Security on iMil.net http://imil.net/blog/tags/security/ Recent content in Security on iMil.net Hugo en-us Mon, 14 Mar 2022 08:54:50 +0100 An Innocent Mount Issue http://imil.net/blog/posts/2022/an-innocent-mount-issue/ Mon, 14 Mar 2022 08:54:50 +0100 http://imil.net/blog/posts/2022/an-innocent-mount-issue/ <p>I work as a freelance contractor for about a year now, I quit a 10+ years regular <a href="https://web.archive.org/web/20210121194911/https://www.nbs-system.com/publications/interview-collaborateur/emile-heitor-interview-d-un-directeur-technique/">CTO job</a> to give into more technical subjects, troubleshoot, code, build infrastructures, <a href="https://www.imdb.com/title/tt0084967/">A-Team style</a>, I help companies with complex matters that might require experience and rigorousness.</p> <p>One of my last missions was really, really fun to deal with. A rather big company handling scientific, secret-level data, had an issue with their storage system.<br> They use <a href="https://en.wikipedia.org/wiki/InfiniBand">Infiniband</a> as their communication layer on an <a href="https://en.wikipedia.org/wiki/High-performance_computing">HPC</a> environment, it was not a problem while the underlying operating system was <em>CentOS</em> 7.1 with kernel 3.10.0-1160, but since new machines were installed with <em>CentOS</em> 7.7 and up, with kernels 3.10.0-1062 and up, whenever they wrote a file less than 701 bytes long, the file would be corrupted.<br> For the record and understanding of the following debugging session, the company uses <a href="https://en.wikipedia.org/wiki/Network_File_System">NFS</a> over <a href="https://en.wikipedia.org/wiki/Remote_direct_memory_access">RDMA</a>, the latter being the technique used by <em>Infiniband</em> to achieve low latency and great throughput.</p> Running snoopy on NetBSD http://imil.net/blog/posts/2014/running-snoopy-on-netbsd/ Sat, 06 Dec 2014 10:46:16 +0000 http://imil.net/blog/posts/2014/running-snoopy-on-netbsd/ <p><a href="https://github.com/a2o/snoopy">Snoopy</a> is a pretty cool piece of software that can log every <code>exec(3)</code> call to <code>syslog</code>. When it comes to security, that feature can be really handy.</p> <p>Yesterday (Dec. 5), I commited <code>security/snoopy</code> to <a href="http://pkgsrc.org">pkgsrc</a>. The package comes with GNU/Linux related scripts in order to modify <code>/etc/ld.so.preload</code> so <code>libsnoopy</code> is loaded before <code>libc</code> and achieve its role. <a href="http://NetBSD.org">NetBSD</a> doesn&rsquo;t have a <code>ld.so.preload</code> file, instead, we use a flexible <code>/etc/ld.so.conf</code> configuration file which has the following syntax:</p>