andi- changed the topic of #nixos-security to: Vulnerability Roundup Issues: https://github.com/NixOS/nixpkgs/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+Vulnerability+roundup + https://broken.sh | Currently supported releases: unstable (master), 20.09, 20.03 (until 27th of November)
justanotheruser has joined #nixos-security
supersandro2000 has quit [Disconnected by services]
supersandro2000 has joined #nixos-security
star_cloud has quit [Ping timeout: 246 seconds]
rajivr has quit [Quit: Connection closed for inactivity]
rajivr has joined #nixos-security
tilpner_ has joined #nixos-security
tilpner has quit [Ping timeout: 260 seconds]
tilpner_ is now known as tilpner
supersandro2000 has quit [Quit: The Lounge - https://thelounge.chat]
supersandro2000 has joined #nixos-security
star_cloud has joined #nixos-security
justanotheruser has quit [Ping timeout: 268 seconds]
kalbasit_ has quit [Ping timeout: 240 seconds]
qyliss has quit [Quit: bye]
qyliss has joined #nixos-security
cole-h has quit [Ping timeout: 265 seconds]
<qyliss> I've noticed something bad.
<qyliss> (not a vuln, but not a good default either)
<qyliss> fcgiwrap defaults to running as root
<qyliss> and therefore, fcgiwrap users' cgi scripts default to running as root
<qyliss> doubt think that's expected behaviour very often!
dstzd has quit [Quit: ZNC - https://znc.in]
<ajs124> oof. don't we still have that "too many services run as root that shouldn't" issue open?
dstzd has joined #nixos-security
dstzd has quit [Client Quit]
dstzd has joined #nixos-security
dstzd has quit [Remote host closed the connection]
dstzd has joined #nixos-security
dstzd has quit [Client Quit]
dstzd has joined #nixos-security
dstzd has quit [Client Quit]
dstzd has joined #nixos-security
WilliButz has quit [Remote host closed the connection]
WilliButz has joined #nixos-security
tilpner has quit [Remote host closed the connection]
tilpner has joined #nixos-security
tilpner has quit [Client Quit]
tilpner has joined #nixos-security
tilpner has quit [Client Quit]
tilpner has joined #nixos-security
tilpner has quit [Client Quit]
tilpner has joined #nixos-security
kalbasit has joined #nixos-security
bennofs|ALLES has quit [Remote host closed the connection]
bennofs has joined #nixos-security
rajivr has quit [Quit: Connection closed for inactivity]
cole-h has joined #nixos-security
tilpner_ has joined #nixos-security
tilpner has quit [Remote host closed the connection]
tilpner_ is now known as tilpner