robryk @robryk@qoto.org
I enjoy things around information theory (and data compression), complexity theory (and cryptography), read hard scifi, currently work on weird ML (we'll see how it goes), am somewhat literal minded and have approximate knowledge of random things. I like when statements have truth values, and when things can be described simply (which is not exactly the same as shortly) and yet have interesting properties.
I live in the largest city of Switzerland (and yet have cow and sheep pastures and a swimmable lake within a few hundred meters of my place :)). I speak Polish, English, German, and can understand simple Swiss German and French.
If in doubt, please err on the side of being direct with me. I very much appreciate when people tell me that I'm being inaccurate. I think that satisfying people's curiosity is the most important thing I could be doing (and usually enjoy doing it). I am normally terse in my writing and would appreciate requests to verbosify.
I appreciate it if my grammar or style is corrected (in any of the languages I use here).
Joined Nov 2020
I think this is similar to considering murder worse than an action that will on average increase the amount of early deaths by 1 (e.g. emitting some amount of dust).
My intuition in both situations is that the reason is that murder/genocide can be used for coercion in a great multitude of ways.
@PedroGonnet Or don't care?
@whitequark I wonder whether _this_ constitutes a crime.
@25kV Where does 200kV come from?
@25kV Sorry, I wasn't clear enough. I meant a car that provides electrical power but no traction, so that an electrical locomotive can provide traction.
But fair point re swaps being time-consuming, so this probably makes such an approach useless.
This made me wonder whether there are any diesel bimodal trains where the diesel engine is a separate car (i.e. there's a separate car that contains the diesel engine and generator but without traction motors), so that you can do swap them out and have unsynchronized maintenance windows on them. Do you know of any such?
@dunkelstern If there was a dm-throttle, it would also throttle everything the fs driver would be doing in its own name (and any kernel thread in general).
@dunkelstern Hm~ I thought that devicemapper had an interposer that does that, but now I can only find dm-delay which isn't helpful here.
@dunkelstern Can't you rate limit the block devices of disks instead?
@rq Ah, I'm being silly: there, a MAC is sufficient.
@rq Hm~ I would expect that short-input hash functions are useful for key derivation (not from low entropy something, but when you have key K and want to generate various keys from K that are "unrelated" to anyone who doesn't know K; there's a more specific name for it and a contract-and-expand construction that does that that has an rfc that i can't recall the name of right now).
@mjg59 if you can mount something above the water, ultrasonic distance meter will work (and this is actually a pretty common setup in reality)
Na pierwszy rzut oka każdy proces który ma wiele faz jest złym pomysłem, bo jest znacznie więcej sytuacji brzegowych do rozważenia (chociażby z powodu obsługi błędów, jak i z powodu możliwych wyścigów między wieloma kopiami tego samego procesu).
Czemu w ogóle kazać `useradd`owi tworzyć katalog domowy? Czemu nie zrobić tego zawczasu?
Wydaje mi się, że chcesz naprawiać problemy przez postulowanie coraz bardziej skomplikowanych interfejsów. Bardzo rzadko jest to dobra droga.
Gdyby taki interfejs istniał, kto mógłby zablokować plik? Czego nie możnaby zrobić z plikiem gdy jest zablokowany? Czy zablokowany byłby inode, czy może wpis w katalogu (dentry)?
Polecam raczej popatrzenie na to co można zrobić na otwartym pliku za pomocą syscalli fcośtam oraz tego jak dziala open(O_PATH).
@anedroid To nie pomaga: `mount(2)` podąża za symlinkami, więc target można podmienić pomiędzy momentem kiedy się wykona realpath a uruchomieniem bwrapa.
Poza tym te mounty się dzieją po kolei. Pierwszy z nich może podmontować $HOME/a pod $HOME/b, a drugi $costam pod $HOME/b/sbin/runas.
@anedroid Ten konkretny problem możnaby rozwiązać bez tego, gdyby tylko dało się mieć pewną kopię /proc w tym kontenerze: wtedy otwierasz /sbin/runuser i dajesz bwrapowi jako dodatkowy fd, i każesz mu odpalić /proc/self/fd/numerek. No ale upewnienie się, że naprawdę masz procfs na /proc jest co najmniej trudne.
Obawiam się, że może się nie dać. ZTCW nie da się spowodować, żeby `mount()` nie podążał za symlinkami w ścieżce do celu.
@anedroid A, czyli cała ochrona bazuje na pośrednim katalogu bez g+x, rozumiem.
@rysiek @oktawian @seachdamh @polamatysiak
A, i czy mówicie o opodatkowaniu wartości budynku mieszkalnego, czy wartości budynku mieszkalnego razem z gruntem na którym jest?
@rysiek @oktawian @seachdamh @polamatysiak
Jak w tym modelu by wyglądała sytuacji akademików, burs, itp.?
I enjoy things around information theory (and data compression), complexity theory (and cryptography), read hard scifi, currently work on weird ML (we'll see how it goes), am somewhat literal minded and have approximate knowledge of random things. I like when statements have truth values, and when things can be described simply (which is not exactly the same as shortly) and yet have interesting properties.
I live in the largest city of Switzerland (and yet have cow and sheep pastures and a swimmable lake within a few hundred meters of my place :)). I speak Polish, English, German, and can understand simple Swiss German and French.
If in doubt, please err on the side of being direct with me. I very much appreciate when people tell me that I'm being inaccurate. I think that satisfying people's curiosity is the most important thing I could be doing (and usually enjoy doing it). I am normally terse in my writing and would appreciate requests to verbosify.
I appreciate it if my grammar or style is corrected (in any of the languages I use here).
Joined Nov 2020
