🤕 oof, bad day to be a salt consumer

Looks like salt has unwittingly distributed a WORM and is now being subject to crypto-mining backdoors, which is anyones guess what the actual use of these will be for...

@thegibson - this needs some boosty love, this flew under the radar in > 80% of my devoops circles.

:borglove: tia

Show thread

Looks like there's some help out there already, there's a CVE check in some python2 janky fashion...

but use your best judgement, its yet another script.

Show thread

@chuck And just after I had pretty much decided to use salt for building and deploying my systems this summer :blobcateyes:​ Maybe I do go with Ansible like I originally planned 🤔


And the exploit documentation site only presents content if you load and run their JS. Confidence == low.

@chuck as currently deployed (i.e., the "new normal") I have to agree. 😩

@chuck Why does that site depend on external JS...


1) People who expose their configuration management daemons to the Internet

2) People who don't patch them when a HUGE REMOTE CODE EXECUTION HITS THE NEWS


Lulz, I read this toot just after coming from a (virtual) church service where the reading du jour was the bit that begins "You are the salt of the earth, but if the salt loses its flavor...."

Here's a soundtrack to play while removing the bad salt from your computer -- the Rolling Stones' "Salt of the Earth": (Joan Baez and Judy Collins have good cover versions too.)

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!