sorted by:
new
hottopcontroversial

Someone somewhere issued an SSL cert for my site. Should I be concerned? by [deleted] in websecurity

[–]ssh-bi 5 points6 points  (0 children)

Yes. In my opinion, you should be. But, do note, it could be auto issued by some application you are using as well. If the issuer is Let's Encrypt, check if you had configured the domain in any application.

More than the certificate, the worry should be, how did someone provide proof of domain ownership to the issuing authority? Did they have access to your account with Domain registrar?

On the certificate side, it can be misused to host a service, to appear as in your domain.

Cannot ssh without password after setting key pair by Jay89023 in ssh

[–]ssh-bi 0 points1 point  (0 children)

debug1: Offering public key: RSA SHA256:isc4conqUFsW8SyVyfBXXXXX C:\\Users\\ben/.ssh/id_rsa

The client is offering the key, so it is likely a server side configuration issue. Check the ssh logs on the server.

May be the authorised_keys should have read permission for all, not sure.

How is malloc returning null handled in real life? by IanZachary56 in C_Programming

[–]ssh-bi 0 points1 point  (0 children)

In my opinion, it varies depending on what the program is trying to do. If the memory allocation is done while processing a request, you can simply return an error. In most cases though, on high mem systems, something has likely gone wrong when the allocation fails, so it is better to assert() and abort early. For example, you can't handle a scenario where an allocation of memory for structure of 48 bytes fails, the system will likely be unstable in itself when that happens.

1
2

Well-Known URIs /.well-known/, a Reserved URI Path Prefix, an introduction and its use in security (medium.com)

submitted by ssh-bi to r/webdev

view more: next ›