Debian maintainer from zero to hero

What it feels like to become a Debian maintainer in 2020
Read more →

Privilege escalation using setuid

How to gain root access by exploiting wrongly designed setuid executables.
Read more →

Autosnap

Automatically make Snap package from source code.
Read more →

Privilege escalation using Docker

How to gain root access by using a Docker engine running with default configuration.
Read more →

Going serverless

I used to manage a dozen VPS since many years: Zabbix, Gitlab/Gitlab CI, private docker registry, production environment (3 nodes docker swarm cluster), database server (MariaDB & MongoDB), blog server (running Ghost), logs collector (Graylog), etc… I was spending a consequent amount of money & time for all these VPS, and it was time to change. From Ghost to Hugo One of the most important thing I run is this blog.
Read more →

Quick notes about Covid 19

I wanted to write a quick off-topic article about the ongoing coronavirus pandemia since there’s a lof of false opinions and fake news on this topic. This virus (SARS-CoV-2) is deadly and not really comparable to the flu, it is at least much more contagious. (We don’t know anything about the death rate yet, since the pandemia is ongoing). You shouldn’t treat it lightly. Not staying home will cause a lot of deaths in the months to come because of the overwhelming of your country healthcare system.
Read more →

ClassLoader & memory leaks: a Java love story

We’ve been experiencing very strange memory leak in our Java application servers at work: when deploying new version of a micro service, the JVM process was running out of memory and consequently crash leading to service outage. After a bit of research, it looked like that these kind of errors were very common with this application server, especially when deploying application without restarting the server from time to time. The common fix was to restart the JVM process before putting in production, preventing any out of memory (but not the memory leak).
Read more →

Docker swarm is not dead! (yet)

I have written an article on the provisioning of a Docker Swarm cluster from scratch (you can read it here) and I have received a lot of comments stating that docker swarm is dead and that I should be moving to Kubernetes instead. What happened to docker? For those who were not aware, Mirantis (a cloud provider) has bought Docker enterprise in nov. 2019. Just after that, Mirantis has written a blog post to announce the news:
Read more →

Making a product is not even half of the path to success

As you may already know, I have launched, with a Friend, an Android application to customize phone wallpapers randomly. The development of the app itself only took us 2 months and was quite fun. The release was really exciting and the first feedback from real users was encouraging. However, things didn’t go as planned… Referral program failure Our first idea to grow our user base was to introduce a referral program.
Read more →

Harbor: your own private docker registry

Since I have containerized my whole develoment workflow, from testing to production, I needed a docker registry to centralize my private images and ensure their deployment. I didn’t wanted to use Docker Hub or Github Packages because the images would be publicly available. Therefore I have started searching for existing private registry providers… What’s a docker registry again? In a nutshell, a docker registry is a server used to upload (push) & download (pull) docker images.
Read more →