It is probably wired up to the fire alarm like many emergency exits are. They typically fail-open so that if the wire is cut or the power goes out they can be opened without trouble.
Stupid idea, but probably not a major fire risk.
I've stopped shopping at Loblaw's as they have make it increasingly clear that they don't care at all about their customers. I used to actually be a big fan, they had good selection and their house bands were actually pretty good. But I'm tired of continuously being treated like a criminal as they continue to cut costs and raise prices. Their self-checkout stands must be the most user-hostile thing ever. I actually enjoy using self checkouts when they don't suck. Have you used self-checkout at IKEA? Absolutely pleasurable. You just grab the scanner and go beep-beep-beep and you are done in like 3 seconds. But Loblaw's is like beep, place item in bagging area, wait for the bagging scale to stabilize, beep, wait for scale, beep, out of space try to put something on the floor, YOU HAVE ANGERED THE SCALE!!! LOCKING WHOLE UNIT UNTIL ATTENDANT COMES!!!, a minute the attendant—who is clearly also tired of these hostile machines—unlocks it without even looking at the error or what you have "stolen", then I can continue scanning hoping that I don't anger it again. When I am done it asks how many bags I used, they don't even have bags anymore. Then it asks if I want to make a charitable donation in their name, go away and donate yourself and I'll donate on my own. Finally I can pay. And now I have the pleasure being locked in until I scan my receipt.
Also who is this stopping? If I want to steal something I'm not going to sticker-swap or try to sneak it on the scale. I'm just going to leave it in the bag and never scan it. What happens if I didn't buy anything, am I going to be allowed out? Are they going to demand to pat me down? They don't have the right to do that.
I'm tired of this shit, I've recently been shopping at Farm Boy and they have a nice human who quickly scans my stuff and I am on my way. It isn't even any more expensive for most things. (though they do frequently lack bulk options which can result in a higher price.) I have the luxury of being able to pretty freely choose where I shop, and I appreciate that no everyone has that privilege, but I've started shopping mostly based on how they treat me. Loblaws and Canadian Tire can fuck right off, they treat me like a criminal. Shoppers and Amazon are bad, but not awful. IKEA and Farm Boy treat me like an actual human who's time and experience is valued, so they get my money.
I would say podman by default. It has a better security architecture as it can run rootless.
However there are small differences from Docker so you may need use Docker if you are trying to run third-party services that rely on these differences.
A "tarbomb" usually refers to an archive that has multiple (often a large number) of top-level items. Traditionally a tar archive contains a single folder, which may contain more things inside of this. This can be annoying because if you do tar -xf tarbomb.tar in your home directory (or downloads folder) you now have a bit of a mess that you need to clean up.
It is a bit of a historical artifact, most archive managers will create a folder for the contents if there are multiple top-level items, and you really shouldn't be extracting archives in directories with other files anyways as it could be a security issue (for example if there is a .profile or .ssh/authorized_keys file in that archive). Of course tar won't protect you by default unless you pass --one-top-level.
I think what you are concerned about is a path-traversal vulnerability where tar will write files outside of the current directory. Any modern tar should not allow this, no matter what the archive contains.
...with 19 bugs 9 of which are exploitable.
These units hurt me. For others with the same pain 20 oz is a bit over 1/2 a liter
You obviously never browsed the web with jQuery javascript-based animations in 2006.
737 is a very unusual file permission. But IIRC it actually works as intended. The group that owns the file can't read it but can write and execute, everyone else can. However I suspect you can probably figure out a way to drop the relevant group?
And -z. tar -xf foo.tar.{gz,xz,zstd,...} will work perfectly fine.
I know this is a meme, but I actually find tar fairly easy to remember.
tar -xf $archive is extract file
tar -czf $archive dir/ is create zipped (compressed) file and the positional arguments are the files to add to the archive.
And this is 99% of my usage. You can skip -f $archive to use stdin/stdout or use -C to change directory (weird name but logically tar always extracts to the current directory). There is also a flag to list which I always forget and lookup each time, but I list much less often. -v is useful for verbose.
Overall there are much harder commands to remember. find always gets me if I go beyond -name. ps, tree and ls (beyond -Al) always get me to open the man page.
Material Files + SFTP is a winning combination. You probably already have SSH configured and it is quite secure.
There is also a good chance that they can be pushed open, just triggering alarm. Based on TFA that is the case.