I think that using 0.0.0.0 it's a bad idea. That is supposedly opening the port in all network interfaces, including the external ones. So, if you don't have a firewall (especially on the remote server) you are exposing something to the world.
OTOH if I'm going to use some tunnelling/port forwarding quite often, I would use the config file option, but for an one time or sporadic use, the command line option is better IMHO.
Nice catch. You're right.
At my company all servers operate inside a complex & heavily-guarded intranet, so I usually use 0.0.0.0 instead of localhost / 127.0.0.1. Sometimes, only using the former worked (e.g: using Code-Server or Jupyter Notebook), and I'm not so good at networking to dive into iptables and firewall things.
I received once a mail from my bank at the time stating that they have a message for me, but for security reasons I have to read it on their systems. And they provide the following link: https://cbk.pwlnk.io/~hc
The bank's name is CaixaBank. I was wrong and the message was legit. My first thought was it was a scam :)
I have noticed that runas is mentioned as an already existing sudo alternative, but as far as I know, runas asks you for the administrator's password. sudo asks the own user password. This is how you give a non administrator user the right to use some application/tool without revealing the admin's password.
You're right, but on my work environment I have two accounts - "me" and "me with elevated permissions". (I don't say "admin" because there's still a bunch of stuff I can't do, like run netsh). I assumed that was the normal pattern in Windows-land?
It is something of the normal pattern, it always seems like companies love it. It always seems like UAC with extra steps to me. It's not that much more secure than taking UAC as-is and dialing up the security settings on UAC prompts to require a password every time. It's often amusing to me that everywhere I've seen require "secondary accounts" for admin permissions has dialed down the overall security settings of UAC below the defaults.
Hacker accesses some legacy application that verifies the user's credentials against LDAP. Maybe it's payroll or something. Hacker logs passwords until someone who happens to be a org-wide local admin (or worse yet DA) wants their paystub. Hacker now has admin privileges.
(Also, if UAC settings are turned down, that might mean the UAC prompt isn't on the secure desktop, and any malware can thus trivially elevate itself if your everyday account is an admin... etc.)
Right, I don't think runas has a "sudo-mode" in terms of "let the user elevate their own permissions for specific tools even if they don't have an elevated account to elevate to", but runas is so low level and has so many weird combinations of arguments that maybe there is a buried similar way to that, I can't say for sure.
But the base "sudo" case where you have an account that supports UAC elevation (you are your own administrator) runas definitely supports as the CLI way to invoke UAC prompts for your own account, not just other administrator accounts. (Using the /trustlevel flag accordingly, as I recall.)
My question is more why they couldn't add this functionality into runas, rather than making a new tool that doesn't even do what its name says it does :)
Actually "aparcar" and "estacionar" are synonyms (at least in Spain, but I think also in latin America [0])
Maybe you meant "parar" or "detener" (to stop), that don't clarify by them self if the engine has to be stopped or not (usually is the whole sentence what clarifies that)
I have found arch (and by extension manjaro) to break a couple of times too many for my taste. Even without AUR.
I stopped using it and installed Debian stable or Ubuntu LTS together with gnu GUIX for userland stuff. I have survived dist-upgrades from LTS to LTS with fewer issues than what arch used to give me on a monthly basis.
You paint a figure from point A to point B. Then It just starts from point B to paint the same figure you painted (same speed and all). At same time it removes from A side what is repainting at B side.
If you manage to paint a figure that starts and ends at the same point, then it stays in place and seems to be a static draw.
If you just draw a straight line, it just starts "to move" forward.
Yes, there are invisible buffers, but the discrepancy doesn't come from this. Drive makers count the space in 1000 -multiple units (i.e. 1GB = 1000*1000*1000 bytes) whereas in computing units are usually count on 1024 -multiple (i.e. 1GiB = 1024*1024*1024 bytes)
So 1TB = 1000*1000*1000*1000 bytes/1024/1024/1024 = 931GiB (or 0.9TiB)
Did you notice the part where I explained how drive makers use the decimal units but the chips they source to build those drives are built in binary capacities?
I don't give a shit whether your operating system likes to show you disk usage in binary or decimal units, because I'm not talking about software at all. I'm explaining how the hardware is built. I especially don't need another person to try to explain what the binary and decimal units are, after I've repeatedly used both correctly.
> Every time there is a Windows update that is "major" enough, it will wipe the existing Linux bootloader.
I think that has not been true for a long time. At least if you are using UEFI. Windows respects UEFI enough to just change own stuff in the EFI partition. Windows will change the default boot entry to itself at installation time, but so every Linux distro do. Notice that nowadays you can install Windows *after* Linux and you just need to change the default OS back to Linux if you want so.
I'm a Linux user myself, but this is one of those myths that should end. I have had a Windows partition for almost three years that I only use to update Windows (all Windows 10 versions up until now and Windows 11 in the last update). Not once the update has affected my boot options.
OTOH if I'm going to use some tunnelling/port forwarding quite often, I would use the config file option, but for an one time or sporadic use, the command line option is better IMHO.
reply