Ngezinyanga zokugcina I-Google inake ngokukhethekile izindaba zokuphepha etholakala ohlamvini Linux kanye KubernetesNgoNovemba wonyaka odlule, i-Google yandisa usayizi wezinkokhelo njengoba inkampani iphinda kathathu inzuzo yokuxhashazwa kwezimbungulu ezazingaziwa ngaphambili ku-Linux kernel.
Umqondo wawuwukuthi abantu bangathola izindlela ezintsha zokuxhaphaza i-kernel, ikakhulukazi ngokuhlobene ne-Kubernetes egijima emafini. I-Google manje ibika ukuthi uhlelo lokuthola iziphazamisi lube yimpumelelo, ithola imibiko eyisishiyagalolunye ezinyangeni ezintathu futhi ikhiphe imali engaphezu kuka-$175,000 kubacwaningi.
Futhi kungenxa yokuthi ngeposi blog I-Google iphinde yakhipha isimemezelo mayelana nokunwetshwa kwalolu hlelo ukukhokha imiklomelo engukheshi yokuhlonza izinkinga zokuphepha ku-Linux kernel, inkundla ye-ochestration yesiqukathi se-Kubernetes, i-Google Kubernetes Engine (GKE), kanye ne-Kubernetes Capture the Flag (kCTF) indawo yokuncintisana yokuba sengozini yokuncintisana.
Iposi lisho lokho manje uhlelo lwemiklomelo luhlanganisa ibhonasi eyengeziwe $20,000 ngobungozi bosuku oluyiziro emisebenzini engadingi usekelo lwendawo yegama lomsebenzisi kanye nokubonisa izindlela zokuxhaphaza ezintsha.
Inkokhelo eyisisekelo yokubonisa ukuxhashazwa okusebenzayo ku-kCTF ingu-$31 (inkokhelo eyisisekelo inikezwa ongenayo obonisa kuqala ukuxhashazwa okusebenzayo, kodwa izinkokhelo zebhonasi zingasetshenziswa ekuxhashazweni okulandelayo ngenxa yokuba sengozini okufanayo).
Sandisa imiklomelo yethu ngoba sabona ukuthi ukuze sidonse ukunaka komphakathi sidinga ukufanisa imiklomelo yethu nalokho okulindele. Sibheka ukunwetshwa kube yimpumelelo, ngakho-ke singathanda ukukwelula ngokuqhubekayo okungenani kuze kube sekupheleni konyaka (2022).
Ezinyangeni ezintathu ezedlule, sithole okuthunyelwe okungu-9 futhi sakhokha ngaphezulu kuka-$175 kuze kube manje.
Encwadini siyakubona lokho inani, kucatshangelwa amabhonasi, umvuzo omkhulu wokuxhaphaza (izinkinga ezikhonjwe ngokusekelwe ekuhlaziyweni kokulungiswa kweziphazamisi kusisekelo sekhodi esingamakwa ngokusobala njengobungozi) ingafinyelela ku-$71 (ngaphambilini umklomelo ophakeme wawungu-$31), futhi enkingeni yosuku oluyiziro (izinkinga ezingakabi khona isixazululo) kukhokhwa imali efika ku-$337 (ngaphambilini umvuzo omkhulu wawungu-$91,337). Uhlelo lokukhokha luzosebenza kuze kube umhla ka-31 Disemba 2022.
Kuyaphawuleka ukuthi ezinyangeni ezintathu ezedlule, I-Google isicubungule izicelo eziyi-9 cngolwazi ngobungozi, okwakhokhwa amadola ayizinkulungwane eziyi-175.
Abacwaningi ababambe iqhaza balungiselele imisebenzi emihlanu yokuba sengozini yosuku oluyiziro kanye nokubili kobungozi bosuku olungu-1. Izinkinga ezintathu ezilungisiwe ku-Linux kernel zidalulwe esidlangalaleni (CVE-2021-4154 ku-cgroup-v1, CVE-2021-22600 ku-af_packet kanye ne-CVE-2022-0185 ku-VFS) (lezi zinkinga sezivele zikhonjwe nge-Syzkaller futhi ezimbili ukulungiswa kweziphazamisi kwengezwe ku-kernel).
Lezi zinguquko zikhuphula okunye ukuxhaphaza kosuku olungu-1 kuya ku-$71 (vs. $337) futhi zenze umvuzo omkhulu wokuxhaphaza okukodwa okungu-$31 (vs. $337). Sizophinde sikhokhele ngisho nezimpinda okungenani u-$91 uma zibonisa amasu okuxhaphaza amanoveli (esikhundleni sika-$337). Nokho, sizophinda sikhawulele inombolo yemiklomelo yosuku olungu-50 ukuya kowodwa ngenguqulo/ngokwakha.
Kukhona ukukhishwa kwe-12-18 GKE ngonyaka esiteshini ngasinye, futhi sinamaqembu amabili eziteshini ezahlukene, ngakho-ke sizokhokha imivuzo eyisisekelo ye-31 USD kuze kube izikhathi ezingu-337 (akukho mkhawulo wamabhonasi). Nakuba singalindele ukuthi sonke isibuyekezo sibe nokuthunyelwa okuvumelekile kosuku olungu-36, singathanda ukuzwa ngenye indlela.
Ngakho kushiwo esimemezelweni ukuthi isamba sezinkokhelo sincike ezintweni ezimbalwa: uma inkinga etholiwe iwukuba sengcupheni kwezinsuku eziyiziro, uma idinga izindawo zamagama abasebenzisi abangenazo amalungelo, uma isebenzisa izindlela zokuxhaphaza ezintsha. Ngalinye lala maphuzu liza nebhonasi ye $ 20,000, okugcina kukhuphule inkokhelo yokuxhashazwa okusebenzayo $ 91,337.
Ekugcineni sUma unesifiso sokwazi okwengeziwe ngakho mayelana nenothi, ungabheka imininingwane kokuthunyelwe kwangempela Kulesi sixhumanisi esilandelayo.