movq

uninformativ.de

No description provided.

movq
www.uninformativ.de
 (27w ago)

OpenBSD has the wonderful pledge() and unveil() syscalls:

https://www.youtube.com/watch?v=bXO6nelFt-E

Not only are they super useful (the program itself can drop privileges – like, it can initialize itself, read some files, whatever, and then tell the kernel that it will never do anything like that again; if it does, e.g. by being exploited through a bug, it gets killed by the kernel), but they are also extremely easy to use.

Imagine a server program with a connected socket in file descriptor 0. Before reading any data from the client, the program can do this:

unveil("/var/www/whatever", "r");
unveil(NULL, NULL);
pledge("stdio rpath", NULL);

Done. It’s now limited to reading files from that directory, communicating with the existing socket, stuff like that. But it cannot ever read any other files or exec() into something else.

I can’t wait for the day when we have something like this on Linux. There have been some attempts, but it’s not that easy. And it’s certainly not mainstream, yet.

I need to have a closer look at Linux’s Landlock soon (“soon”), but this is considerably more complicated than pledge()/unveil():

https://landlock.io/

⤋ Read More
movq
www.uninformativ.de
 (27w ago) 

fn sub(foo: &String) {
    println!("We got this string: [{}]", foo);
}

fn main() {
    // "Hello", 0x00, 0x00, "!"
    let buf: [u8; 8] = [0x48, 0x65, 0x6C, 0x6C, 0x6F, 0x00, 0x00, 0x21];

    // Create a string from the byte array above, interpret as UTF-8, ignore decoding errors.
    let lossy_unicode = String::from_utf8_lossy(&buf).to_string();

    sub(&lossy_unicode);
}

Create a string from a byte array, but the result isn’t a string, it’s a cow 🐮, so you need another to_string() to convert your “string” into a string.

I still have a lot to learn.

(into_owned() instead of to_string() also works and makes more sense to me, it’s just that the compiler suggested to_string() first, which led to this funny example.)

⤋ Read More
movq
www.uninformativ.de
 (27w ago)
In-reply-to » So I was using this function in Rust:

@lyse@lyse.isobeef.org Rust is so different and, at the same time, so complex – it’s not far fetched to assume that I simply don’t understand what’s going on here. The docs appear to be clear, but alas … is it a bugs in the docs? Is it a lack of experience on my part? Who knows.

By the way, looks like there was a bit of a discussion regarding that name:

https://github.com/rust-lang/rust/issues/120048

⤋ Read More
movq
www.uninformativ.de
 (27w ago)

So I was using this function in Rust:

https://doc.rust-lang.org/std/path/struct.Path.html#method.display

Note the little 1.0.0 in the top right corner, which means that this function has been “stable since Rust version 1.0.0”. We’re at 1.87 now, so we’re good.

Then I compiled my program on OpenBSD with Rust 1.86, i.e. just one version behind, but well ahead of 1.0.0.

The compiler said that I was using an unstable library feature.

Turns out, that function internally uses this:

https://doc.rust-lang.org/std/ffi/struct.OsStr.html#method.display

And that is only available since Rust 1.87.

How was I supposed to know this? 🤨🫩

⤋ Read More
movq
www.uninformativ.de
 (27w ago)
In-reply-to » @bender Both Gopher and Mastodon are a way for me to “babble”. 😅 I basically shut down Gopher in favor of Mastodon/Fedi last year. But the Fediverse doesn’t really work for me. It’s too focused on people (I prefer topics) and I dislike the addictive nature of likes and boosts (I’m not disciplined enough to ignore them). Self-hosting some Fedi thing is also out of the question (the minimalistic daemons don’t really support following hashtags, which is a must-have for me).

@bender@twtxt.net Yeah, well, it’s a bit like twtxt. There is a Gopher community, but it’s small. I actually don’t like that HTTP is so easily accessible. I don’t like it that much when people post links to my site on HackerNews or something like that. Too much exposure.

Gopher is a small world. It’s slow and cozy.

And much like twtxt, the protocol is simple®, so it’s easier to tinker with it.

⤋ Read More
movq
www.uninformativ.de
 (27w ago)
In-reply-to » @bender Both Gopher and Mastodon are a way for me to “babble”. 😅 I basically shut down Gopher in favor of Mastodon/Fedi last year. But the Fediverse doesn’t really work for me. It’s too focused on people (I prefer topics) and I dislike the addictive nature of likes and boosts (I’m not disciplined enough to ignore them). Self-hosting some Fedi thing is also out of the question (the minimalistic daemons don’t really support following hashtags, which is a must-have for me).

@prologic@twtxt.net Yeah, I’m very glad twtxt/Yarn doesn’t have this. ✌️

⤋ Read More
movq
www.uninformativ.de
 (27w ago)
In-reply-to » @quark Plot twist: I only drink decaf. 🤯🤯🤯

@quark@ferengi.one It’s as close as coffee as you can get. 😅 They take the beans, apply magic, and then most of the caffeine is gone. You can also buy whole decaf’d beans and then grind them yourself. It does kill some of the flavor – but it’s not like you’re drinking black water.

⤋ Read More
movq
www.uninformativ.de
 (27w ago)
In-reply-to » Of Pointlessware and CEOs Had a moment, to check up on some of the companies, I stopped following, get to The Browser Company and see their newest product - it's just Chrome, with an AI chat window pop-up and that's it. Something Canary Chrome, come with already. I see Theo from T3.gg, making fun of it on YouTube and promoting "his" product - an AI chat app, where you can choose from multiple models, by all the popular AI companies. Something I already have a worse version of, at work and I don't even use it. There's also an interview, about the future of virtual keyboards, surely this is at least actually a real thing and not more pointless horse shit. I check the website of the keyboard SDK, and it's around 20 identical apps, that just copy the same keyboard SDK/api and slap chatgpt features on top - in the App Store, these are surrounded by chatgpt clones, that just feed the users prompts, into the real thing and put ads, next to the answers.

@thecanine@twtxt.net … all these stupid, pointless “apps” are stuff that I eventually have to remove from family devices … Sigh.

⤋ Read More
movq
www.uninformativ.de
 (27w ago)
In-reply-to » Gopher server is back online and I’ll be phasing out Mastodon.

@bender@twtxt.net Both Gopher and Mastodon are a way for me to “babble”. 😅 I basically shut down Gopher in favor of Mastodon/Fedi last year. But the Fediverse doesn’t really work for me. It’s too focused on people (I prefer topics) and I dislike the addictive nature of likes and boosts (I’m not disciplined enough to ignore them). Self-hosting some Fedi thing is also out of the question (the minimalistic daemons don’t really support following hashtags, which is a must-have for me).

I’ll probably keep reading Fedi stuff, I just won’t post that much, I think.

⤋ Read More
movq
www.uninformativ.de
 (27w ago)
In-reply-to » I wanted to port this to Rust as an excercise, but they still have no random number generator in the core library: https://github.com/rust-lang/rust/issues/130703

@prologic@twtxt.net Yeah, it’s difficult, you often don’t get what you’d expect. They also make heavy use of 3rd party libraries. IIUC, for random numbers, they refer to this library. I’ve read many times that the Rust stdlib is intentionally minimalistic (to make it easier to maintain and port and all that).

I’m struggling with this, using 3rd party libs for so many things isn’t really my cup of tea. I’ll probably make my own tiny little “standard library”. It’s silly, but I don’t see any other options. 🤷

⤋ Read More
movq
www.uninformativ.de
 (28w ago)
In-reply-to » (#a23wqyq) @movq you have no idea what a soul sucking, heartbreaking SOB 2025 turned out to be. I wish you the best of luck with whatever annoyances life might have thrown your way. Power to you, my friend.

@aelaraji@aelaraji.com Thanks mate. 👌 (In the grand scheme of things I’m still doing great. World news are a horrible shit show nowadays, ffs. 😭)

⤋ Read More
movq
www.uninformativ.de
 (28w ago)

A bill from our ISP in 1998.

We’re talking about a month here, 1998-07-27 to 1998-08-26.

Basic fee: 7.50 DM (about 6€ today).

Online time: 516 minutes, 23.53 DM (about 20€ today).

That’s just the ISP costs, if I’m not mistaken. The underlying phone calls were pretty pricey as well.

⤋ Read More
movq
www.uninformativ.de
 (29w ago)

When I chose the MIT license for all of my software, I thought:

“Should I use GPL, which I don’t really understand? Is that worth it? Yeah, there is a theoretical possibility that some company might use my code in their proprietary product … and then what? Should I sue them to enforce the GPL? I’m not going to do that anyway, so I’ll just use the MIT license.”

And now we have those LLM scrapers and now it’s suddenly a reality that these companies (ab)use my code. I can see it in my logs. I didn’t expect that back then.

GPL wouldn’t help, either, of course. (Regardless, I now think that GPL would have been the better choice anyway.)

I’m honestly considering taking my code and website offline. Maybe make it accessible through some obscure protocol like Gopher or Gemini, but no more HTTP.

(Yes, Anubis might help. Temporarily.)

I’m just tired.

⤋ Read More