Join Free or Sign in
My Cart 0
€0.00

go gento

  1. 20/Aug2020

    Semantic Versioning for Extensions

    Semantic Versioning for Extensions

    So you are either looking for the best way to provide versioning for your extensions or maybe you do have a working versioning system and are looking for ways to improve it. This blog gives you our perspective on future-proof extension versioning. It does not matter if you develop extensions for Magento 2, WordPress, Drupal or any other third-party platform. This Semantic Versioning Model allows you to build a bulletproof solution which will work properly for years. It is designed to be able to be linked to the versioning of the platform, allowing customers to stay up to date without having to worry about installing a version which breaks due to platform incompatibility

  2. 13/Nov2017

    Hacking with Docker | For Fun And For Profit

    Why a blog about hacking with docker

    Many companies allow their customers to see / manage the docker containers by allowing them to be in the docker group. After all, tts very easy to say "Just hop on to the php container to do your work".

     

    Due to the way docker works, the docker engine needs escalated privileges to manage its containers and that means, anyone in the docker group, effectively has root access to the server.

    Your customer might not know this, but malicious users, who can beg, steal and borrow your customers ssh credentials, most definitely will.

    In our example, we've given our user sudo rights, but effectively you can achieve everything, including spionage.
    As an actual recent case, i had to modify SSH information to allow PasswordAuthentication and to force the server to reboot.

    To force the host to reboot from a container, you can add: -v /dev:/dev:rw