Chris Wage cwage

Nashville.gov — Web Security Findings

Date: 2026-03-18 Method: External-only analysis of publicly accessible information (DNS, HTTP headers, HTML forms, TLS certificates). No systems were accessed, exploited, or tested beyond what any web browser does.

Summary

A review of 75 nashville.gov subdomains found that two court e-filing portals have unprotected login pages, and the majority of the city's web services are missing standard security headers that modern browsers rely on to protect users.

== Rules == On Infrastructure

There is one system, not a collection of systems. The desired state of the system should be a known quantity. The "known quantity" must be machine parseable. The actual state of the system must self-correct to the desired state. The only authoritative source for the actual state of the system is the system. The entire system must be deployable using source media and text files.

Rivers Mod v4.7.5 - Worldgen Terrain Pass Crash (IndexOutOfRangeException)

Environment

Vintage Story v1.21.6 (Stable)
Rivers mod v4.7.5
World seed: 313687447
OS: Linux

Summary

From https://www.julianagrant.com/blog/2020/2/29/coronavirus:

Notes: I originally wrote this to share with my family and close friends. It’s now getting passed around so I’m posting it publicly. I have revised the language slightly a few times. This is the most current version.

Hi folks,

A number of you have asked me what I think is going to happen with coronavirus (COVID-19) and what we should be doing to prepare. I have a few thoughts about what’s likely to happen and what you can do about it. For those of you who don’t know me well, I am a preventive medicine physician and infectious disease epidemiologist. I graduated from the CDC’s Epidemic Intelligence Service and have over 17 years of experience in the field, most of that with CDC.

Wishing everyone good health,

	# Marketplace plugin refresh uses SSH instead of HTTPS, causing unexpected passphrase prompts on startup

	When Claude Code starts, it attempts to refresh the official plugins marketplace by cloning/pulling `anthropics/claude-plugins-official`. However, it uses SSH (`[email protected]:...`) rather than HTTPS, which causes an unexpected SSH passphrase prompt when the user's SSH key isn't loaded in the agent.

	## Steps to reproduce
	1. Have an SSH key configured for GitHub with a passphrase
	2. Don't add the key to ssh-agent
	3. Run `claude` in a git repository

	## Expected behavior

	ACulinaryArtillery 2.0.0-dev.zip
	bedspawnv2-1.6.4.zip
	betterruins-0.5.4.zip
	bloodtrail-1.1.8.zip
	bovinae-0.3.4.zip
	butchering-1.10.11.zip
	buzzwords-1.8.0.zip
	caninae-1.0.35.zip
	capreolinae-2.0.4.zip
	carryon-1.12.1.zip

	smtpd_recipient_restrictions =
	permit_sasl_authenticated,
	#check_client_access hash:/etc/postfix/lists/whitelist,
	# same use as above for whitelisting, but CIDR for convenience:
	#check_client_access cidr:/etc/postfix/lists/cidrwhitelist,
	#check_recipient_access hash:/etc/postfix/recipients,
	reject_invalid_hostname,
	reject_non_fqdn_hostname,
	reject_non_fqdn_sender,
	reject_non_fqdn_recipient,

	[2018-09-15 22:09:00] ************************************************************
	[2018-09-15 22:09:00] * Begin calibration of flat frames
	[2018-09-15 22:09:00] ************************************************************
	[2018-09-15 22:09:00]
	[2018-09-15 22:09:00] * Searching for a master dark frame with exposure time = 0.1s -- best match is 20s
	[2018-09-15 22:09:00] * Master bias: /home/cwage/bestpics/pleiades/output/master/bias-BINNING_1.xisf
	[2018-09-15 22:09:00] * Master dark: /home/cwage/bestpics/pleiades/output/master/dark-BINNING_1-EXPTIME_20.xisf
	[2018-09-15 22:09:00]
	[2018-09-15 22:09:00] ImageCalibration: Global context
	[2018-09-15 22:09:00]

	cwage@portaplotz:~/Downloads/M81$ ls
	Calibrated-Color-T3-dougggg-M81-20160117-035255-Color-BIN1-W-120-001.fit Calibrated-Color-T3-dougggg-M81-20160117-041312-Color-BIN1-W-120-006.fit Calibrated-Color-T3-dougggg-M81-20160131-000826-Color-BIN1-E-120-002.fit
	Calibrated-Color-T3-dougggg-M81-20160117-035741-Color-BIN1-W-120-002.fit Calibrated-Color-T3-dougggg-M81-20160118-024806-Color-BIN1-W-120-001.fit Calibrated-Color-T3-dougggg-M81-20160131-001129-Color-BIN1-E-120-003.fit
	Calibrated-Color-T3-dougggg-M81-20160117-040046-Color-BIN1-W-120-003.fit Calibrated-Color-T3-dougggg-M81-20160118-025409-Color-BIN1-W-120-002.fit Calibrated-Color-T3-dougggg-M81-20160131-001417-Color-BIN1-E-120-004.fit
	Calibrated-Color-T3-dougggg-M81-20160117-040521-Color-BIN1-W-120-004.fit Calibrated-Color-T3-dougggg-M81-20160118-025900-Color-BIN1-W-120-003.fit Calibrated-Color-T3-dougggg-M81-20160131-001707-Color-BIN1-E-120-005.fit
	Calibrated-Color-T3-dougggg-M81-20160117-041006-Color-BIN1-W-120-005.fit Calibrated-Color-T3-dougggg-M

	create database namelayer character set latin1;
	grant all privileges on namelayer.* to namelayer@localhost identified by 'changethis';
	create database citadel character set latin1;
	grant all privileges on citadel.* to citadel@localhost identified by 'changethis';
	create database castlegates character set latin1;
	grant all privileges on castlegates.* to castlegates@localhost identified by 'changethis';
	create database exilepearl character set latin1;
	grant all privileges on exilepearl.* to exilepearl@localhost identified by 'changethis';
	create database jukealert character set latin1;
	grant all privileges on jukealert.* to jukealert@localhost identified by 'changethis';