Minutes 2024-10-03: Difference between revisions

From MTU LUG Wiki
Jump to navigation Jump to search
(fixed links, added random NOT-RELATED-AT-ALL Shell tip)
m (formatting improvements)
Line 1: Line 1:
# Met in Rekhi 114 for Install-a-thon at 5PM
# Met in Rekhi 114 for Install-a-thon at 5PM
## everyone who showed up already had Linux installed on their laptops lol
## Everyone who showed up already had Linux installed on their laptops lol
## talked about hacking Bryce's router
## Talked about hacking Bryce's router
### warehouse mode [https://github.com/MeisterLone/Askey-RT5010W-D187-REV6]
### Putting it into 'warehouse' mode [https://github.com/MeisterLone/Askey-RT5010W-D187-REV6]
# Moved to Rekhi 101 at 7PM for Nate's presentation on Plan9!
# Moved to Rekhi 101 at 7PM for Nate's presentation on Plan 9!
## Going over new members to LUG
## Going over new members to LUG
### Why they wanted to learn Linux
### Why they wanted to learn Linux
Line 18: Line 18:
### Processes are privileged by default
### Processes are privileged by default
### Tools 'work backwards' to subtract privileges from processes
### Tools 'work backwards' to subtract privileges from processes
#### chroot
#### <code>chroot</code>
#### FreeBSD jails
#### FreeBSD <code>jails</code>
#### OpenBSD pledge and unveil
#### OpenBSD <code>pledge</code> and <code>unveil</code>
#### Linux cgroups and namespaces
#### Linux <code>cgroups</code> and <code>namespaces</code>
### Clustering is hard
### Clustering is hard
#### Proper clustering systems basically rewrite the entire application-level stack (e.g. Kubernetes)
#### Proper clustering systems basically rewrite the entire application-level stack (e.g. Kubernetes)
### Scope creep in common utilities causes vulnerabilities
### Scope creep in common utilities causes vulnerabilities
#### sudo
#### <code>sudo</code>
#### GTFOBins [https://gtfobins.github.io]
#### GTFOBins [https://gtfobins.github.io]
## What is Plan9?
## What is Plan 9?
## What Plan9 does better
## What Plan 9 does better
### Networking stack is represented as multiple filesystems in /net
### Networking stack is represented as multiple filesystems in /net
#### /net/tcp
#### <code>/net/tcp</code>
#### /net/udp
#### <code>/net/udp</code>
#### /net/tcp
#### <code>/net/tcp</code>
#### /net/icmp
#### <code>/net/icmp</code>
### Graphical devices are represented as files in /dev
### Graphical devices are represented as files in <code>/dev</code>
#### /dev/screen is your current screen
#### <code>/dev/screen</code> is your current screen
#### "screenshotting" is just copying /dev/screen to a file, and converting it to png
#### 'screenshotting' is just copying <code>/dev/screen</code> to a file, and converting it to png
### global mounts do not exist, all processes have their own namespace
### global mounts do not exist, all processes have their own namespace
#### mount and unmount (not 'umount') to control filesystems
#### <code>mount</code> and <code>unmount</code> (not <code>umount</code>) to control filesystems
#### processes without audio filesystems will not be able to play audio, processes without /dev/net can't send network traffic, etc
#### Processes without audio filesystems will not be able to play audio, processes without <code>/dev/net</code> can't send network traffic, etc
### 9p protocol backs all inter-process file-based communication
### 9p protocol backs all inter-process file-based communication
### 9p is network transparent
### 9p is network transparent
#### can mount remote audio filesystem to play audio on remote computers
#### Can mount remote audio filesystem to play audio on remote computers
#### interact with /dev/kbd (keyboard) on remote computer
#### Interact with <code>/dev/kbd</code> (keyboard) on remote computer
### Plan 9 is a distributed operating system
### Plan 9 is a distributed operating system
#### An idealized Plan 9 lab consists of a number of servers
#### An idealized Plan 9 lab consists of a number of servers
Line 62: Line 62:
## 9Front fixes and improvements to Plan 9
## 9Front fixes and improvements to Plan 9
### All around better hardware support, especially on Thinkpads
### All around better hardware support, especially on Thinkpads
### Improved filesystems (cwfs, hjfs)
### Improved filesystems (<code>cwfs</code>, <code>hjfs</code>)
## Who is Cirno
## Who is Cirno
### Official 9Front mascot
### Official 9Front mascot
## Using 9front
## Using 9Front
### Demo!
### Demo!
### How does piping raw audio files to audio filesystem work given sample rates?
### How does piping raw audio files to audio filesystem work given sample rates?
### Threat landscape for 9Front?
### Threat landscape for 9Front?
#### that one path traversal exploit /g/ found on 9Front's homepage [https://cyber.vumetric.com/vulns/CVE-2022-28380/path-traversal-vulnerability-in-rc-httpd-project-rc-httpd/]
#### that one path traversal exploit /g/ found on 9Front's homepage [https://cyber.vumetric.com/vulns/CVE-2022-28380/path-traversal-vulnerability-in-rc-httpd-project-rc-httpd/]
### recompiling the kernel
### Recompiling the kernel
# Wrap up
# Wrap up
## ....don't fork-bomb guardian (oops)
## ....don't fork-bomb guardian (oops)
## Josh is switching to Plan9
## Josh is switching to 9Front
## ...please don't host copyright-sussy material on your public Shell page
## Please don't host copyright-sussy material on your public Shell page
### totally-unrelated pro-tip: if you make an index.html file in a directory, shell won't display a list of its contents to web browsers. Just something to think about...
### Totally-unrelated pro-tip: if you make an index.html file in a directory, shell won't display a list of its contents to web browsers. Just something to think about...
## No Schmidt's today :(
## No Schmidt's today :(
### most members had upcoming and/or take-home exams
### most members had upcoming and/or take-home exams

Revision as of 23:43, 3 October 2024

  1. Met in Rekhi 114 for Install-a-thon at 5PM
    1. Everyone who showed up already had Linux installed on their laptops lol
    2. Talked about hacking Bryce's router
      1. Putting it into 'warehouse' mode [1]
  2. Moved to Rekhi 101 at 7PM for Nate's presentation on Plan 9!
    1. Going over new members to LUG
      1. Why they wanted to learn Linux
    2. What is UNIX
      1. UNIX philosophy (do one thing and do it well)
    3. UNIX-likes
      1. Linux
      2. FreeBSD
      3. AIX
    4. Limitations of UNIX
      1. Not everything is a file (syscalls, sockets)
      2. Graphics
      3. New features tacked-on after the fact rather than designed from within the operating system.
      4. Processes are privileged by default
      5. Tools 'work backwards' to subtract privileges from processes
        1. chroot
        2. FreeBSD jails
        3. OpenBSD pledge and unveil
        4. Linux cgroups and namespaces
      6. Clustering is hard
        1. Proper clustering systems basically rewrite the entire application-level stack (e.g. Kubernetes)
      7. Scope creep in common utilities causes vulnerabilities
        1. sudo
        2. GTFOBins [2]
    5. What is Plan 9?
    6. What Plan 9 does better
      1. Networking stack is represented as multiple filesystems in /net
        1. /net/tcp
        2. /net/udp
        3. /net/tcp
        4. /net/icmp
      2. Graphical devices are represented as files in /dev
        1. /dev/screen is your current screen
        2. 'screenshotting' is just copying /dev/screen to a file, and converting it to png
      3. global mounts do not exist, all processes have their own namespace
        1. mount and unmount (not umount) to control filesystems
        2. Processes without audio filesystems will not be able to play audio, processes without /dev/net can't send network traffic, etc
      4. 9p protocol backs all inter-process file-based communication
      5. 9p is network transparent
        1. Can mount remote audio filesystem to play audio on remote computers
        2. Interact with /dev/kbd (keyboard) on remote computer
      6. Plan 9 is a distributed operating system
        1. An idealized Plan 9 lab consists of a number of servers
        2. User-facing terminals are thin clients with no local storage
        3. CPU servers for compute
        4. File servers for data storage
        5. Auth servers for authentication
    7. State of Plan 9 today
      1. Failed to gain significant market share, UNIX and UNIX-likes got 'good enough'
      2. Development slowed in 1990's
      3. Fourth edition was released under custom open-source license in 2002
        1. Allen finds a statement from Stallman about it not being 'FOSS' lol [3]
      4. All editions released under GPL in 2015
      5. 2021 control given to Plan 9 Foundation, license changed to MIT for all editions
    8. 9Front
      1. Developed by cat-v, self-described "Random Contrarian Insurgent Organization"
      2. 9Front website
    9. 9Front fixes and improvements to Plan 9
      1. All around better hardware support, especially on Thinkpads
      2. Improved filesystems (cwfs, hjfs)
    10. Who is Cirno
      1. Official 9Front mascot
    11. Using 9Front
      1. Demo!
      2. How does piping raw audio files to audio filesystem work given sample rates?
      3. Threat landscape for 9Front?
        1. that one path traversal exploit /g/ found on 9Front's homepage [4]
      4. Recompiling the kernel
  3. Wrap up
    1. ....don't fork-bomb guardian (oops)
    2. Josh is switching to 9Front
    3. Please don't host copyright-sussy material on your public Shell page
      1. Totally-unrelated pro-tip: if you make an index.html file in a directory, shell won't display a list of its contents to web browsers. Just something to think about...
    4. No Schmidt's today :(
      1. most members had upcoming and/or take-home exams
Retrieved from "https://lug.mtu.edu/w/index.php?title=Minutes_2024-10-03&oldid=7638"