Category: RE
-
RE: Get ready for OpenTofu 1.7.0-beta1
OpenTofu, the terraform fork which remains truly Open Source, just announced the 1.7.0-beta1 release which brings the following new enhancements: Especially state encryption is a feature I’m excited about. At the moment I do not use any terraform for my private projects so it’s hard to try OpenTofu in the wild, but me and my…
-
RE: Hacking Terraform State for Privilege Escalation
An interesting attack vector which uses empty terraform providers and a modified state file to execute code! There’s lots to be excited about as a red teamer and scared of as a blue teamer, but at the top of the list is that the attack does not require a “terraform apply”. Even if the human reviewing…
-
RE: Announcing Rust 1.73.0
Yay, Rust 1.73.0 has been released! Highlights include cleaner panic messages and the stabilisation of APIs, I’m especially happy about the stabilisation of unix APIs for `chown`, `fchown` and `lchown`.
-
RE: The OpenTofu fork is now available!
A few weeks ago HashiCorp decided to switch the terraform license model from an open source license to the Business Source License (BSL) model, so there’s now a community driven terraform fork called OpenTofu.