nicdex @nicdex

**ReynardSec** @reynardsec@infosec.exchange · 1h *

1h *

ReynardSec @reynardsec@infosec.exchange

A grumpy ItSec guy walks through the office when an exchange of words reaches his ears.

Dev0: Hey, this isn't working, I hate containers...
Dev1: Maybe just add the --privileged flag!

ItSec: Just… no. Simply no. No privileged mode - the grumpy fellow interjects as he walks away.

Dev0: Jesus, fine - no privileged mode.
Dev1: Okay, but… why?

Here's why (one, simple example):

Docker's --privileged flag lifts almost all restrictions from your container - exactly the opposite of --cap-drop=ALL. Let's demo the difference.

1) Start two containers.

docker run -itd --privileged --name ubuntu-privileged ubuntu
docker run -itd --name ubuntu-unprivileged ubuntu

2) Inspect /dev in the unprivileged container.

docker exec -it ubuntu-unprivileged bash
ls /dev
exit

You'll only see a limited set of devices. No disk access.

3) Now inspect /dev in the privileged container.

docker exec -it ubuntu-privileged bash
ls /dev

/dev/sda exposed! Sometimes you may see /dev/mapper when LVM is in place. Then "apt update && apt install -y lvm2" and "lvscan" may help during next phase.

4) Exploitation part (inside the privileged container) - simply mount mount /dev/sda to any writable path in container.

mkdir /tmp/whatever
mount /dev/sda1 /tmp/whatever

5) You can now enumerate - and access - the Docker host's logical volume.

ls -la /tmp/whatever

6) If you wish, you can even chroot into the host:

chroot /tmp/whatever /bin/bash

The moral of the story is to avoid privileged mode, because in the event of an incident (e.g. an attacker compromising an app running inside a container), you significantly increase the likelihood of successful lateral movement from the container to the Docker host - and from there into the rest of your infrastructure.

Usually the grumpy guy means well. He just doesn't know how to explain it properly.

#devops #programming #webdev

Replied in thread

**Johannes Rabauer** @rabauer@mastodon.online · 2h

Johannes Rabauer @rabauer@mastodon.online

Expect weird experiments, small failures, maybe surprising results.
Saturday 8pm CET
Streaming on YouTube https://youtube.com/live/lGACZWULwYg

YouTubeGenerating ASCII Art & Images with Java + Spring AI | LLM Game Dev with Stable Diffusion & OllamaBy Johannes Rabauer

#Java #AI #LiveCoding

**Markus Eisele** @myfear@mastodon.online · 2h

Markus Eisele @myfear@mastodon.online

Tracing the Mind of Your AI: Java Observability with Quarkus and LangChain4j
Instrument, trace, and monitor your AI-powered Java apps using local LLMs, Ollama, and OpenTelemetry with zero boilerplate.
https://myfear.substack.com/p/java-ai-observability-quarkus-langchain4j
#Java #LangChain4j #Ollama #OpenTelemetry

**エミリーSEレクト** @emilyselect@mastodon.social · 10h

10h

エミリーSEレクト @emilyselect@mastodon.social

HTMLの基本とタグの書き方を初心者向けに解説【JavaWeb入門講座2】HTML入門

https://www.emilyselect.com/html%e3%81%ae%e5%9f%ba%e6%9c%ac%e3%81%a8%e3%82%bf%e3%82%b0%e3%81%ae%e6%9b%b8%e3%81%8d%e6%96%b9%e3%82%92%e5%88%9d%e5%bf%83%e8%80%85%e5%90%91%e3%81%91%e3%81%ab%e8%a7%a3%e8%aa%ac%e3%80%90javaweb%e5%85%a5/?feed_id=1015&_unique_id=6882b6074c56c&Mastodon

#Java #プログラミング #初心者向け

**Qiita - 人気の記事** @qiita@rss-mstdn.studiofreesia.com · 11h

11h

Qiita - 人気の記事 @qiita@rss-mstdn.studiofreesia.com

【ポケモン×Java】知識編えっ、Stringってプリミティブ型じゃないの！？
https://qiita.com/hitomin_poke/items/de5ffc68ab25b57b7d5d?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

Qiita【ポケモン×Java】知識編えっ、Stringってプリミティブ型じゃないの！？ - Qiita💭 はじめに Javaを学び始めたばかりの人がよく混乱するポイントのひとつ…… Stringって、プリミティブ型っぽく見えるけど、違うの？実は、Stringは見た目はシンプルだけど、**参照型（オブジェクト）**なんです！この記事では、「Stringがなぜ参照型な...

#qiita #Java #オブジェクト指向

**robrich** @robrich@hachyderm.io · 11h

11h

robrich @robrich@hachyderm.io

https://dev.to/lepsistemas/spring-boot-development-environment-with-docker-and-vs-code-42mg - building with #Java and #SpringBoot in #DevContainers. Nice walk-through https://www.linkedin.com/in/leandro-boeing-vieira/.

DEV CommunitySpring Boot Development Environment with Docker and VS Code"It works on my machine." If you're a developer, chances you've heard, and said, it at least once in...

**BobTop** @BobTop@mastodon.social · 13h

13h

BobTop @BobTop@mastodon.social

Found a java version of the game Mobile Soccer for Symbian s90, screen 640x320, midp 1.0
Of course there are differences from the version for s80, but it is still an interesting find.
#JAVA #Nokia #retrogaming

**Marcin Grzejszczak** @toomuchcoding@fosstodon.org · 15h

15h

Marcin Grzejszczak @toomuchcoding@fosstodon.org

Less than 24h to go!
Join my free lightning talk on observability (Fri, July 25 @ 7PM GMT+2):
https://maven.com/p/1dcc10/observability-of-your-application

Live demo, real debugging, and a sneak peek at my upcoming Microservices + Observability workshop
#observability #java #microservices

maven.comObservability of your ApplicationFixing latency & errors is critical - observability helps you find and solve issues fast using real data, not guesswork.

**JCON** @jcon@mastodon.social · 16h

16h

JCON @jcon@mastodon.social

Our next #JCON2025 session is live: 'Practical AI in Java' with Marcus Hellberg

At this point, we all know it's easy to have an #AI write bad jokes in the console with #Java …

Grab your coffee and hit play: https://youtu.be/cMUQr19OUf8

youtu.be- YouTubeEnjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

#JCON #Vaadin #Spring

**Lobsters** @lobsters@mastodon.social · 17h

17h

Lobsters @lobsters@mastodon.social

There is no memory safety without thread safety https://lobste.rs/s/omasxh #go #java #plt
https://www.ralfj.de/blog/2025/07/24/memory-safety.html

lobste.rsThere is no memory safety without thread safety | Lobsters

**Erik C. Thauvin** @ethauvin@mastodon.social · 18h

18h

Erik C. Thauvin @ethauvin@mastodon.social

Spring Boot 3.5.4 available now

#java #springboot #springframework

https://spring.io/blog/2025/07/24/spring-boot-3-5-4-available-now

Spring Boot 3.5.4 available nowSpring Boot 3.5.4 available nowLevel up your Java code and explore what Spring can do for you.

**InfoQ** @infoq · 20h

20h

InfoQ @infoq

#AI is here to stay - and it’s a HUGE opportunity for #Java & #Spring developers!

#SpringAI 1.0 is now available - a comprehensive solution for AI engineering in Java, shaped by rapid advances in the AI space.

In this #InfoQ article, Josh Long examines the new Spring AI 1.0 project and explores how it can be used to integrate AI more effectively!

Learn more: https://bit.ly/4lTYBc3

#SoftwareDevelopment #AIinJava

Continued thread

**Guillaume Laforge** @glaforge@uwyn.net · 20h

20h

Guillaume Laforge @glaforge@uwyn.net

After yesterday's post on #ADK〖 sub-agents 〗in #java, let's have a look at the〖 sequential flow 〗of agents.

With an example of a trip planner, with an #AI #agent searching info about a destination, an itinerary agent, and a restaurant finder.

https://glaforge.dev/posts/2025/07/24/mastering-agentic-workflows-with-adk-sequential-agent/

glaforge.devMastering agentic workflows with ADK: Sequential agentsTech blog of Guillaume Laforge, with articles on generative AI, LLMs, cloud computing, microservices architecture, serverless solutions, Java and Apache Groovy programming

**Stéphane Nicoll** @snicoll@mastodon.online · 20h

20h

Stéphane Nicoll @snicoll@mastodon.online

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 3.5.4 has been released and is now available from Maven Central.

https://spring.io/blog/2025/07/24/spring-boot-3-5-4-available-now

Spring Boot 3.5.4 available nowSpring Boot 3.5.4 available nowLevel up your Java code and explore what Spring can do for you.

#java #spring #springboot

**JAVAPRO** @javapro@mastodon.social · 22h

22h

JAVAPRO @javapro@mastodon.social

Only 7 days left until the #CFP closes! Share your insights on #Java25 and reach 20,000+ readers with #JAVAPRO.

Conference distribution
Social media visibility
Submit multiple articles!

Deadline: July 31
Info & submit here: https://docs.google.com/forms/d/e/1FAIpQLSe7-WA4FP80N3VALYdSBa8MnVR-f_tZyIsnsiUgLx8XHcGwyA/viewform

#Java

**JAVAPRO** @javapro@mastodon.social · 23h

23h

JAVAPRO @javapro@mastodon.social

Java didn’t survive 30 years by standing still. Want to know why #Java’s still everywhere? Because its #APIs never stop adapting. Vipin Menon digs through the layers—from AWT to Loom, JDBC to HTTP/2.

Dig in: https://javapro.io/2025/05/20/a-journey-through-30-years-of-api-evolution/

#JVM #VirtualThreads #ProjectLoom

**JCON** @jcon@mastodon.social · 23h

23h

JCON @jcon@mastodon.social

#Java + #AI = Sounds a bit like Jarvis!

Join Edward Burns at #JCONUSA25 @ #IBM #TechXchange (Oct 6-9) as he showcases #LangChain4j-cdi and how you can bring AI Power to Java so that you might become the next Tony Stark.

Get your tickets now: https://usa.jcon.one/register

#JCON

**Moritz Halbritter** @mhalbritter@fosstodon.org · 1d

Moritz Halbritter @mhalbritter@fosstodon.org

On behalf of the team and everyone who has contributed, I'm happy to announce that Spring Boot 3.4.8 has been released and is now available from Maven Central.

https://spring.io/blog/2025/07/24/spring-boot-3-4-8-available-now

Spring Boot 3.4.8 available nowSpring Boot 3.4.8 available nowLevel up your Java code and explore what Spring can do for you.

#java #spring #springboot