Search
78 results for “c0dec0dec0de”
-
One static analysis tool tells me to use `lstat` and `fstat` to avoid (or at least detect) malicious replacement of a file that I `open`. Then, after doing this, my other static analysis tool complains that I’ve introduced a TOCTOU (time-of-use, time-of-check) between `lstat` and `open`.
Sure, but I’m going to detect that. Real issue I have with all of this is that there’s still a window (which I estimate to be the about the same size in both versions of this program) between creating this pseudoterminal file and the next interaction I have with it (be that pulling file stats with `lstat` or `open`ing it).
#SemGrep #Coverity #StaticAnalysis #Programming #C -
One static analysis tool tells me to use `lstat` and `fstat` to avoid (or at least detect) malicious replacement of a file that I `open`. Then, after doing this, my other static analysis tool complains that I’ve introduced a TOCTOU (time-of-use, time-of-check) between `lstat` and `open`.
Sure, but I’m going to detect that. Real issue I have with all of this is that there’s still a window (which I estimate to be the about the same size in both versions of this program) between creating this pseudoterminal file and the next interaction I have with it (be that pulling file stats with `lstat` or `open`ing it).
#SemGrep #Coverity #StaticAnalysis #Programming #C -
One static analysis tool tells me to use `lstat` and `fstat` to avoid (or at least detect) malicious replacement of a file that I `open`. Then, after doing this, my other static analysis tool complains that I’ve introduced a TOCTOU (time-of-use, time-of-check) between `lstat` and `open`.
Sure, but I’m going to detect that. Real issue I have with all of this is that there’s still a window (which I estimate to be the about the same size in both versions of this program) between creating this pseudoterminal file and the next interaction I have with it (be that pulling file stats with `lstat` or `open`ing it).
#SemGrep #Coverity #StaticAnalysis #Programming #C -
#LazyWeb is there an easy method to get videos from YouTube (not your own, but arbitrary ones) to a self-hosted MediaCMS instance?
My instinct if there isn’t is to try to string something together with a Firefox extension and a thin wrapper service around `yt-dlp`.
#youtube #MediaCMS #SelfHosted #SelfHosting -
#LazyWeb is there an easy method to get videos from YouTube (not your own, but arbitrary ones) to a self-hosted MediaCMS instance?
My instinct if there isn’t is to try to string something together with a Firefox extension and a thin wrapper service around `yt-dlp`.
#youtube #MediaCMS #SelfHosted #SelfHosting -
#LazyWeb is there an easy method to get videos from YouTube (not your own, but arbitrary ones) to a self-hosted MediaCMS instance?
My instinct if there isn’t is to try to string something together with a Firefox extension and a thin wrapper service around `yt-dlp`.
#youtube #MediaCMS #SelfHosted #SelfHosting -
#LazyWeb is there an easy method to get videos from YouTube (not your own, but arbitrary ones) to a self-hosted MediaCMS instance?
My instinct if there isn’t is to try to string something together with a Firefox extension and a thin wrapper service around `yt-dlp`.
#youtube #MediaCMS #SelfHosted #SelfHosting -
#LazyWeb is there an easy method to get videos from YouTube (not your own, but arbitrary ones) to a self-hosted MediaCMS instance?
My instinct if there isn’t is to try to string something together with a Firefox extension and a thin wrapper service around `yt-dlp`.
#youtube #MediaCMS #SelfHosted #SelfHosting -
Is there an accepted pattern for replacing your database pool in an #actixweb application? As in, the system is rotating the database password, updates the file handle it’s passed through to the application, and then my application should reconnect using the new credentials and drop the old connection.
#rustlang #rust #sqlx #ProgrammingPatterns -
I have used a git subtree, and while I kinda hate it. I still think it was the right call given the constraints.
This is not a reply because I don’t want to argue with the take that brought it to mind.If, for some reason, you want to use git subtree, think very carefully about doing so. Reasons follow.
-
Another person who has been contributing to the #SlowAI meme is of course @pluralistic :
locusmag.com/2015/07/cory-doct…
In addition to Stross, Doctorow credits Ted Chiang:
-
“Time flies when you’re having fun.” Or a specific kind of miserable.
Brought to you by ADHD and that last 20% of a coding task that takes 80% of the time because it should have just worked.
#ADHD #TimeBlindness #frustration #programming -
Coordinated Inauthentic Activity: A Neurodivergent Framework for Understanding Allistic Behavior
#FakeBook -
This past week’s episode of Escape Pod is lovely. Hopeful post-apocalyptic, kinda cozy.
@EAPodcasts
#EscapePod #SciFi #Storytelling
https://escapepod.org/2025/01/02/escape-pod-974-once-abandoned/ -
@0xabad1dea I remember listening to and really enjoying the idea of this world in @EAPodcasts
and being just delighted by the idea of a world with ubiquitous acknowledgement of people’s caring needs.
https://escapepod.org/2019/07/18/escape-pod-689-spectrum-of-acceptance/
#neurodivergent #podcast #SciFi #fiction #EscapePod -
Oh, fuck, well, if for some reason you were still of the misconception that certs in general (and those through CompTIA in particular) were just a money-grab: you can straight buy CEU credit. I thought it was bad enough that they had the slacker option of the CertMaster open-book retest to keep your cert (which I absolutely rely upon because I hate paperwork).
#InfoSec #CompTIA -
Oh, fuck, well, if for some reason you were still of the misconception that certs in general (and those through CompTIA in particular) were just a money-grab: you can straight buy CEU credit. I thought it was bad enough that they had the slacker option of the CertMaster open-book retest to keep your cert (which I absolutely rely upon because I hate paperwork).
#InfoSec #CompTIA -
Oh, fuck, well, if for some reason you were still of the misconception that certs in general (and those through CompTIA in particular) were just a money-grab: you can straight buy CEU credit. I thought it was bad enough that they had the slacker option of the CertMaster open-book retest to keep your cert (which I absolutely rely upon because I hate paperwork).
#InfoSec #CompTIA -
Oh, fuck, well, if for some reason you were still of the misconception that certs in general (and those through CompTIA in particular) were just a money-grab: you can straight buy CEU credit. I thought it was bad enough that they had the slacker option of the CertMaster open-book retest to keep your cert (which I absolutely rely upon because I hate paperwork).
#InfoSec #CompTIA -
@puzzled_squid I like the global leaderboard for #Tunnet. Log scale histogram, no names. It's just nice.
-
Re: Rust LLM drama
Boy, this does not motivate me to pick up that neglected Rust project of mine. -
My Anbernic RG35XX Pro #GameDad arrived! So, obviously, I immediately started playing Link to the Past.
-
Average person names 3 things a year" factoid actualy just statistical error. Average person names 0 things per year. Names-things-Georg, who is a literal child and names everything he sees Georg, is an outlier and should not have been counted.
#jokes #SpidersGeorg -
Fuck. Can people stop ruining software and services? I don’t have the fucking time to write shit like this or even self-host all of it!
-
Currently writing a blog of all things. I'm not sure I'll ever publish it, but I'm organizing my thoughts about my current side-project as drafts on a blog.
Am I trying to do the equivalent of rubber duck/teddy bear debugging with the entire process of writing an app?
#programming #blogging #AmICrazy -
Alright, Danny has a point. This is good policy. A ban is better, but this is quite good.
(And the expanded context for the “no ethics considerations” quote puts it in a very different light)
https://circumstances.run/@hipsterelectron/116583442520508006