Nextcloud and others recently reported on CVE-2019-11043 which looks like a particularly nasty RCE affecting only nginx+php-fpm with certain configurations.
Unfortunately, the configuration the Nextcloud documentation recommended was one of those vulnerable configurations.
Continue Reading →In a previous post I mentioned swapping my backups to restic. Since then, I've found my B2 storage costs increased substantially and wanted to figure out why.
Continue Reading →I often join Azure DevOps projects some time after they were started and can almost guarantee I'll find... questionable... permissions have been applied.
If you search for e.g. "azure devops permissions" you'll get pages like this which only tell half the story, so here's a quick primer...
Continue Reading →I have used Duplicati uneasily for some time to back up my personal server which hosts Nextcloud and other bits.
Continue Reading →Zola is a static site generator in Rust.
Wanting to blog a bit more and having a passing interest in Rust, I figured I might as well rebuild my blog rather than actually write anything...
Continue Reading →