Lightly "sandboxed" homebrew on macOS

brew is a bad neighbor

This isn't a guide about locking down homebrew so that it can't touch the rest of your system security-wise.

This guide doesn't fix the inherent security issues of a package management system that will literally yell at you if you try to do something about "huh, maybe it's not great my executables are writeable by my account without requiring authorization first".

But it absolutely is a guide about shoving it into its own little corner so that you can take it or leave it as you see fit, instead of just letting the project do what it likes like completely taking over permissions and ownership of a directory that might be in use by other software on your Mac and stomping all over their contents.

By following this guide you will:

  • Never have to run sudo to forcefully change permissions of some directory to be owned by your account
#### ---------------------------------------------
## Edit via: RStudio > Tools > Edit Code Snippets
# Released under a MIT license
snippet fragment
snippet aside
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
Emerging threat details on CVE-2021-44228 in Apache Log4j

Update: Please see Bishop Fox's rapid response post Log4j Vulnerability: Impact Analysis for latest updates about this vulnerability.

Technologies using Apache Log4j

The Cosmos 🌌 team at Bishop Fox 🦊 is currently researching open-source projects that appear to use Log4j by default.

  • Apache Druid
  • Apache Dubbo
  • Apache Flink
  • Apache Flume
Using Lit Element without npm directly in the browser
<!-- From: -->
<!doctype html>
<!-- Polyfills only needed for Firefox and Edge. -->
<script src=""></script>
<!-- Works only on browsers that support Javascript modules like
Chrome, Safari, Firefox 60, Edge 17 -->
Simple rust build and deploy script —
#!/usr/bin/env bash
cd $(dirname $0)
docker run --rm -it -v "$(pwd)":/home/rust/src -v cargo-git:/home/rust/.cargo/git -v cargo-registry:/home/rust/.cargo/registry -v "$(pwd)/target/":/home/rust/src/target ekidd/rust-musl-builder:nightly-2021-01-01 sudo chown -R rust:rust /home/rust/.cargo/git /home/rust/.cargo/registry /home/rust/src/target
docker run --rm -it -v "$(pwd)":/home/rust/src -v cargo-git:/home/rust/.cargo/git -v cargo-registry:/home/rust/.cargo/registry -v "$(pwd)/target/":/home/rust/src/target ekidd/rust-musl-builder:nightly-2021-01-01 cargo build --release
Collect video URLs and GPS data for Parler videos.
The simplest way to write Dockerfile!

1. choose a simple linux image

For example alpine, it's only about 5MB.

2. set timezone if necessary

RUN apk add --no-cache tzdata
ENV TZ America/New_York
