[dev] [st] maps window before setting the title, confuses dwm's matching

Hi all, In the current version of st, when invoked with the -t option, it would map the window before setting its title, which would prevent dwm (or any other dynamic wm) from matching its rules against it. Here's a patch that fixed the thing for me: diff -r 1eb3e1b6a8d0 st.c --- a/st.c Sat

Re: [dev] sbase

Hi, had a sleepless night, so contributing sleep.c and sleep.1. Thanks, Kamil On Mon, May 23, 2011 at 03:15:43AM +0100, Connor Lane Smith wrote: Hey all, I think it's about time we started a minimalist, statically linked set of core utilities. The BSD family are bloated, and the GNU

Re: [dev] mret

Hi, It would be nice if the textbox can be more 'canvas-like', such as drawing a horizontal or vertical line to indicate each individual commands output? Stuff like that. Right now you can embed virtually any Tk widget or any image, simply use the wishpipe. I only started learning TclTk a few

Re: [dev] A replacement for at.

> satd is an unprivileged daemon that is user-private, and > starts and exits automatically. Why not use a service supervisor?

Re: [dev] A replacement for at.

On Fri, 01 Jan 2016, Greg Reagle <greg.rea...@umbc.edu> wrote: > On Fri, Jan 01, 2016 at 06:05:58PM +0100, Kamil Cholewiński wrote: >> Yes, please let's stop writing process management code into daemons and >> instead solve this problem in a portable and non-sucky way. > &g

Re: [dev] A replacement for at.

> Wouldn't you need a service supervisor with at's functionallity? No. Separation of concerns. > If you are paranoid about sat crashing When in doubt, assume the component will crash/fail. > as long as you can have user-private services. Yes, please let's stop writing process management code

Re: [dev] [farbfeld] version 1 release

On Wed, 06 Jan 2016, "Leander S. Harding" wrote: > On Wed, Jan 6, 2016 at 10:45 AM, FRIGN wrote: >> Hello fellow hackers, >> >> I'm pleased to announce version 1 of farbfeld[0]... > > Modest proposal: let us define an animated-farbfeld format as a > tarball of

Re: [dev] [surf] bug: sessions last only a few hours

On Fri, 03 Jun 2016, Christoph Lohmann <2...@r-36.net> wrote: > 2‐factor authentication is doomed to fail. Don’t use it. This suggestion doesn't help when your org requires & enforces 2FA...

Re: [dev] pledge(2) patches

On Fri, 03 Jun 2016, Christoph Lohmann <2...@r-36.net> wrote: > For st this will never be included in mainline. Please add it do the wi‐ > ki, if you think it’s relevant for others. I will try having it accepted in ports first. Security shouldn't be opt-in. <3,K.

Re: [dev] [lnanosmtp]

On Thu, 09 Jun 2016, Sylvain BERTRAND wrote: > Hi, > > Introducing a new minimal and naive smtp server à la suckless: lnanosmtp > > https://github.com/sylware/lnanosmtp > https://repo.or.cz/lnanosmtp.git > > cheers, > > -- > Sylvain Ages old, stupid question. What's

Re: [dev] pledge(2) patches

On Mon, 06 Jun 2016, Ben Woolley wrote: > But then, isn't that what config.h can do? Try it in config.h and see > how you feel. A lot of OS-specific features are enabled from > configuration in other software. The "problem" with pledge, is you have to let the program

Re: [dev] pledge(2) patches

On Mon, 06 Jun 2016, Martin Kühne wrote: > I don't understand the purpose of pledge, since it's under the control > of the programmer, but so is what the program does just as well. In > what way is the programmer supposed to prevent himself from doing what > they were going to

Re: [dev] pledge(2) patches

On Mon, 06 Jun 2016, FRIGN wrote: > What it all brings up is the issue of IPC. Can you people suggest > your favourite approach to IPC? If not, maybe we could look into > writing a very simple library (name-suggestion "sippy" :P) which > builds on top of UDS and implements a very

Re: [dev] pledge(2) patches

On Mon, 06 Jun 2016, Martin Kühne wrote: > Can it somehow be made to keep its effect across the exec family of syscalls? > > cheers! > mar77i No. This is why pledging "stdio proc exec" is still quite dangerous. A well-designed program may try separating this functionality

Re: [dev] pledge(2) patches

On Mon, 06 Jun 2016, Martin Kühne wrote: > Also, the way it is designed is a rather silly approach to security > which is much more revealing about today's idiotic way of writing > software by including tens of millions of SLOC of dependencies instead > of doing the one thing

Re: [dev] [lnanosmtp]

On Fri, 10 Jun 2016, Louis Santillan wrote: > As to justification, I'd say, that depends. Libc (and C in general) > has some well known, well documented bugs that exists simply to keep > old code compiling (many methods that start with str*, malloc/free > corner but frequent

Re: [dev] [lnanosmtp]

On Thu, 09 Jun 2016, Sylvain BERTRAND <sylvain.bertr...@gmail.com> wrote: > On Thu, Jun 09, 2016 at 02:03:33PM +0200, Kamil Cholewiński wrote: >> On Thu, 09 Jun 2016, Sylvain BERTRAND <sylvain.bertr...@gmail.com> wrote: >> > Hi, >> > >> > Intr

Re: [dev] which versions are dwm patches intended to apply to cleanly?

On Wed, 15 Jun 2016, David Phillips wrote: > Some people thought it was a good idea to use 6.1 to denote git head before > 6.1 actually came out. This worked fine until they stopped maintaining > their patches to apply against git head. > > Something should be done about

Re: [dev] Different versions of suckless libutf

On Wed, 01 Jun 2016, Ben Woolley wrote: > I see two things to do: > 1. There could be a new name for the transformation that stands apart > from UTF-8, which has now been changed from that original meaning. > [...] > > Maybe call the transform CTF-8, where C is character. Then

Re: [dev] Different versions of suckless libutf

On Wed, 01 Jun 2016, Ben Woolley wrote: > That is the reason why I am erring on the side of 5% this time. The 95% use case here is handling UTF8-encoded Unicode text. Secure by default should be the norm, not a magic flag, not buried in a readme. If you need to encode an

Re: [dev] Different versions of suckless libutf

On Wed, 01 Jun 2016, Connor Lane Smith wrote: > So the question is whether libutf is meant to deal only with UTF-8 > (which is constant), or other Unicode features too (which are > dynamic). My point is, whenever possible, make the library user's life better. Frozen

Re: [dev] which versions are dwm patches intended to apply to cleanly?

On Thu, 16 Jun 2016, David Phillips wrote: > What? Since when were any patches "supported"? The amount of effort that goes into organising them (as evidenced by the thread) indicates that, in fact, there is some "support".

Re: [dev] [dlogout] I wrote a basic logout-/shutdown-menu for use with dwm.

On Sun, 19 Jun 2016, Thomas Oltmann wrote: > So, what do you think? Do you even feel there's a need for a > shutdown-menu for dwm? Are you happy with the quality of the source code? What does it do that dmenu + a shell script can't?

Re: [dev] JIT & VM discussion

On Sat, 18 Jun 2016, Connor Lane Smith wrote: > Hi all, > > I was wondering if others had an opinion on JIT. Suppose we don't need > anything fancy like adaptive optimisation, but just wanted to compile > a program at runtime. One possibility might be to generate C code and >

Re: [dev] [bugs] st clears up upon resize and other little things

> 1 - when you open st and some strings printed (try 'ls' for example), > upon resizing it down and resizing it back up, the content is lost. > Shouldn't the printed stuff remain there? This is an annoyance for > when I, for example, 'ls' a folder, open an image that I found inside > so dwm

Re: [dev] [PATCH] Change an eprintf to a die to stop child from running its own slideshow

> It depends on your background. eprintf() and weprintf() were written by > Rob Pike and Kernighan and used in the book "The Practice of Programming". I see... Principle of least surprise, except it's me who should never be surprised. I guess the rest of us get surprised only once.

Re: [dev] [PATCH] Change an eprintf to a die to stop child from running its own slideshow

> Otherwise we can use the approach in sbase which is to have eprintf() > be equivalent to die() and weprintf() for just the warning version. TBH I would find this behavior extremely confusing. The established conventions seem to be: printf - format string and write to stdout sprintf - format

Re: [dev] surf

> How do I save webpages? wget? :)

Re: [dev] [surf] Why yank to primary instead of clipboard?

On Wed, 03 Feb 2016, robin wrote: > The function clipboard(Client *c, const Arg *arg) > uses GDK_SELECTION_PRIMARY instead of GDK_SELECTION_CLIPBOARD. > > For me, thats a hassle. > How do i copy a uri to send to a friend? > > I changed it to use CLIPBOARD, but I am

Re: [dev] [surf] Why yank to primary instead of clipboard?

On Wed, 03 Feb 2016, sta...@cs.tu-berlin.de wrote: > * Kamil Cholewiński 2016-02-03 10:05 >> On Wed, 03 Feb 2016, robin <robin.a.t.peder...@gmail.com> wrote: >> Middle click. >> [...] >> Yes, this is really confusing and frustrating, I have to reach for th

Re: [dev] [surf] Why yank to primary instead of clipboard?

On Wed, 03 Feb 2016, Martti Kühne wrote: > Seriously, if you don't like it, much of this isn't the fault of sl. > That GTK programs use a different paste buffer for ^Ins is completely > arbitrary and probably the wrong thing GTK does there, but now that > doesn't force sl

Re: [dev] [ANNOUNCE] spt-0.1

On Tue, 02 Feb 2016, hiro <23h...@gmail.com> wrote: > After trying to find more info about pomodoro it seems the inventor of > this "technique" strongly argued for using simple tools (this > contrasts with the high-tech overengineered computer evil you > created). > You might want to consider this

Re: [dev] [ANNOUNCE] slock-1.3

> slock < password-file You now have a password in cleartext, which we know is a bad idea. It would be better to hash it. Congrats, /etc/passwd & friends reinvented.

Re: [dev] ways of viewing application indicators

On Mon, 14 Mar 2016, Greg Reagle wrote: > Greetings. I switched over to dwm recently on one of my computers. I > was using XFCE (Xubuntu) before. I needed to get to the dropbox GUI to > change some settings. I got it working with `dbus-launch xfce4-panel > &`. So now

Re: [dev] [bug][dwm] Fullscreen youtube after tag switch in 6.1

> 4. Switch again to the youtube tag: flash has crashed. ^ You get what you deserve. Who on earth still uses flash for youtube? Less sucky alternatives: - youtube-dl - HTML5 K.

Re: [dev] [bug][dwm] Fullscreen youtube after tag switch in 6.1

On Sun, 06 Mar 2016, Carlos Pita wrote: >> > 4. Switch again to the youtube tag: flash has crashed. >> ^ >> >> You get what you deserve. > > So it's not a technical but a moral issue, sorry then, I'll ask my rabbi. Flash is very

Re: [dev] execline shell

On Sun, 24 Apr 2016, Greg Reagle wrote: > On 04/23/2016 07:49 PM, ra...@openmailbox.org wrote: >> execline works on a different concept than regular shells: >> http://skarnet.org/software/execline/grammar.html > > Execline looks interesting, but I don't quite comprehend it.

Re: [dev] [question] Does bash suck?

On Sat, 23 Apr 2016, Marc Collin wrote: > Hi. > Recently a user from suckless told me that bash sucks, but before I > could ask why he went offline. > I tried looking at suckless.org page about software that sucks, but > couldn't find anything about bash. > I can imagine

Re: [dev] [question] Does bash suck?

On Sat, 23 Apr 2016, Marc Collin wrote: >> OpenBSD's ksh is excellent, but not sure if it was ever ported anywhere > It was, and it's called loksh. stali recommends it. > https://github.com/dimkr/loksh Yep, just saw it mentioned in the thread. I'm surprised this exists

Re: [dev] [question] Does bash suck?

On Sat, 23 Apr 2016, Greg Reagle wrote: > [...] it is incompatible with Plan 9 rc, unfortunately, and the author > is not interested in changing it to be compatible [4]. The difference > is just one item of syntax, but it's enough to be a major > incompatibility. Make that

Re: [dev] "Note On Webkit Versions"

On Sat, 30 Apr 2016, ra...@openmailbox.org wrote: > There is a lot of hype about rust being 'memory safe' but where is the > proof? You don't need a proof, you only need a significant improvement upon C, which Rust delivers. > secondly 1 in every 100 lines of servo is an 'unsafe {' directive.

Re: [dev] "Note On Webkit Versions"

On Sat, 30 Apr 2016, Ben Woolley wrote: > You pretty much just described Dillo. Bookmarks exist, but through the > plugin API only. Memory only cache. CSS and SSL support, but no JS. > About the only thing I could see counted against it is that it is C++ > and not C, but

Re: [dev] pledge(2) patches

Hi all, new versions of all four patches attached. Changes: - Added dummy pledge definition on other platforms - Added xpledge, refactored - Added rpath to final pledge in dwm; turns out xfont sometimes wants new fonts at runtime. Cheers! K. diff --git a/dmenu.c b/dmenu.c index

Re: [dev] pledge(2) patches

On Wed, 18 May 2016, Marc André Tanner wrote: > Independent of whether the functionality is desired, you probably want > to implement it along the lines of: > > #ifndef __OpenBSD__ > int pledge(const char *promises, const char *paths[]) { return 0; } > #endif > > This way

Re: [dev] [slock] PAM support

On Mon, 16 May 2016, Jan Christoph Ebersbach wrote: > What auth system are you using if it's neither PAM nor shadow/passwd? Kumbaya auth, or cowboy auth, according to personal preference

Re: [dev] [dwm] [patch] config.o

On Sat, 14 May 2016, Connor Lane Smith wrote: > Hi all, > > Attached is a dwm patch that pulls out all of the key and button > handlers, and all of the layouts, into a new file called config.c, > replacing config.h. The idea is that it makes it clearer what is dwm > proper and

[dev] pledge(2) patches

Hi folks, This is purely OpenBSD-specific; had a brief look at SecComp and promptly ran away. Included are pledge(2) diffs for dwm, dmenu, st and slock. I've been testing these for a week now (both stress-tests and normal usage), and I have no ill effects to report. - st has been tortured with

Re: [dev] "Note On Webkit Versions"

On Fri, 29 Apr 2016, Christoph Lohmann <2...@r-36.net> wrote: > Greetings. > > On Fri, 29 Apr 2016 17:58:08 +0200 Jochen Sprickerhof > wrote: >> Hi, >> >> just saw this commit: >> >> http://git.suckless.org/sites/commit/?id=6e3450a047c5f7eda300f68814f7b1dfd499119e

Re: [dev] [ii] how do you use it?

On Fri, 06 May 2016, Mitt Green wrote: > Hey, > > Sorry for kinda noobish question. I can't figure out > how ii works. Here's what I did: > > 1. compiled it; > 2. ran "ii -n -s irc.ubuntu.com" ; > 3. "echo "/j #ubuntu" > in" ; > 4. and nothing happened. > > I checked

Re: [dev] [ii] how do you use it?

On Fri, 06 May 2016, Mitt Green wrote: > So, FIFO in the description[1] means "fit in or f#$! off"? I'm going to print this and hang on the wall :D In all seriousness, ii is more of a library for use with shell scripts and custom plumbing than a fully-featured client. It

Re: [dev] "Note On Webkit Versions"

On Mon, 02 May 2016, Leo Gaspard wrote: > To get closer to the original topic, I think rust is among the best > choices for a webkit replacement. A webkit replacement *will* be huge, > bloated and sucky. It's pretty sad, but most of us need a way to access > sucky websites that

Re: [dev] Languages that suck (was "Note On Webkit Versions")

On Mon, 02 May 2016, FRIGN wrote: > Benjamin Franklin said this: > “Those who surrender freedom for security will not have, nor do they > deserve, either one.” > And this defines what it's all about. > C is all about freedom, and any measure a higher level language

Re: [dev] Languages that suck (was "Note On Webkit Versions")

On Mon, 02 May 2016, Marc Collin wrote: > Something better than using fancy (aka: complex) languages with > garbage collector, memory safeness, etc. is to formal verify your C > program[0]. There's even a kernel, seL4 that's been formally verified > to not contain certain

Re: [dev] [scc] issues with invoking

On Wed, 20 Apr 2016, hiro <23h...@gmail.com> wrote: > you seem to prepare writing your own operating system, but there is > already losethos, i don't recommend redoing this fine work. One word: microcontrollers

Re: [dev] [scc] issues with invoking

On Wed, 20 Apr 2016, hiro <23h...@gmail.com> wrote: > I read three words, but thanks anyway :) > I guess there are a lot of specific things about every single uC that > would make it worth one's while to create a highly customized compiler > for it. Somewhat agree. Code generation, optimisation

Re: [dev] Allow secure access to Web site suckless.org

Alternative to the CA system: http://convergence.io/ Alternative to SSL: use SSH to clone git repos. The site contents are available over git as well. Food for thought: https://github.com/shazow/ssh-chat Now, if there was public SSH access, things like gitolite do exist... <3,K.

Re: [dev] Proper window type for dwm and dmenu

On Tue, 19 Jul 2016, Staven wrote: > Shadows... with a tiling window manager? > How does that work? Actually, yes, slightly useful. It highlights the current window when there's no border - my preferred setup, to get these 2x80 columns with Terminus 14 on a 1280px wide screen.

Re: [dev] Never Ending Systemd Chronicles

I don't think we need more systemd hate - people are already in one camp or another. We do need a single, solid, real world, battle-proven solution, to propose as a viable alternative for distros to implement. Systemd does solve two things: 1. it's now universally available across all major

Re: [dev] Sane office alternative?

On Thu, 25 Aug 2016, Cág wrote: > FRIGN wrote: > >> I can recommend Abiword <...> > > Abiword sucks, in my opinion. I've tried it numerous times and many > times it crashed > without recover. It started when they switched to GTK+3. > > Luckily, I don't depend on formats and use

Re: [dev] Shell style guide

On Thu, 08 Sep 2016, Evan Gates wrote: > No. $@ is another example of something that _must_ be quoted every > time. When inside quotes the shell expands it correctly to a word for > each parameter. Without quotes the shell will do extra word splitting > and globbing. For

Re: [dev] Shell style guide

On Thu, 08 Sep 2016, Nick wrote: > I am against writing scripts that can deal with filenames with > newlines. Fuck such filenames. If you have to deal with them, shell > scripting is a terrible technology to use. And since you never know when you'll have to deal with

Re: [dev] containers opinion

On Fri, 23 Sep 2016, stephen Turner wrote: > whats the suckless view of containers and why? what about a > containerized init helper where sinit calls the container program and > then runs daemons and the rest of the system from containers? Do you > feel containers

[dev] Re: containers opinion

On Sat, 24 Sep 2016, stephen Turner wrote: > What do you recommend for best knowledge of unsharing resources? Start here: OpenBSD: pledge(2), imsg_init(3) Linux: unshare(2), prctl(2) This is just some basic pointers to get you started. Nothing will ever replace good

Re: [dev] Re: [stali] updating package source

On Thu, 15 Sep 2016, Anselm R Garbe wrote: > Let's call the tool metasrc, it consists of a metafile that contains the > format: > > # comment > local/path/situation:git-url[#tag|ref|branch] > ... [snip] > This has also the advantage, that in theory one could also deal with >

Re: [dev] Suckless e-comerce script proposal

On Thu, 22 Sep 2016, Jochen Sprickerhof wrote: > I would never do that. Having lot's of JS fiddling around in my bank > account sounds scary. You're more-or-less without a choice if you want to do online banking. Also safety in numbers. 99% of the cases of people

Re: [dev] Suckless e-comerce script proposal

On Thu, 22 Sep 2016, FRIGN wrote: > A good way to shop at Amazon is with gift cards. [...] Thanks for the tip! I'll share this with our IT dept.

Re: [dev] trying Stali in emulator

On Fri, 16 Sep 2016, Greg Reagle wrote: > I'd like to try out Stali. I don't have and don't want a Raspberry Pi. > I have an old desktop PC (currently running Debian) that I could use for > real hardware, or I could use an emulator. All else being equal, I > prefer an

Re: [dev] Suckless e-comerce script proposal

On Thu, 22 Sep 2016, Bobby Powers wrote: > Are you saying that doing wire transfers in Europe is common, or doing > wire transfers to pay for online goods? I'm glad to hear it is less > of a horrendous experience, but it still feels like a suck idea to > make customers

Re: [dev] Suckless e-comerce script proposal

On Thu, 22 Sep 2016, Joseph Graham wrote: > I would like some feedback on some ideas I have for a script to make a very > simple, but very secure, e-commerce website. Maybe it can be "slecommerce". I don't think highly domain-specific applications belong under the suckless

Re: [dev] [stali] The stali way to wifi

On Tue, 18 Oct 2016, Bruno Vetter wrote: > Hi there, > > thanks for all the support so far. > How would one connect to wifi in stali? For me, installing libnl-tiny and > wpa_supplicant works, but I'd be interested to hear if/how this is meant to > be achieved in a

Re: [dev] [stali] The stali way to wifi

On Tue, 18 Oct 2016, Cág wrote: > stali has sdhcp. Thanks for the suggestion, I may include it in my setup at some point.

Re: [dev] [stali] The stali way to wifi

On Thu, 20 Oct 2016, Laslo Hunhold wrote: > as an off-idea: How are startup-times of stali? Given the power of > machines today, there should not be many things limiting a startup in > just a few seconds. Any data on that? Oh just try it. I was truly amazed. >From bootloader to

Re: [dev] Simple shell with completion

On Wed, 12 Oct 2016, Evan Gates wrote: > On Wed, Oct 12, 2016 at 7:56 AM, Thomas Levine <_...@thomaslevine.com> wrote: >> Or I guess I could try zsh or bash > > bash completion is very powerful as you can write shell functions to > generate the possible completions based

Re: [dev] [announce] wjt-0.1 - slider widget

On Tue, 13 Dec 2016, s...@mailless.org wrote: > However, I don't see use for it for me here. I've bound keys to directly > interact with brightness/volume and firing up additional tool to grab my > inputs looks like overkill to me. Maybe I'm missing something, though, > or maybe you share some

Re: [dev] oasis: small linux system inspired by stali

> I think it might have been possible to use some other build tool to > achieve something similar, but I don't think it would have worked out > as well. http://gittup.org/tup/ ?

Re: [dev] [announce] mle: a small terminal-based text editor

On Wed, 29 Mar 2017, Snobb wrote: > So without lua, the editor goes with default hard-coded settings and > no way for even minor customisation like number of spaces per tab, > tabs or spaces, etc. Same for dwm. Use Awesome if you want dwm with Lua.

Re: [dev] [st] [PATCH 2/2] Keep end of lines in memory when resizing terminal

On Wed, 29 Mar 2017, hiro <23h...@gmail.com> wrote: > give it up. it's all hopeless. urxvt does it the right way and it still sucks. This. Every single terminal in the world has broken resize handling, except for urxvt. Just copy what urxvt does, and let's focus on more exciting problems. <3,K.

Re: Re: [dev] oasis: small linux system inspired by stali

On Tue, 28 Mar 2017, Pickfire wrote: > I did a benchmark against tup, make, mk, ninja back then. > What I learn: > > - make is the fastest > - ninja needs to be run twice > - tup is slowest (probably didn't use monitor) but easy to write > - mk is slightly slower than make >

Suckless monitoring [was Re: [dev] git://git.suckless.org not accepting connections]

On Tue, 04 Jul 2017, Anselm R Garbe wrote: > On 4 July 2017 at 00:36, Anselm R Garbe wrote: >> On 4 July 2017 at 00:06, Michael Forney wrote: >>> I noticed that git.suckless.org is no longer accepting connections >>> with the git

Re: Suckless monitoring [was Re: [dev] git://git.suckless.org not accepting connections]

On Tue, 04 Jul 2017, Anselm R Garbe wrote: > I've used my own for almost a decade: http://monitor.garbe.us/ > It checkes the services every 20 minutes and sends me a mail if some > service goes offline. Care to share the code?

Re: [dev] [question] gobo linux filesystem hierarchy

'make uninstall' might work if the software is sane and well-written, and if the operator is careful. But how do you handle upgrades? 'make uninstall' the old version, then 'make install' the new stuff? What if it's some critical piece, like base utils or the shell, and something goes wrong in

Re: [dev] [st] Larger HISTSIZE consumes huge memory

> And also will there be any daemon mode available for st? My guess is: no, never.

Re: [dev] Interesting Web Browser Decoupling Concept

On Tue, 13 Jun 2017, sylvain.bertr...@gmail.com wrote: > When mentioning souldcloud, I usually refer to the "sound editing" feature. As a person that does most of his music making in plain old analog (including a tape recorder), I miss the point of having a web service doing audio stuff, i.e.

Re: [dev] Interesting Web Browser Decoupling Concept

On Tue, 13 Jun 2017, sylvain.bertr...@gmail.com wrote: > Ofc, some internet sites do provide services which are hard dependent > on a rich GUI (I usually mention soundcloud). Actually audio and video playback these days can be done with pure HTML markup, which is sufficient for a completely

Re: [dev] Interesting Web Browser Decoupling Concept

On Thu, 15 Jun 2017, Dominykas Mostauskis wrote: > Here's an idea. As an alternative to wrestling with resource heavy > applications directly, implement heavy taxation on consumer device > computational power. [...] > > To continue the regulation rant, closed

Re: [dev] Interesting Web Browser Decoupling Concept

On Fri, 16 Jun 2017, sylvain.bertr...@gmail.com wrote: > When people are using the word "openbsd", it does designate the kernel > project. > Not the userland projects. Completely not true. Please check your facts.

Re: Re: [dev] Interesting Web Browser Decoupling Concept

On Tue, 13 Jun 2017, hiro <23h...@gmail.com> wrote: > [...] android is doing the right thing: it separates processes by > running them as separate users. [...] Every respectable OS/distro packages daemons to run as separate users. Every respectable piece of software separates privileges and uses

Re: Re: [dev] Interesting Web Browser Decoupling Concept

On Tue, 13 Jun 2017, sylvain.bertr...@gmail.com wrote: > You are being unreasonable here: you are presuming that "computer security" > does exist... but it does not. Software does not exist either for that matter, it's just a pattern of arbitrarily encoded 0's and 1's. "Today a young man on

Re: [dev] [st] Start with text already input

echo 'echo mytext' >> .zshrc P.S. please remove "in-reply-to" headers when starting a new thread

Re: [dev] Privilege escalation on remote hosts. MANY remote hosts.

> What about using custom public SSH keys that force the execution of a > specific command/script instead of the default login shell? The operational principle is that first you scp a script with arbitrary content, written in an arbitrary language, to the remote box(es), then execute the said

Re: [dev] Privilege escalation on remote hosts. MANY remote hosts.

On Fri, 22 Sep 2017, Antenore Gatta wrote: > Well, I hope it's what you are looking for. It's totally not, but I see where you're coming from :) You may want to look at Ansible Tower, Rundeck, or similar stuff. They all suck, but they do solve this kind of problem in a

Re: [dev] Privilege escalation on remote hosts. MANY remote hosts.

> go is not suckless. > > Should have written your PoC using simple C. Does C magically solve my design problem? At PoC stage, implementation language absolutely does not matter. I'd write it in PL/SQL if that solved the problem at hand. <3,K.

[dev] Privilege escalation on remote hosts. MANY remote hosts.

Hi list, TL;DR: passwordless sudo is same as making $USER equal to root at all times. Requiring a password is a royal PITA when trying to run one command on many many hosts. Scripting interactive password input sucks. Other methods are non-portable. Practical ideas? Long version: I've been

Re: [dev] Privilege escalation on remote hosts. MANY remote hosts.

I love how every discussin here eventually derails into "XYZ sucks". Yes, XYZ sucks. But FGH sucks more. I want to do what FGH does, because while FGH sucks, it solves a real-world problem. Now back to PrivEsc, I actually found Antenore's suggestion inspiring. It would work if we could force only

[dev] [stest] Hidden file processing

Hi list, stest from dmenu f428f3e produces broken results for paths starting with a "." that are not hidden files. I think this is best illustrated with a conversation with the shell: > $ ls -d ./bin > ./bin > $ stest -d ./bin > $ stest -ad ./bin > ./bin stest should probably treat the path

[dev] [patch] slstatus load_avg format string

established. <3,K. commit 35d708a272eb2d548ceeb79b2fd349becbb9d8ab Author: Kamil Cholewiński <harry6...@gmail.com> Date: Fri Sep 8 14:03:00 2017 +0200 change load_avg to take format string diff --git a/config.def.h b/config.def.h index f4a6bed..0e28d1e 100644 --- a/config.de

Re: [dev] Opinions on GNU stow

On Wed, 30 Aug 2017, Anselm R Garbe wrote: > Symlinks have always been a hack due to Unix' lack of a proper > namespaces approach. Plan 9 later fixed this by introducting a proper > namespaces approach[1] - but even today unices (incl. Linux) have > almost ignored the learnings

[dev] Golang [was Re: Privilege escalation on remote hosts. MANY remote hosts.]

On Fri, 29 Sep 2017, Anselm Garbe wrote: > Not sure who came up with that conclusion. Granted, you can solve many > problems surprinsingly well with plain C. But I consider Go as a > suckless option because of: > > - The only OO-way almost done right > - CSP > - statically

Re: [dev] announcing edit-pipe

On Sun, 27 Aug 2017, Thomas Levine <_...@thomaslevine.com> wrote: > * mktemp is not portable; you could use something like the date and > process identifier ($$) to create a portable temporary file. This is very wrong advice, please don't do this. Current timestamp is as guessable as it gets.

Re: [dev] announcing edit-pipe

> The name generated by mktemp is the concatenation of a directory name, > a slash (/), the value of the LOGNAME environment variable truncated > to {NAME_MAX} - 6 characters, and the process ID of the invoking > process. This is horrible. I guess HP-UX has much bigger problems than an

  1   2   >