Mprotect stops any read and write and execute access to memory in both user and kernel lands (only rx or wx). Stuff like web browsers won’t work unless you have a program to mark it in elf to not use pax. However, this kills a lot of exploits with that turned on by itself (though there are probably work arounds if you are developing exploits which the other features would hopefully catch). That’s why people installed 3rd party unmainlined security patches, but that’s just me maybe idk.

I am having a hard time following what this does or why this is desirable. You’re saying there’s a patch this thing provides that … disables memory access … unless a flag is set in an executable … which will then bypass the security?

Why would anyone want to run unmainlined security patches from a company?

This is how CrowdStrike happened.

This feels like security via business decision which is always the opposite of security. At least this would be open source now? 🤷‍♂️

It’s not. That’s an Israeli propaganda push, not reality.

What Israel is doing is unconscionable, and has been rightly identified as genocide.

Don’t let anyone call you antisemitic for saying that. You have said nothing about Jewish people, you have only said that a nation is committing war crimes, which is plain as day.

I mean, vendor lock-in and lack of resiliency to a vendor-specific outage, maybe caused by some piece of their stack you have never nor will ever touch, or maybe the platform CEO decides your kind of company isn’t expedient for their business anymore, are among the reasons why a company should never have ended up in that situation in the first place.

You can continue along that road of least resistance while ignoring all of the risks. That is up to you. You’ll probably be fine. (Not joking, you’ll be fine. But don’t pretend like this is all necessary.)

If you join a company where you have no voice, then you’re going to have a bad time and you may compromise your own morality to get that paycheck.

You can say that there are no other jobs to be had out there, but the current employment rate says you are wrong.

You don’t have to let the business people make you into an amoral cog in a machine.

The “business” people in charge. Aka the people who don’t contribute and mostly fuck shit up.

It’s on us engineers to fix their shit thinking. You know they won’t.

It does not have to be this way. Stop pretending it does so that you don’t have to worry about it.

There are alternatives with better APIs. Or, you know, don’t buy into the bullshit and rack up a few servers yourself.

Tired of this “oh, but I can’t 😢😢😢.”

At better prices, with better service and APIs.

It’s like people enjoy the abuse? 🤷‍♂️

That road leads to the same place.

It’s… October, right?

And I like the dude running to help immediately as well.

Unsubbed.

Don’t need to be giving my dollars to the spineless, or worse, to a fascist-supporting media owner.

I am referring tp The New Colossus.

He has no idea what’s inscribed on the Statue of Liberty, does he?

Do any of his supporters?

Not a fuckin patriot among them, it seems.

👀 👄

one of us one of us one of us

The brutal cognitive dissonance you manage to encapsulated in this comment is impressive.

Russia could withdraw from the country they invaded, too. That might be a much quicker solution.

byeeeeeeee

The only good space battle in Trek happened in the Mutara Nebula.