"As a general rule, avoid running npm in production environments." - https://nodejs.org/en/blog/vulnerability/december-2019-security-releases/
That sums up my feelings nicely!
Selling "Christmas ornaments" with images of Auschwitz does not seem appropriate. Auschwitz on a bottle opener is rather disturbing and disrespectful. We ask @amazon to remove the items of those suppliers. https://www.amazon.com/s?k=Fcheng+poland&ref=nb_sb_noss
Nice impression with my new X395 under #OpenBSD. Too bad that suspend/resume is broken with amdgpu for now.
It would have been handy for the conference I'm heading to.
But otherwise, iwm(4) works, X works (with SWcursor as for all amdgpu devices I've tried so far), video works. and it feels good to have a trackpad with 3 real buttons back after 5 years with softbuttons onlly.
And no intel CPU bugs.
This work has been committed! #OpenBSD now requires that system calls be in pre-registered regions (by the kernel or ld.so), in addition to the pre-existing check that syscalls be in un-writable memory.
syscall verification from 2005: https://www.usenix.org/legacy/event/sec05/tech/full_papers/linn/linn.pdf
#OpenBSD syscall call-from verification
deraadt@ changed lib/libc/sys: Document msyscall(2): ld.so can use this (once only) to tell the kernel where libc.so's text segment is, thereby allowing invocation of system calls from that region. An upcoming change will kill the process if a system call is invoked from addresses not explicitly permitted.
ok guenther kettenis mortimer
I accidentally made a halachic ruling. Guess that makes me a rabbi now. I don't make the rules... oh wait I literally just did.
I encourage this. Really, we shouldn't feel constrained by the rabbis. It's important to let this shared cultural knowledge actually be shared, and that means (at least in part) decoupling its power structure.
Using #OpenSSH's new builtin U2F support is such a joy. Just generate a new key-pair, press once your U2F token (I have the cheapest one from Yubico), distribute the pubkey and be done with it.
Thanks a lot to all involved developers!
An aspiring software engineer. Mastodon fan. I speak for myself.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!