news
Programming Leftovers
-
Undeadly ☛ Source code sandboxing
As Undeadly readers might expect, OpenBSD's pledge(2) and unveil(2) receive favourable appraisal.
-
BSD ☛ Source code sandboxing
Operating systems have come a long way since chroot(), and allow developers to limit resources far beyond just the file-system root. In this article, I'll survey some modern tools for sandboxing and how easy or hard it might be to do so by drawing from documentation and examples. This is not a research paper: it's a survey and guide.
We'll cover the main open source operating systems with sandbox tools: Linux, OpenBSD, and FreeBSD (including DragonFlyBSD). Mac OS X gets limited mention, as does Java. If you know of other operating systems with such tools (e.g., NetBSD's secmodel), please raise an issue or a GitHub pull request.
-
Seth Godin ☛ Ecosystems come and go
Your project doesn’t exist in a vacuum. Your company wouldn’t exist if it weren’t for the customers, competitors, marketplaces, systems and tech that make it all work.
-
Raymond Camden ☛ Using BoxLang's Cache Services
You also get the ability to introspect all those caches at the system level. You can get them all, poke inside, and so forth. Caches also have built in stats so you can do your own reporting, monitoring, and so forth.
Caches support a filtering system which provides an API to work with keys based on string patterns. So for example, imagine you are caching results for names, and use a key following this pattern: [...]
-
Kane Narraway ☛ Why Is Preventative Security So Difficult?
Very few attempt to address the problem at its source. You probably wouldn’t be happy if you hired a plumber, only to have them tell you that they’ve located three leaks in your attic and went home. Yet that’s exactly what we do in security.
Of course, good detection and response practices are needed too. Incidents will always happen, detecting and responding effectively to those that get through will always be required. Ideally, we want to prevent vast swaths of issues before they become incidents.
In this blog, I’ll be diving further into what I call systemic prevention and why it’s so hard to solve security at scale.
-
Garrit Franke ☛ git diff --ignore-all-space makes code review way easier
I just learned a cool trick that I want to share. Let's review the diff of a file using git diff. I redacted most of it, but you probably found yourself in the situation of extremely long changes before: [...]
-
Dave Gauer ☛ SVG Sourcecode Shapes (A Little Ruby Script that can make a self-portrait in SVG)
This was created as a deeply nested item in a stack of projects. I wanted to visually represent the "shape" of the source code in a project.
-
Artyom Bologov ☛ Lost Computation
It immensely saddens me when the computation and context is lost. Because it’s there for a reason. More context means better error messages and debugging state preservation. And these result in better developer and user experience. Yet we programmers constantly lose running computation and its context. What a waste.
-
Rlang ☛ Open repo of ecological data for use in teaching
Open repo of ecological data for use in teaching
Just a quick announcement. I’ve organized and posted two ecological datasets that I find helpful for creating examples for teaching.
-
Rlang ☛ Impact of Budget Deficits on Treasury Yields with XGBoost
Charles Schwab analysts said that historically, budget deficits have had minimal impact on Treasury yields, primarily due to the United States’ economic dominance and its status as the issuer of the world’s reserve currency. The variable importance analysis with the XGBoost machine learning model confirms the aforementioned statement. -
Iustin Pop: This blog finally goes git-annex!
A long, long time ago…
I have a few pictures on this blog, mostly in earlier years, because even with small pictures, the git repository became 80MiB soon—this is not much in absolute terms, but the actual Markdown/Haskell/CSS/HTML total size is tiny compared to the picture, PDFs and fonts. I realised I need a better solution, probably about ten years ago, and that I should investigate git-annex. Then time passed, and I heard about
git-lfs, so I thought that’s the way forward.Now, I recently got interested again into doing something about this repository, and started researching.
-
Andy Wingo: whippet in guile hacklog: evacuation
Good evening, hackfolk. A quick note this evening to record a waypoint in my efforts to improve Guile’s memory manager.
So, I got Guile running on top of the Whippet Hey Hi (AI) This API can be implemented by a number of concrete garbage collector implementations. The implementation backed by the Boehm collector is fine, as expected.
-
Perl / Raku
-
Arne Sommer ☛ One Final with Raku - Arne Sommer
You are given a binary array containing only 0 or/and 1.
Write a script to find out the maximum consecutive 1 in the given array.
-
-
Python
-
Juha-Matti Santala ☛ Starting my video projector with Python and Playwright
It led me down a rabbit hole of discovering that there’s a web UI I can use to control it. And by adjusting some settings, I can have it listen to those commands when it’s off (or technically in stand-by mode) which means I can start it from my browser.
This led me to an adventure of making it easier and easier step-by-step for me to start it without having to find the remote.
-
-
R / R-Script
-
Rlang ☛ Investigating running R on RISC-V thanks to r-base on Ubuntu
I was interested to see whether and how well R would run on the new RISC-V architecture.
A while ago I read that RISC-V is now a first class architecture for Ubuntu.
This got me thinking, instead of having to build R from source maybe the r-base package might be available for RISC-V. It turns out that this is indeed the case, the architecture we are interested in is riscv64. The launchpad page for r-base is here. Clicking through the subpages for each version of Ubuntu I can see that R is available for RISC-V from Ubuntu Focal Fossa onwards (for which the version of R is 3.6.3; and the latest version of Ubuntu has the current version of R of 4.5.0).
-