0xC0DEC0DE07EA
-
Oh, fuck, well, if for some reason you were still of the misconception that certs in general (and those through CompTIA in particular) were just a money-grab: you can straight buy CEU credit. I thought it was bad enough that they had the slacker option of the CertMaster open-book retest to keep your cert (which I absolutely rely upon because I hate paperwork).
#InfoSec #CompTIA -
TIL you can format jq output to be shell-safe by filtering it through @sh.
(There are other text filters like @uri and such too).
https://jqlang.org/manual/#format-strings-and-escaping
#jq -
#LazyWeb is there an easy method to get videos from YouTube (not your own, but arbitrary ones) to a self-hosted MediaCMS instance?
My instinct if there isn’t is to try to string something together with a Firefox extension and a thin wrapper service around `yt-dlp`.
#youtube #MediaCMS #SelfHosted #SelfHosting -
One static analysis tool tells me to use `lstat` and `fstat` to avoid (or at least detect) malicious replacement of a file that I `open`. Then, after doing this, my other static analysis tool complains that I’ve introduced a TOCTOU (time-of-use, time-of-check) between `lstat` and `open`.
Sure, but I’m going to detect that. Real issue I have with all of this is that there’s still a window (which I estimate to be the about the same size in both versions of this program) between creating this pseudoterminal file and the next interaction I have with it (be that pulling file stats with `lstat` or `open`ing it).
#SemGrep #Coverity #StaticAnalysis #Programming #C