Minutes 2024-10-03: Difference between revisions

From MTU LUG Wiki
Jump to navigation Jump to search
(initial commit)
 
(fixed links, added random NOT-RELATED-AT-ALL Shell tip)
Line 2: Line 2:
## everyone who showed up already had Linux installed on their laptops lol
## everyone who showed up already had Linux installed on their laptops lol
## talked about hacking Bryce's router
## talked about hacking Bryce's router
### warehouse mode (<nowiki>https://github.com/MeisterLone/Askey-RT5010W-D187-REV6</nowiki>)
### warehouse mode [https://github.com/MeisterLone/Askey-RT5010W-D187-REV6]
# Moved to Rekhi 101 at 7PM for Nate's presentation on Plan9!
# Moved to Rekhi 101 at 7PM for Nate's presentation on Plan9!
## Going over new members to LUG
## Going over new members to LUG
Line 26: Line 26:
### Scope creep in common utilities causes vulnerabilities
### Scope creep in common utilities causes vulnerabilities
#### sudo
#### sudo
#### GTFOBins (https://gtfobins.github.io)
#### GTFOBins [https://gtfobins.github.io]
## What is Plan9?
## What is Plan9?
## What Plan9 does better
## What Plan9 does better
Line 54: Line 54:
### Development slowed in 1990's
### Development slowed in 1990's
### Fourth edition was released under custom open-source license in 2002
### Fourth edition was released under custom open-source license in 2002
#### Allen finds a statement from Stallman in the early 2000's about it not being 'FOSS' lol
#### Allen finds a statement from Stallman about it not being 'FOSS' lol [https://www.gnu.org/philosophy/plan-nine.en.html]
### All editions released under GPL in 2015
### All editions released under GPL in 2015
### 2021 control given to Plan 9 Foundation, license changed to MIT for all editions
### 2021 control given to Plan 9 Foundation, license changed to MIT for all editions
Line 69: Line 69:
### How does piping raw audio files to audio filesystem work given sample rates?
### How does piping raw audio files to audio filesystem work given sample rates?
### Threat landscape for 9Front?
### Threat landscape for 9Front?
#### that one path traversal exploit /g/ found on 9Front's homepage (https://cyber.vumetric.com/vulns/CVE-2022-28380/path-traversal-vulnerability-in-rc-httpd-project-rc-httpd/)
#### that one path traversal exploit /g/ found on 9Front's homepage [https://cyber.vumetric.com/vulns/CVE-2022-28380/path-traversal-vulnerability-in-rc-httpd-project-rc-httpd/]
### recompiling the kernel
### recompiling the kernel
# Wrap up
# Wrap up
## ....don't fork-bomb guardian
## ....don't fork-bomb guardian (oops)
## Josh is switching to Plan9
## Josh is switching to Plan9
## ...please don't host copyright-sussy material on your public Shell page
## ...please don't host copyright-sussy material on your public Shell page
### totally-unrelated pro-tip: if you make an index.html file in a directory, shell won't display a list of its contents to web browsers. Just something to think about...
## No Schmidt's today :(
## No Schmidt's today :(
### most members had upcoming and/or take-home exams
### most members had upcoming and/or take-home exams

Revision as of 22:16, 3 October 2024

  1. Met in Rekhi 114 for Install-a-thon at 5PM
    1. everyone who showed up already had Linux installed on their laptops lol
    2. talked about hacking Bryce's router
      1. warehouse mode [1]
  2. Moved to Rekhi 101 at 7PM for Nate's presentation on Plan9!
    1. Going over new members to LUG
      1. Why they wanted to learn Linux
    2. What is UNIX
      1. UNIX philosophy (do one thing and do it well)
    3. UNIX-likes
      1. Linux
      2. FreeBSD
      3. AIX
    4. Limitations of UNIX
      1. Not everything is a file (syscalls, sockets)
      2. Graphics
      3. New features tacked-on after the fact rather than designed from within the operating system.
      4. Processes are privileged by default
      5. Tools 'work backwards' to subtract privileges from processes
        1. chroot
        2. FreeBSD jails
        3. OpenBSD pledge and unveil
        4. Linux cgroups and namespaces
      6. Clustering is hard
        1. Proper clustering systems basically rewrite the entire application-level stack (e.g. Kubernetes)
      7. Scope creep in common utilities causes vulnerabilities
        1. sudo
        2. GTFOBins [2]
    5. What is Plan9?
    6. What Plan9 does better
      1. Networking stack is represented as multiple filesystems in /net
        1. /net/tcp
        2. /net/udp
        3. /net/tcp
        4. /net/icmp
      2. Graphical devices are represented as files in /dev
        1. /dev/screen is your current screen
        2. "screenshotting" is just copying /dev/screen to a file, and converting it to png
      3. global mounts do not exist, all processes have their own namespace
        1. mount and unmount (not 'umount') to control filesystems
        2. processes without audio filesystems will not be able to play audio, processes without /dev/net can't send network traffic, etc
      4. 9p protocol backs all inter-process file-based communication
      5. 9p is network transparent
        1. can mount remote audio filesystem to play audio on remote computers
        2. interact with /dev/kbd (keyboard) on remote computer
      6. Plan 9 is a distributed operating system
        1. An idealized Plan 9 lab consists of a number of servers
        2. User-facing terminals are thin clients with no local storage
        3. CPU servers for compute
        4. File servers for data storage
        5. Auth servers for authentication
    7. State of Plan 9 today
      1. Failed to gain significant market share, UNIX and UNIX-likes got 'good enough'
      2. Development slowed in 1990's
      3. Fourth edition was released under custom open-source license in 2002
        1. Allen finds a statement from Stallman about it not being 'FOSS' lol [3]
      4. All editions released under GPL in 2015
      5. 2021 control given to Plan 9 Foundation, license changed to MIT for all editions
    8. 9Front
      1. Developed by cat-v, self-described "Random Contrarian Insurgent Organization"
      2. 9Front website
    9. 9Front fixes and improvements to Plan 9
      1. All around better hardware support, especially on Thinkpads
      2. Improved filesystems (cwfs, hjfs)
    10. Who is Cirno
      1. Official 9Front mascot
    11. Using 9front
      1. Demo!
      2. How does piping raw audio files to audio filesystem work given sample rates?
      3. Threat landscape for 9Front?
        1. that one path traversal exploit /g/ found on 9Front's homepage [4]
      4. recompiling the kernel
  3. Wrap up
    1. ....don't fork-bomb guardian (oops)
    2. Josh is switching to Plan9
    3. ...please don't host copyright-sussy material on your public Shell page
      1. totally-unrelated pro-tip: if you make an index.html file in a directory, shell won't display a list of its contents to web browsers. Just something to think about...
    4. No Schmidt's today :(
      1. most members had upcoming and/or take-home exams
Retrieved from "https://lug.mtu.edu/w/index.php?title=Minutes_2024-10-03&oldid=7636"