, my bad, I thought you were just referencing the slackware approach of a full install
Also I would not assume that deleting them and renaming them has the same effect. Unless you’ve seen the source code and can confirm how it works, the pattern matching for files could be something that looks for anything in that folder, or anything containing .desktop (if you renamed them like .desktop -> .desktop.hidden)
Based on a quick Google search it’s a bug in KDE, and even uninstalling the application does not always remove it from the menu.
That can be problematic because if OP installed via graphical install, it will uninstall the entire desktop, as likely the way the meta packages are structured - apt will think KDE Plasma was just installed as a dependency of KDE games or something and remove it alongside.
OP if you just want to hide it, perhaps deleting the .desktop files will do the trick?
Huh, is it actually rolling release and cutting edge? I thought it was just Debian + 1 or 2 versions ahead.
I prefer a minimal install of Debian personally. Someone should make a rolling release apt-based/debian-based distro and I’d hop right on it. Technically Kali is one and I do daily drive that, but it’s not something I can really recommend to people as a general use distro.
Anyway if you want something more tangibly different (and difficult to install) try running OpenBSD :)
Good idea I’d say.
If you make users sign in too much, they will just make their passwords short and easy to remember, even 24hrs is too much and people bitch about it all the time, especially since we have password managers enforced, meaning every time they need to Auth they need to Auth into their system, Auth into their password manager, copy the password, auth into their phone, look at the 2FA code and type that in.
Doing this every day just to open email is understandably fucking enraging even to me as a security “”“engineer”“”/analyst/${bullshitblueteamemailreaderjob}
Press it harder and they will use simple passwords that will inevitably be passed through to something external (e.g. cockpit which even I can bruteforce) or reused somewhere at some point, and then someone just has to get lucky once and run whatever run0 sudo su <reverse shell bs here>
to bypass all protections.
That’s a lot of work. Thanks though.
Is there a way to do reverse tunnels, or something like it, so not opening any ports at all on the network, without cloudflare?
Closest to that XP I got was generating VPN keys and distributing them to close friends, running DDNS (no-ip) on my Pi with a pivpn server and then accessing JellyFin that way.
Do you maybe mean snap?
This is why I moved to Telegram. Idk if it’s actually native, but often feels much more so, and less phone-centric than Signal which requires weird auth rituals involving the phone.
Why do devs do this shit??? Fucking yikes
Removed by mod