chroot jails and the limits of pretend-root
chroot is the oldest containment mechanism in Unix. It is also the most often misunderstood. A walk through what it does, what it does not do, and where its limits actually are.
Notes from the field
Writing
Long-form thinking on cyber defence, detection, and resilience — from Slackware-era honeypots through to AI-driven SOC analytics.
Showing posts tagged unix — 3 results.
Logfile analysis with awk and grep
Most security work, in practice, is reading log files. The tools you need are about thirty years old. Here is what I have learnt about driving them.
Why running as root is dangerous, in concrete terms
Everyone tells you not to run things as root. Here is the specific, unglamorous, day-three explanation of why — written for someone who, like me a year ago, mostly did.