Getting started with osquery development on Linux using CLion and QtCreator

Here’s a quick how-to to answer a question that was posted in the osquery Slack. Setting up the base development environment What follows is just a TLDR containing the bare minimum to get to the second part of the post. The osquery project has a lot of good documentation that you should really check out. Prerequisites osquery can be run pretty much on any distribution, but for development I’d suggest to go with Ubuntu. [Read More]

About VSync and input latency

Are you still arguing about VSync and input latency? Leave me out of this! I don’t think I have the strength to talk about this once again. Thankfully, a friend of mine just wrote a small article right on this subject, and I would like to share it with you; be careful though, the guy’s rude - and I can understand that: all his computers are malfunctioning. Here’s an excerpt: [Read More]

Using the Windows Driver Kit 8.1 with Visual Studio Express 2013

Edit: Visual Studio Express is now officially supported! See Visual Studio Express: New in Windows Driver Kit (WDK) 8.1 Update. Original post follows This is just a small note, mainly for myself; first things first, I’ve yet to investigate how to use the VS prompt with nmake and the WDK, so if you were looking for information about that you’re out of luck. For those of you still reading, I found out it’s pretty easy to compile a driver using the IDE, even though Microsoft officially states that it’s not possible and that you need to buy the Professional version of Visual Studio. [Read More]

Dropping privileges from a shellscript

Just a quick post here; this is a really simple mechanism to reliably drop the root privileges from a bash script. It may seem a little more complex than it should, but I’ve written it this way so that the user is not able to mess with it by just passing random command line arguments. #!/bin/bash function privilegedMain { echo "Debug: we're running as "$(whoami)"..." dropPrivileges "alessandro" RETURN_VALUE="$?" if [ $RETURN_VALUE -eq 1 ] ; then echo "Error: it was not possible to drop the privileges" return 1 fi echo "The unprivileged entry point returned the following value: $RETURN_VALUE" return 0 } function unprivilegedMain { echo "Debug: we're running as "$(whoami)". [Read More]