https://www.bleepingcomputer.com/new...ed-in-attacks/

update if you can
or use other browser for a while.

Is this really news when Chrome's average is more than one a month?

Or perhaps the news is simply that there was a whole two months since the last such vulnerability was discovered in Chrome?

1 members found this post helpful.

nah, it isnt "news" i think, but someone could benefit of this post.

It reminded me to sudo apt update and sudo apt dist-upgrade before firing up any gear lately.
Thanks.

It also reinforces the importance of the so-called "Principle of Least Privilege."

Which is to say that – and this is true of every operating system – "the account that you use every day" must not be "an Administrator." (In Linux, this means: "a member of the wheel group.") Windows ... MacOS (OS/X) ... mainframe ... doesn't matter.

If anyone or anything that is operating under your credentials "runs into a nearby phone booth," it should not be capable of flying out of it wearing ugly blue tights. It should be operating in a "home directory" that isn't accessible to other users of the same system, and it shouldn't be able to snoop into anyone else's home – let alone have write access to it. It cannot issue the sudo su command, because it is not required to.

Do not give yourself any more access to your system than you require when exercising the tasks which you have associated with that particular login account. (After all, you can have as many accounts as you please.) Don't allow anyone else access to "your stuff" except to the extent that a specific other user-id requires it.

By voluntarily limiting "your" access to "your" system based on need to know or do, you immediately make your system far more secure ... and it really isn't that "inconvenient" once you get used to it. "Be Jimmy Olsen, not Clark Kent."

Beyond that – find a good continuous backup system, and use it 100% of the time.

1 members found this post helpful.

Yes it does. That is not true of every system.

I'm a member of the wheel group but can't invoke root commands from my usr account:

The question is whether you can enter the command: sudo su, then enter your own password, and wind up with a "#" prompt . . .

There should be only one user-id on any system, IMHO, which is capable of doing that.

As I've said here before, "your computer is just too damned stupid to know when it should say 'yes!'" But it's extremely good at saying 'no!' Leverage that idea to your full advantage, and also be sure that your "all-powerful user" is named (say ...) freddie. It really isn't "inconvenient" after all ...

You were right all along and I was wrong from the start.
Hear that often? Hmmm?

My Gehirndose full of toxins, shutdown progressing, Dave


I had never used sudo till a few years when I tested TrueOS, DandyOS or whatever they called it that week.
On FreeBSD I always su to root in a terminal, work as root from that terminal and log out to my usr account when done.
I've never installed sudo or doas and am very comfortable working as root, but do not log in as root or run as r00t after my work s done.
Kali has sudo and I don't use the root account on it.

I bend the machine to my will and it does things my way. Which in many ways is not the standard way things are done by everyone else, the Handbook not a factor when I figured it out. I've never looked at fstab for one thing.

Depending on how critical the system is, it may be useful to also setup MFA - even for sudo.

It has certainly not escaped my attention that "other Unix®/Linux based systems that I regularly frequent," namely MacOS/OSX, no longer permit even "the root user" unfettered privileges.

Instead, just like "UEFI," they now require a first-action that is physical, therefore distinctly human. Without this, even "the root user" is now "fettered." And, "I agree with this."