One common pattern would be this: Early during startup, a process reads some configuration files. Once done, it can lock itself down and tell the kernel that it won’t need any further filesystem access at all (or only access to certain paths). If the process gets hacked later on, the attacker won’t be able to read files.
As I understand it, this is better than static restrictions like AppArmor and the likes, because those apply to the entire lifespan of the process.
And it’s much easier to use than something like chroot. OpenBSD’s
pledge and unveil are particularly easy to use, making it feasible to use them in almost any program (not just the ones that you might consider “security critical”):- https://why-openbsd.rocks/fact/pledge/
- https://why-openbsd.rocks/fact/unveil/
Even something like
cal (that thing that prints a calendar) uses pledge in OpenBSD: https://github.com/openbsd/src/blob/master/usr.bin/cal/cal.c#L153
One common pattern would be this: Early during startup, a process reads some configuration files. Once done, it can lock itself down and tell the kernel that it won’t need any further filesystem access at all (or only access to certain paths). If the process gets hacked later on, the attacker won’t be able to read files.
As I understand it, this is better than static restrictions like AppArmor and the likes, because those apply to the entire lifespan of the process.
And it’s much easier to use than something like chroot. OpenBSD’s
pledge and unveil are particularly easy to use, making it feasible to use them in almost any program (not just the ones that you might consider “security critical”):- https://why-openbsd.rocks/fact/pledge/
- https://why-openbsd.rocks/fact/unveil/
Even something like
cal (that thing that prints a calendar) uses pledge in OpenBSD: https://github.com/openbsd/src/blob/master/usr.bin/cal/cal.c#L153
One common pattern would be this: Early during startup, a process reads some configuration files. Once done, it can lock itself down and tell the kernel that it won’t need any further filesystem access at all (or only access to certain paths). If the process gets hacked later on, the attacker won’t be able to read files.
As I understand it, this is better than static restrictions like AppArmor and the likes, because those apply to the entire lifespan of the process.
And it’s much easier to use than something like chroot. OpenBSD’s
pledge and unveil are particularly easy to use, making it feasible to use them in almost any program (not just the ones that you might consider “security critical”):- https://why-openbsd.rocks/fact/pledge/
- https://why-openbsd.rocks/fact/unveil/
Even something like
cal (that thing that prints a calendar) uses pledge in OpenBSD: https://github.com/openbsd/src/blob/master/usr.bin/cal/cal.c#L153
One common pattern would be this: Early during startup, a process reads some configuration files. Once done, it can lock itself down and tell the kernel that it won’t need any further filesystem access at all (or only access to certain paths). If the process gets hacked later on, the attacker won’t be able to read files.
As I understand it, this is better than static restrictions like AppArmor and the likes, because those apply to the entire lifespan of the process.
And it’s much easier to use than something like chroot. OpenBSD’s
pledge and unveil are particularly easy to use, making it feasible to use them in almost any program (not just the ones that you might consider “security critical”):- https://why-openbsd.rocks/fact/pledge/
- https://why-openbsd.rocks/fact/unveil/
Even something like
cal (that thing that prints a calendar) uses pledge in OpenBSD: https://github.com/openbsd/src/blob/master/usr.bin/cal/cal.c#L153
walked about 3/4 mile and then started c/d run. felt strong so endurance is in a great spot!
#running
walked about 3/4 mile and then started c/d run. felt strong so endurance is in a great spot!
#running
walked about 3/4 mile and then started c/d run. felt strong so endurance is in a great spot!
#running
after the warm-up the humidity hit me and i realized i was drenched and i could not stop sweating. it was going to be rough, and it was. kept a pretty steady pace which was great... and around 0.70 miles i upchucked in my mouth a bit, which was oh so great, so i eased off the gas towards the end. overall very happy with the effort since normally i do this in the cooler and drier conditions. in addition i have not been doing much speed work so this is great.
76.2F feels like 84.6F with 93% RH and 73.7F dew point
#running
after the warm-up the humidity hit me and i realized i was drenched and i could not stop sweating. it was going to be rough, and it was. kept a pretty steady pace which was great... and around 0.70 miles i upchucked in my mouth a bit, which was oh so great, so i eased off the gas towards the end. overall very happy with the effort since normally i do this in the cooler and drier conditions. in addition i have not been doing much speed work so this is great.
76.2F feels like 84.6F with 93% RH and 73.7F dew point
#running
after the warm-up the humidity hit me and i realized i was drenched and i could not stop sweating. it was going to be rough, and it was. kept a pretty steady pace which was great... and around 0.70 miles i upchucked in my mouth a bit, which was oh so great, so i eased off the gas towards the end. overall very happy with the effort since normally i do this in the cooler and drier conditions. in addition i have not been doing much speed work so this is great.
76.2F feels like 84.6F with 93% RH and 73.7F dew point
#running
included some strides and felt pretty strong
#running
included some strides and felt pretty strong
#running
included some strides and felt pretty strong
#running
The second one hit us right in the face. The sky was constantly flashing and there was a continuous rumble, not individual thunder. (You can’t really hear it in the video, I was too close to the window …)
https://movq.de/v/e949ae6403/MVI_7687.MOV.mp4
Most of the lightning was inside the clouds, apparently.
https://movq.de/v/e949ae6403/IMG_7648.JPG
No water damage this time, luckily.
The second one hit us right in the face. The sky was constantly flashing and there was a continuous rumble, not individual thunder. (You can’t really hear it in the video, I was too close to the window …)
https://movq.de/v/e949ae6403/MVI_7687.MOV.mp4
Most of the lightning was inside the clouds, apparently.
https://movq.de/v/e949ae6403/IMG_7648.JPG
No water damage this time, luckily.
The second one hit us right in the face. The sky was constantly flashing and there was a continuous rumble, not individual thunder. (You can’t really hear it in the video, I was too close to the window …)
https://movq.de/v/e949ae6403/MVI_7687.MOV.mp4
Most of the lightning was inside the clouds, apparently.
https://movq.de/v/e949ae6403/IMG_7648.JPG
No water damage this time, luckily.
The second one hit us right in the face. The sky was constantly flashing and there was a continuous rumble, not individual thunder. (You can’t really hear it in the video, I was too close to the window …)
https://movq.de/v/e949ae6403/MVI_7687.MOV.mp4
Most of the lightning was inside the clouds, apparently.
https://movq.de/v/e949ae6403/IMG_7648.JPG
No water damage this time, luckily.
Texto cinzento em fundo branco: I know, I know, I know, I know, I know, I know, I know, I know, I know, I know, I know, I know, I know, I know
Texto cinzento em fundo branco: I know, I know, I know, I know, I know, I know, I know, I know, I know, I know, I know, I know, I know, I know
It's itching everywhere, mozzies ate me alive.
- https://chromewebstore.google.com/search/Redirector
- https://libredirect.github.io/
- https://requestly.com/products/web-debugger/
- https://chromewebstore.google.com/search/Redirector
- https://libredirect.github.io/
- https://requestly.com/products/web-debugger/
- https://chromewebstore.google.com/search/Redirector
- https://libredirect.github.io/
- https://requestly.com/products/web-debugger/
- https://chromewebstore.google.com/search/Redirector
- https://libredirect.github.io/
- https://requestly.com/products/web-debugger/
/https://baldo.cat/media/photos/photo_18329-06-2024_15-42-45.jpg) #catsoftwtxt
#catsoftwtxt
#catsoftwtxt
#catsoftwtxt
/https://baldo.cat/media/photos/photo_17929-06-2024_15-40-00.jpg) #catsoftwtxt
#catsoftwtxt
/https://baldo.cat/media/photos/photo_17829-06-2024_15-39-26.jpg) #catsoftwtxt
#catsoftwtxt
#catsoftwtxt
s/(www\.)?youtube.com\/watch?v=([^?]+)/tubeproxy.mills.io/play/\1 for example? 🤔
s/(www\.)?youtube.com\/watch?v=([^?]+)/tubeproxy.mills.io/play/\1 for example? 🤔
s/(www\\.)?youtube.com\\/watch?v=([^?]+)/tubeproxy.mills.io/play/\\1 for example? 🤔
Additional features I'm thinking about next:
- Add to Plex (_on-demand download, tag and update of the Plex archives_)
- Subscribe (_added to my
ytdl-sub that subscribes to Youtube channels and stores nicely in Plex_)
Additional features I'm thinking about next:
- Add to Plex (_on-demand download, tag and update of the Plex archives_)
- Subscribe (_added to my
ytdl-sub that subscribes to Youtube channels and stores nicely in Plex_)
It looks like this protocol has been sitting in “unstable” for at least 5 years now:
https://gitlab.freedesktop.org/wayland/wayland-protocols/-/tree/main/unstable/primary-selection
Some months ago, they tried to move it (and others) to “staging”:
https://gitlab.freedesktop.org/wayland/wayland-protocols/-/merge_requests/252/diffs#46fa0a22de556f66f7cf1876c4c1817b65f886f5
And that’s where it is now.
I’m not sure what “unstable” actually means in this context, nor “staging”/“stable”. Is there someone actively working on this? How bad is it really if it just sits in “unstable” for years? What are the consequences of a move to “stable” – do clients need to be updated to request the new version? 🤔
It looks like this protocol has been sitting in “unstable” for at least 5 years now:
https://gitlab.freedesktop.org/wayland/wayland-protocols/-/tree/main/unstable/primary-selection
Some months ago, they tried to move it (and others) to “staging”:
https://gitlab.freedesktop.org/wayland/wayland-protocols/-/merge_requests/252/diffs#46fa0a22de556f66f7cf1876c4c1817b65f886f5
And that’s where it is now.
I’m not sure what “unstable” actually means in this context, nor “staging”/“stable”. Is there someone actively working on this? How bad is it really if it just sits in “unstable” for years? What are the consequences of a move to “stable” – do clients need to be updated to request the new version? 🤔
It looks like this protocol has been sitting in “unstable” for at least 5 years now:
https://gitlab.freedesktop.org/wayland/wayland-protocols/-/tree/main/unstable/primary-selection
Some months ago, they tried to move it (and others) to “staging”:
https://gitlab.freedesktop.org/wayland/wayland-protocols/-/merge_requests/252/diffs#46fa0a22de556f66f7cf1876c4c1817b65f886f5
And that’s where it is now.
I’m not sure what “unstable” actually means in this context, nor “staging”/“stable”. Is there someone actively working on this? How bad is it really if it just sits in “unstable” for years? What are the consequences of a move to “stable” – do clients need to be updated to request the new version? 🤔
It looks like this protocol has been sitting in “unstable” for at least 5 years now:
https://gitlab.freedesktop.org/wayland/wayland-protocols/-/tree/main/unstable/primary-selection
Some months ago, they tried to move it (and others) to “staging”:
https://gitlab.freedesktop.org/wayland/wayland-protocols/-/merge_requests/252/diffs#46fa0a22de556f66f7cf1876c4c1817b65f886f5
And that’s where it is now.
I’m not sure what “unstable” actually means in this context, nor “staging”/“stable”. Is there someone actively working on this? How bad is it really if it just sits in “unstable” for years? What are the consequences of a move to “stable” – do clients need to be updated to request the new version? 🤔
It was just moist walls, luckily. Never happened before, as far as I can tell. Still, it’s a little disconcerting, yeah. 😅
It was just moist walls, luckily. Never happened before, as far as I can tell. Still, it’s a little disconcerting, yeah. 😅
It was just moist walls, luckily. Never happened before, as far as I can tell. Still, it’s a little disconcerting, yeah. 😅
It was just moist walls, luckily. Never happened before, as far as I can tell. Still, it’s a little disconcerting, yeah. 😅
A huge effort 😲