GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Notices by yossarian (1.3.6.1.4.1.55738) (yossarian@infosec.exchange)

  1. Embed this notice
    yossarian (1.3.6.1.4.1.55738) (yossarian@infosec.exchange)'s status on Thursday, 21-Nov-2024 22:27:17 JST yossarian (1.3.6.1.4.1.55738) yossarian (1.3.6.1.4.1.55738)

    TIL: Some surprising code execution sources in bash

    https://yossarian.net/til/post/some-surprising-code-execution-sources-in-bash

    #til #shell #security

    In conversation about 16 hours ago from infosec.exchange permalink
  2. Embed this notice
    yossarian (1.3.6.1.4.1.55738) (yossarian@infosec.exchange)'s status on Friday, 15-Nov-2024 01:27:21 JST yossarian (1.3.6.1.4.1.55738) yossarian (1.3.6.1.4.1.55738)
    • Trail of Bits

    i'm really excited to share the work my team at @trailofbits has been doing for the last year: Sigstore-based attestations are now live and generally available on PyPI!

    if you're already using Trusted Publishing with the canonical pypi-publish action, you don't need to change anything: the action will generate and upload an attestation on your behalf.

    we've written a blog post on some of the technical details behind PyPI's attestation features, including Sigstore and PEP 740, here: https://blog.trailofbits.com/2024/11/14/attestations-a-new-generation-of-signatures-on-pypi/

    #python #pypi #security #sigstore

    In conversation about 8 days ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: blog.trailofbits.com
      Attestations: A new generation of signatures on PyPI
      from William Woodruff
      Read the official announcement on the PyPI blog as well! For the past year, we’ve worked with the Python Package Index (PyPI) on a new security feature for the Python ecosystem: index-hosted digita…

User actions

    yossarian (1.3.6.1.4.1.55738)

    yossarian (1.3.6.1.4.1.55738)

    engineering director @trailofbits; attracts bugs easily

    Tags
    • (None)

    Following 0

      Followers 0

        Groups 0

          Statistics

          User ID
          209904
          Member since
          6 Nov 2023
          Notices
          2
          Daily average
          0

          Feeds

          • Atom
          • Help
          • About
          • FAQ
          • TOS
          • Privacy
          • Source
          • Version
          • Contact

          GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

          Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.