I am afraid you are still a bit misled; WireGuard is exactly what they use for the demo video. In general the underlying protocol does not matter, since the vulnerability is about telling the system to direct the packages to the attacker, completely bypassing the VPN.
My understanding is that all issues are patched in the mentioned releases, the config flag is not needed for that.
The config flag has been added because supporting clients with different endianness is undertested and most people will never use it. So if it is going to generate vulnerabilities, it makes sense to be able to disable it easily, and to disable it by default on next major release. Indeed XWayland had it disabled by default already, so only the fourth issue (ProcRenderAddGlyphs) is relevant there if that default is not changed.
I got curious and decided to check this out. This value was set to the current one in 2009: https://github.com/torvalds/linux/commit/341c87bf346f57748230628c5ad6ee69219250e8 The reasoning makes sense, but I guess is not really relevant to our situation, and according to the newest version of the comment 2^16 is not a hard limit anymore.
Phoenotopia: Awakening – an amazing metroidvania-related game. Relatively more popular than the other games I list, but is honestly one of my favorite games of all time.
Vision: Soft Reset – a metroidvania, but you can travel backwards and forwards in time and this really matters for gameplay.
Bombe – Minesweeper, but instead of solving the puzzles manually, you create rules (“if there is a cell with the number N and there are N empty cells around it, mark them all as mines”) which the game applies automatically.
SOLAS 128 – a puzzle game where you redirect signals in a huge machine, just a great experience if you like puzzle games.
The bootloader is stored unencrypted on your disk. Therefore it is trivial to modify, the other person just needs to power down your PC, take the hard drive out, mount it on their own PC and modify stuff. This is the Evil Maid attack the other person talked about.
Not a Fedora user, but according to https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems/ adding a new fstab entry with the correct option should just work. They even give changing the size of /tmp as an example usecase :)
It might be helpful to elaborate on what permissions mean for directories. As always, this is well explained on the Arch Wiki: https://wiki.archlinux.org/title/File_permissions_and_attributes#Viewing_permissions
The short version is that, when it comes to permissions for directories:
r is what allows you to see what files are in the directory, for instance by ls directory,x is what allows you to operate on the contents of the file, for instance by cat directory/file or by echo something > directory/file,w (together with x, in case of directories it is meaningless without x) is what allows you to create new files, delete existing or otherwise modify the directory itself, for instance by cp directory/file directory/new_file.Note that these are completely separate from the file permissions, which govern the contents of the file. For instance, if I have only x permission for the directory, but I have rw permission for a file of that directory, I can write to the file and read from it. However, I wouldn’t be able to remove it. On the other hand, if I have wx permission for a directory and I have no permissions for a file of that directory, I cannot write nor read from the file, but I can remove the file.
In spite of above, you will find all users have rwx permissions for /tmp, but they can only remove their own files. This is due to the sticky bit, which is marked by the output of ls -l having drwxrwxrwt instead of drwxrwxrwx. This means that the system will only allow the other users to rename or remove the file if they actually own it.
A common(ish) usecase for splitting r and x on permissions is when teachers want to collect the work of the students. They might have their home directory permissions set to rwx--x--x to ensure other people can’t see their files (and of course they still should make sure that the individual files have the correct permissions). However then they can create a directory /home/teacher/work and set its permissions to rwxrwxrwt. Then for a student, ls /home/teacher will fail, but ls /home/teacher/work and cp my_work.tar.gz /home/teacher/work will succeed.
Isn’t this the point though? Like, if you spot that (let’s concretize) the trash is starting to overflow, you can either take it out right now which will take you 2 minutes and (hopefully) barely interrupt your day, or you can add it to your list of things to do. And so you get that list of 59 things by ignoring the 2-minute rule, not by applying it.
That’s because all the audio drama focused on PulseAudio.
I like btdu which is essentially ncdu, but works in a way that is useful even if advanced btrfs features (CoW, compression etc.) are used.