add stuff to a1 and a3 and first part of a3
All checks were successful
zip and release / build-and-release (push) Successful in 5s
All checks were successful
zip and release / build-and-release (push) Successful in 5s
This commit is contained in:
@@ -1,3 +1,21 @@
|
|||||||
I used the simplest trick in the book. Since we have btop installed (a more advanced and pretty version of tools like top or htop), I was just able to run "btop" to get into its interface.
|
I used the simplest trick in the book. Since we have btop installed (a more advanced and pretty version of tools like top or htop), I was just able to run "btop" to get into its interface.
|
||||||
|
|
||||||
From there, you can see which CPU the system is using in the top right. Since it's a EPYC CPU, but we only have 2 threads, it goes without saying that we're in a VM since there is no AMD EPYC CPU with only 1 core with 2 threads.
|
From there, you can see which CPU the system is using in the top right. Since it's a EPYC CPU, but we only have 2 threads, it goes without saying that we're in a VM since there is no AMD EPYC CPU with only 1 core with 2 threads.
|
||||||
|
|
||||||
|
Alternatively:
|
||||||
|
|
||||||
|
12:55:11 leo@group-20 ~ → hostnamectl
|
||||||
|
Static hostname: group-20.internal
|
||||||
|
Icon name: computer-vm
|
||||||
|
Chassis: vm 🖴
|
||||||
|
Machine ID: 471f9f9a79d9821160cd1849069e648a
|
||||||
|
Boot ID: 3621b630db6a4e0f8b8ba3269550325a
|
||||||
|
Virtualization: kvm
|
||||||
|
Operating System: Ubuntu 24.04.4 LTS
|
||||||
|
Kernel: Linux 6.8.0-111-generic
|
||||||
|
Architecture: x86-64
|
||||||
|
Hardware Vendor: QEMU
|
||||||
|
Hardware Model: Standard PC _Q35 + ICH9, 2009_
|
||||||
|
Firmware Version: 2024.02-2ubuntu0.8
|
||||||
|
Firmware Date: Wed 2025-12-10
|
||||||
|
Firmware Age: 6month 1w
|
||||||
|
|||||||
File diff suppressed because one or more lines are too long
9
sheet08/a3.txt
Normal file
9
sheet08/a3.txt
Normal file
@@ -0,0 +1,9 @@
|
|||||||
|
• Passing passwords via command line arguments:
|
||||||
|
Benefits: fast and easy to type out for quick testing.
|
||||||
|
Drawbacks: Highly insecure. Passwords are saved in the .bash_history and are fully visible to any other user running the `ps` command. They also leak through `docker inspect`
|
||||||
|
• Passing passwords via an environment variable:
|
||||||
|
Benefits: Better than CLI arguments because they hide the secret from the ps process list.
|
||||||
|
Drawbacks: Still exposed. Anyone with access to docker can view them using `docker inspect`.
|
||||||
|
• Passing passwords via a file:
|
||||||
|
Benefits: The secrets do not show up in the `ps` process list or in the docker inspect metadata. Access to the file on the host can also be limited using chmod.
|
||||||
|
Drawbacks: Leaves a plaintext file on the physical hard drive, requiring manual cleanup.
|
||||||
Reference in New Issue
Block a user