<clever>
* Refactoring: move variable uses to a separate class.
<clever>
- Bindings::iterator i = env2->bindings.find(sWith);
<clever>
it ceased to do anything ~10 years ago i believe
<pie_[bnc]>
i like how the ocmmit mentions symbol pointer equality test for efficiency
<clever>
it used to be a special key in a set, like { "<with>" = "something"; } i think
<pie_[bnc]>
but im still salty a == a is not always true
<pie_[bnc]>
anyway
<pie_[bnc]>
puck was waying something about { inherit a; } == { inherit a; } and I should remember to check that out. i actually vaguely remember something in the code
drakonis1 has quit [Ping timeout: 250 seconds]
ajs124 has quit [Quit: killed]
das_j has quit [Quit: killed]
das_j has joined #nixos-chat
ajs124 has joined #nixos-chat
drakonis1 has joined #nixos-chat
<ashkitten>
tfw multiple people with the same nick color are talking at once in a channel
<ashkitten>
i guess that's what happens sometimes when there's only 15 unique colors to randomize with
<samueldr>
I always knew "thousands of colors" and "millions of colors" displays were a sham
<ashkitten>
✨ samueldr
<{^_^}>
samueldr's karma got increased to 210
* samueldr
begins to worry about the joke karma / help karma ratio
<ashkitten>
nobody gives karma when i help them anyways
<ashkitten>
i give karma when people make me smile
<ldlework>
gchristensen: cole-h, here's drakonis's first or second 13x13 :)
<ldlework>
get on his level hehe
<drakonis>
game was great.
<ashkitten>
ldlework: you've been teaching people go, right?
<ldlework>
yeah
<ashkitten>
sounds neat
<ldlework>
you should join us if it's something you think you would enjoy
<drakonis>
i tried to set up a comeback
<drakonis>
twas the stuff
<ashkitten>
i'm not much of a strategy game player
<ashkitten>
i played chess with my grandpa a decade ago and that's about it
<ldlework>
ashkitten: we don't have any standards, everyone starts from the beginning
<ldlework>
:)
<ashkitten>
that's good to hear, and maybe i'll take you up on it sometime
<ashkitten>
my computer is currently moving a ton of data between 2 hard disks, though
<ldlework>
ashkitten: do you know the rules?
<ashkitten>
i know it's some sort of strategy board game?
<ashkitten>
that's about it
<ldlework>
yeah, you try to use stones to build walls so that only you surround some given empty space
<ldlework>
it's over 2500 years old
<ldlework>
probably older
<ashkitten>
interesting
<ldlework>
it's the oldest game people still play
<ldlework>
emperors have played it the tops of mountains and shit
<ashkitten>
weird flex
<ldlework>
haha
<ashkitten>
"you should play minecraft, sir patrick stewart once played it in a helicopter"
<ashkitten>
:p
<ashkitten>
(note: patrick stewart may or may not have actually played minecraft in a helicopter)
waleee-cl has quit [Quit: Connection closed for inactivity]
<ldlework>
hehe
slack1256 has quit [Remote host closed the connection]
drakonis has quit [Quit: WeeChat 2.8]
rycee has quit [*.net *.split]
arcnmx has quit [*.net *.split]
nocent has quit [*.net *.split]
cocreature has quit [*.net *.split]
arcnmx has joined #nixos-chat
rycee has joined #nixos-chat
cocreature has joined #nixos-chat
nocent has joined #nixos-chat
drakonis has joined #nixos-chat
drakonis1 has quit [Read error: Connection reset by peer]
parsley936 has quit [Remote host closed the connection]
drakonis_ has joined #nixos-chat
drakonis has quit [Ping timeout: 265 seconds]
waleee-cl has joined #nixos-chat
<evanjs>
ughhh I need to set up a hydra instance that just gives me TeX-full.tar lol
<evanjs>
soooooooooooooooooooooooo many little packages x_x
<evanjs>
I really just need to fix my deployment story with my computers in general, but bah
rardiol has joined #nixos-chat
<MichaelRaskin>
I think there is a large enough precombined scheme?
drakonis has joined #nixos-chat
drakonis_ has quit [Ping timeout: 272 seconds]
vika_nezrimaya has quit [Read error: Connection reset by peer]
<evanjs>
I mean I _am_ using the full package
<evanjs>
maybe it's already optimized as much as possible, and I should just get a drink or something whenever I rebuild and see LaTeX :P
<eyJhb>
MichaelRaskin: How good are you with asymptote?
<__monty__>
evanjs: Maybe just pin it? Do you really need the latest updates for all those packages?
<MichaelRaskin>
I do not really remember the standard library there.
<evanjs>
__monty__: like nothing is pinned on my systems save channels :P but yeah I guess that'd be an option. Or limit scheme packages to direnv/project-specific environments, hrm
<eyJhb>
MichaelRaskin: I am having scale issues regarding the text :/
<MichaelRaskin>
I have a feeling you have managed to compress the entire picture vertically
<eyJhb>
No clue, shouldn't be the case
<eyJhb>
All the code is in the termbin
drakonis has quit [Quit: WeeChat 2.7]
drakonis1 is now known as drakonis
<ar>
eyJhb: what language is that?
<eyJhb>
ar: asymptote :)
<eyJhb>
Completely new to it. MichaelRaskin that presented me for it
<MichaelRaskin>
It was closer to an advertisement than to a presentation
<eyJhb>
True ;)
<tilpner>
Hey #nixos-chat, does anyone have pointers (not ,pointers) on how an application can authenticate itself to a privileged daemon without shared secrets?
<tilpner>
I considered a setgid wrapper, and then communication via unix domain sockets, so that the daemon can check which group the client runs as, but I'm not really convinced of that idea
<MichaelRaskin>
In what sense authenticate?
<MichaelRaskin>
Authenticate as what?
<tilpner>
The daemon needs to establish that an incoming connection is established from an process the user trusts to change certain settings
<tilpner>
(And setgid would be just one way to encode that trust)
<tilpner>
I can't just check if a certain user is connecting, because not all processes of that user can be trusted
<srk>
there's also SO_PEERCRED
<MichaelRaskin>
And the user is not in the marking group, right?
<tilpner>
MichaelRaskin: The user would not be in that group, because that would mean all processes of the user would be considered trusted
<MichaelRaskin>
Well, you can play game with that a bit, but not far enough, sure
<tilpner>
srk: My idea above is already using PEERCRED, although with a higher-level API. I didn't realise it exposed the PID (but maybe I shouldn't use that because to TOCTTOU?)
<srk>
good question
<tilpner>
I'm generally careful of using the pid for security checks, but perhaps it would be fine in this case
<tilpner>
If a malicious process kills the benign process just after check (and before use), the socket should die with it
* etu
has just migrated /home to tmpfs :D
<gchristensen>
(oh sheesh it finally ended.)
<__monty__>
gchristensen: Bikeshedding?
<srk>
tilpner: what if it just attaches to it like gdb does? :)
<MichaelRaskin>
The entire thing or just the first point of bikeshedding?
<MichaelRaskin>
tilpner: no, with setgid most abuses should be reportable as security flaws in the corresponding toolchains
parsley936 has joined #nixos-chat
<MichaelRaskin>
I was just worried about long discussion with multiple options kind of hanging in the air ending with «Yes, that might work after all»
<tilpner>
The only option that was actually named was setgid+UDS, and I mentioned that in my initial question
<tilpner>
And while I was still looking for other options initially, you two not coming up with any major flaws or better options leaves me feeling a little better :)
<tilpner>
(But I also didn't give much context, so...)
<MichaelRaskin>
Well, setgid for controlled access to a global resource is generally a technique that is often used
<tilpner>
Oh? I wasn't aware of anything doing that :o
<MichaelRaskin>
A ton of old games from the time of Unix machines use setgid just to be able to have a shared highscore file that cannot be arbitrarily manipulated by users