Linux capabilities, slowly becoming usable
POSIX capabilities have been in the Linux kernel since 2.2. The user-space tooling has been catching up slowly. A walk through what they are, what they enable, and where the rough edges still are.
Notes from the field
Writing
Long-form thinking on cyber defence, detection, and resilience — from Slackware-era honeypots through to AI-driven SOC analytics.
Showing posts tagged least privilege — 3 results.
Why default deny still fails in practice
Default deny is the slogan everyone agrees on. Default deny is also routinely broken, in production, by every team I have looked at, including mine. Here is the gap between the principle and the practice.
Why running as root is dangerous, in concrete terms
Everyone tells you not to run things as root. Here is the specific, unglamorous, day-three explanation of why — written for someone who, like me a year ago, mostly did.