I'm really excited for this. We moved 120+ hand renewed certs to ACME, but still manually validate the domains annually. Many of them are on private/internal load balancers (no HTTP-01 challenge possible), and our DNS host doesn't support automation (no DNS-01 challenges either). While manually renewing the DCV for ~30 domains once a year isn't too bad, when the lifetime of that validity shrinks, ultimately to 9 days, it'd become a full time job. I just hope Sectigo implements this as quickly as LE.
Good point — and thank you for the suggestion! In this case it’s actually not necessary because the entire workspace is automatically persisted in local storage, so everything is restored when you reopen the app.
You can. I think there's a couple approaches - bind mount the docker socket, or expose it on localhost, and use host networking for the consuming container, or there exist various proxy projects for the socket. There may be other ways, curious if anyone else knows more.
Bind-mounting /var/run/docker.sock gives 100% root access to anyone that can write it. It's a complete non-starter for any serious deployment, and we should not even consider it at any time.
Sure, but sometimes that's what you intend. Docker isn't always used for, nor is it particularly designed to be a security / sandboxing solution. If I'm running a tool as root that interacts with the docker daemon, I might choose to run it in a container still.
Ol' Dirty Bastard? I jest, but I think the theory behind wanting an 'On-board Diagnostics' [1] connection would be to get data from the vehicle. You can get cheap bluetooth OBD-II adapters to transmit that info to your phone, it's not a given. I don't know much about electric cars, but if you want your phone to know the fuel level in an ICE vehicle then you'd need this kind of connection.
I make typos like that lot. The one that is most common for me is CVS instead of CSV. No, this isn't a list of things to get from the drug store ::facepalm::
I am indeed the guy in the article. My side of the story is fairly boring, didn't do crime but got blamed for it anyway by desperate cops. The whole investigation has been bizarre, for example, no-one has ever searched my homes, or even attempted to seize my personal devices.
Should find out within the next couple of months if the appeals court decides to acquit.
reply