This also highlights the problem with a lot of communities moving to Discord, which inevitably ends up as repositories for critical information, but can't be indexed by Google. Reddit is still valuable as a problem solving resource, and I hope they fix this API fiasco.
ryuko
joined 1 year ago
Taken from r/egg_irl, by user azure_monster (https://www.reddit.com/r/egg_irl/comments/13bltnw/eggirl/)
Not sure if this has been posted here before, but a friend sent it to me and I thought it was funny.
Mine isn't very interesting, but sure
I have a relatively small setup, because of space and cooling constraints, but in that setup:
- Generic server with a Xeon E5-2697 v2, kinda old but it's still got 12c/24t, and 64 gigs of memory
- Around 40TB of storage space, of which I'm using roughly 1%. I'm not even a datahoarder, I'm just a storage space hoarder.
Everything I self host runs through Proxmox, either as a LXC container or as a RHEL 9 virtual machine. I also have a RasPi running Pi-Hole for ad blocking.
Is it possible to get around this with user agent spoofing? Or maybe degoogled Chromium?
Also corporations:
That's a really interesting bypass; I wonder how this can be patched or mitigated considering the module is entirely loaded from memory. Short of setting noexec on temporary directories, I can't think of any quick short term fixes.
Edit: Re-read the blog post and looked at the Github repo for the code- looks like this is more of a proof of concept of a SELinux confine bypass, as the kernel needs to be compiled with CONFIG_SECURITY_SELINUX_DEVELOP set. See the readme here, there's some more notes that weren't included in the blog post.
I use Fedora 37 workstation with the Nvidia proprietary drivers from RPM Fusion. Relatively painless install, with the option to sign the kernel module if you want to keep secure boot on. Only downside is the Nvidia drivers still don't work great with Wayland, so I normally login with Gnome on X for gaming.
Not really, unless you're a fan of the UI/UX changes.