Post ASsG8jhHOSfyZT8thA by Thesciencepony@kitty.social
(DIR) More posts by Thesciencepony@kitty.social
(DIR) Post #ASsDaqm6N954lh71eq by Thesciencepony@kitty.social
2023-02-20T14:19:41.076Z
0 likes, 0 repeats
@Mia@k.posix.gay question you use mention bash in your site but what do you think about powershell and fish
(DIR) Post #ASsDarOk3TzOhXBssy by errante@rot.gives
2023-02-20T14:28:17.935742Z
0 likes, 0 repeats
@Thesciencepony @Mia ohhoho
(DIR) Post #ASsDkhaXNlsNAlOuxc by Mia@k.posix.gay
2023-02-20T14:29:42.299116Z
1 likes, 0 repeats
@errante @Thesciencepony hmm yes what does errante have to say
(DIR) Post #ASsDki79QVxonuexnM by errante@rot.gives
2023-02-20T14:30:05.031505Z
0 likes, 0 repeats
@Mia @Thesciencepony you were asked! not me
(DIR) Post #ASsDp7ZygsEawNFL84 by Mia@k.posix.gay
2023-02-20T14:30:28.224114Z
0 likes, 0 repeats
@errante @Thesciencepony i said!
(DIR) Post #ASsDp7zr8ew0EdM0Su by errante@rot.gives
2023-02-20T14:30:53.363784Z
0 likes, 0 repeats
@Mia @Thesciencepony ph, i didnt see, scrolling fed tl
(DIR) Post #ASsDqm17pSYYe6jSbY by Mia@k.posix.gay
2023-02-20T14:28:51.878790Z
0 likes, 0 repeats
@Thesciencepony powershell frankly isn't a shelland fish barely is, although its very good for interactive useand bash is... bashmy site actually uses posix sh, tested against dash because I can't do much better, the posix spec changes and the closest things to it are shit like ksh95 but even that is far from posix
(DIR) Post #ASsDqmgxJw16jqIro0 by Mia@k.posix.gay
2023-02-20T14:30:41.571268Z
1 likes, 0 repeats
@Thesciencepony cc @errante
(DIR) Post #ASsEB6fmjzkaV5Riue by errante@rot.gives
2023-02-20T14:34:48.956327Z
1 likes, 0 repeats
@Mia @Thesciencepony my analysis of fish is 'wasted potential'. fish uses its freedom to violate syntax and semantic boundaries to _slightly_ address some entirely superficial issues with the nature of shells, and then does jack shit.its the cycle everywhere in tech - break all compatability for minor marginal improvements while fixing nothing significant, and repeat ad infinitum. so many audio layers, input libraries, protocols, display servers, programming languages etc all fall to this fatepowershell just really pisses me off because i feel like every extant OOP thing isnt doing it well
(DIR) Post #ASsEX7s2y5cMaOgI2C by errante@rot.gives
2023-02-20T14:38:48.473428Z
0 likes, 0 repeats
@Mia @Thesciencepony more on the OOP thing because basically oop notions are 'hard to optimise' (read as: unperformant) and lead to complex and twisted code. BUTi LOVE objects-as-capabilitiesit is a fucking incredible design model because the two map together so nicely
(DIR) Post #ASsEaHO22q4Iy495Si by errante@rot.gives
2023-02-20T14:39:24.948089Z
0 likes, 0 repeats
@Mia @Thesciencepony ibm i 😠ibm i's core principles for security are so cool
(DIR) Post #ASsEpqRxxhbM3iPM4O by Mia@k.posix.gay
2023-02-20T14:36:46.209959Z
0 likes, 0 repeats
@errante @Thesciencepony I made shsh literally compiled by sh because of this
(DIR) Post #ASsEpr6jW8DA69Tuc4 by Mia@k.posix.gay
2023-02-20T14:40:21.429939Z
1 likes, 0 repeats
@errante @Thesciencepony if it couldn't be ran by sh there was simply no reason for itit was to make writing sh easier, if it wasn't just sh with extra work then it wasn't worth it
(DIR) Post #ASsFIDuqJIroweRkn2 by errante@rot.gives
2023-02-20T14:47:21.585877Z
0 likes, 0 repeats
@Mia @Thesciencepony sorry im taking over this thread im ibm i postingibm i has two simple principles for security:- all code is run on a limited virtual machine- code must 'have' an object to do things to it
(DIR) Post #ASsFVsz2vsVC4xvZR2 by errante@rot.gives
2023-02-20T14:49:47.814030Z
0 likes, 0 repeats
@Mia @Thesciencepony have you heard of 'parse, dont validate'?parse dont validate is a specific instance of a principle: 'make illegal states unrepresentable'. if you cant do it, make it so that you cant express it. ibm i implements this in the VM - no way to express illegal(absolute) reads from memory or most other problematic things. thus, executing the code is safe, considering that all code goes through the VM
(DIR) Post #ASsG8jhHOSfyZT8thA by Thesciencepony@kitty.social
2023-02-20T14:55:46.234Z
0 likes, 0 repeats
@errante@rot.gives @Mia@k.posix.gay your fine. I lov this
(DIR) Post #ASsG8kGjGf24LPjCwy by Mia@k.posix.gay
2023-02-20T14:56:13.767517Z
1 likes, 0 repeats
@Thesciencepony @errante same
(DIR) Post #ASsJNjoFYcxD7sFQie by errante@rot.gives
2023-02-20T15:33:06.782467Z
0 likes, 0 repeats
@Mia @Thesciencepony however, there is a problem with VMs - theyre kind of slow, especially at a layer where we're dealing with objects. however, we dont have to actually execute the code in a JIT or interpreter! because we know:1. all code present on the system is in the VM2. only safe code can be represented in the VMwe can conclude that:3. all code on the system is safethus, we can just translate the vm code into actual code, with no issues, and no speed cost! most safety checks are done when turning normal code into VM code. if something is unsafe, then you wont be able to turn it into vm code. it lets you reap the benefits of safe languages, the portability of virtual machines and the performance of native code. this is how IBM i installations migrate between many different cpu types
(DIR) Post #ASsK3hLr5QItfIyUi0 by errante@rot.gives
2023-02-20T15:40:41.025301Z
0 likes, 0 repeats
@Mia @Thesciencepony now, onto capability security(you said you programmed in Pony, right? this is just that) , which is where the OO stuff comes in. in object-capability security, access to an object is synonymous with the ability to perform operations on an object. unlike, say, linux, where you have a 'global namespace' and can see most objects, and can attempt to perform an action on said object. you can attempt to read /dev/sda, or /etc/passwd, and fail. most attacks work by trying to convince the system that you have permission to. in capability security, you have nothing by default. you cant attempt to read /etc/passwd because you dont have access to it, you havent been given it, and there's generally no way to get at /etc/passwd. this means you cant convince the system to let you read /etc/passwd, because you cant even *try* to read it.
(DIR) Post #ASsKU2IRpssW9cwKcC by Thesciencepony@kitty.social
2023-02-20T15:43:51.871Z
0 likes, 0 repeats
@errante@rot.gives @Mia@k.posix.gay I am a pony woo programms in c# or f# or python
(DIR) Post #ASsKU2lA77qZagNGN6 by errante@rot.gives
2023-02-20T15:45:28.617111Z
0 likes, 0 repeats
@Thesciencepony @Mia ah. NET stuff doesnt have much in the way of capsec - all authority is ambient
(DIR) Post #ASsKyDZUTrE5oIIrRI by errante@rot.gives
2023-02-20T15:50:55.650547Z
1 likes, 0 repeats
@Mia @Thesciencepony for reference. when writing a function that deals with passwd, standard style:f = open("/etc/passwd") //might failappend(username, f) //might failclose(f) // might failyou're constantly attempting these things, and reasoning about their failure, and have the ability to attempt *anything*but, for capsecwe might get passed a Passwd object as a parameter, which only has one method accessible, append. cant try to read or write or modify the object in any other way - there is only append. your code wont compile if you try to call a different method. your code wont compile if you try to turn an address into an object, so you cant get passwd that way, either. you can only do what you are given
(DIR) Post #ASsLqoCqUPQ74Ik4bA by yujiri@social.freetalklive.com
2023-02-20T15:59:52Z
0 likes, 0 repeats
@errante @Thesciencepony @Mia i think fish's quality of life improvements are pretty significant... but i agree about the syntax changes
(DIR) Post #ASsLqolEQYvSmwpXCC by errante@rot.gives
2023-02-20T16:00:47.689782Z
0 likes, 0 repeats
@yujiri @Thesciencepony @Mia qol is minor to what i actually care about, which is semantics. i want a shell with better semantics and i have the exact same shell in a different veneer of coat (with sometimes worse semantics jfc)
(DIR) Post #ASsMCDbBHAMlu3KkGO by errante@rot.gives
2023-02-20T16:04:39.182226Z
0 likes, 0 repeats
@yujiri @Mia @Thesciencepony bigger than the problem of shell having ass syntax is it having even ass-er semantics. thats why i prefer oil to fish, because it attempts improvements on every front. it maintains compat, it provides progressive syntactic and semantic enhancement, it provides features like structured data and more advanced control flow in ways that feel very shell-esque, it fixes a lot of deficiencies (such as shitty job control), seperates the execution engine from the tty (allows it to be used graphically and in many different other contexts)fish makes no attempt at any of this - its a shell for people who dont care about shell, which would be fine, if they stopped shitting it up for people who cared about shell
(DIR) Post #ASsMuJWmapLL28Ipyy by Mia@k.posix.gay
2023-02-20T16:08:20.889768Z
0 likes, 0 repeats
@errante @Thesciencepony @yujiri oooooocan oil but used both with compatibly and without? hm tho by the nature of shell I think that answer is yes regardless of how oil works
(DIR) Post #ASsMuRGPpZ0L1ghsa8 by errante@rot.gives
2023-02-20T16:12:37.241376Z
0 likes, 0 repeats
@Mia @Thesciencepony @yujiri ok, so, you have osh and oil. osh is a bash compatible shell implementation. you can progressively enable advanced features in osh, like the structured data stuff. oil is a closer to normal but still very shell-y language, where all the enhancements are enabled. you get proper data structures, proper numbers, proper structured data passing, a lot of fun stuff to deal with collections in ways rhat are more sensible than bash, etc. ofc, the additional osh features arent present in bash. the idea is you switch your shebang to env osh, then slowly fix things up, or just start writing new code with the nice new features, and not worry about your old code going bad
(DIR) Post #ASsNM9wfoVc1QFgsy0 by arcana@pengi-san.moe
2023-02-20T16:14:14.019422Z
0 likes, 0 repeats
@errante @Mia @Thesciencepony In cybersecurity (a field we once worked in), a principle of this type is known as zero trust security. It is a good model to have. And we are providing the architectural basis for an API implementing such a security model that some friends are programming.
(DIR) Post #ASsNMB8lN2sR82M3Rw by errante@rot.gives
2023-02-20T16:17:39.347814Z
0 likes, 0 repeats
@arcana @Mia @Thesciencepony yes! capsec is one way of implementing zero trust, and is resesrched in the languages E (distributed capsec), Spritely Goblins (object capabilitied, but make it fediverse), Pony (systems language with capsec + actors), and Austral (rust competitor that uses linear types and capsec for max security; 100 page spec and 600 LoC 'borrow checker')
(DIR) Post #ASsNMBefSQOiizHXBA by arcana@pengi-san.moe
2023-02-20T16:15:57.517758Z
1 likes, 0 repeats
@errante @Mia @Thesciencepony A lot of people don’t know this, but our expertise is predominantly in systems analysis, design, and architecture—not programming. We happen to be good at programming, but that is secondary to our other skills.
(DIR) Post #ASsNMCa60uKpb69Ogy by arcana@pengi-san.moe
2023-02-20T16:16:26.419248Z
0 likes, 0 repeats
@Mia @Thesciencepony @errante Principally full stack systems architecture, FWIW.
(DIR) Post #ASsNML9U9DOeBAllxo by Mia@k.posix.gay
2023-02-20T16:15:10.067075Z
1 likes, 0 repeats
@errante @Thesciencepony @yujiri I can, *enable* them 👀my possible friendship with ksh95 is overosh future projects when (impossible I dont do shit what am I talking abt)
(DIR) Post #ASsNQoqHhZDjQ7vMdE by errante@rot.gives
2023-02-20T16:18:33.401560Z
0 likes, 0 repeats
@Mia @Thesciencepony @yujiri aye! default osh is basically just bash compatible. add what you like!
(DIR) Post #ASsNdkVn77MVkoVK2C by Mia@k.posix.gay
2023-02-20T16:19:15.753582Z
0 likes, 0 repeats
@errante @Thesciencepony @yujiri can I, remove bash features? or will I have to fight with it a bit?
(DIR) Post #ASsNdkzvJ5StGGbO08 by errante@rot.gives
2023-02-20T16:20:52.354093Z
0 likes, 0 repeats
@Mia @Thesciencepony @yujiri idk! ive not used it much, i havent had shell suitable projects in a while
(DIR) Post #ASsODIp9X8QaJ6VuCm by Mia@k.posix.gay
2023-02-20T16:24:39.148375Z
1 likes, 0 repeats
@errante @Thesciencepony @yujiri hmm, I'll have to investigate if I ever do anythingI really want to do librespot in sh but ik it'll b p much impossible in posix unless I give up on the idea of pure, but with features I can enable, well, theres a lot to gain
(DIR) Post #ASsOk4PCA92j91zrrE by arcana@pengi-san.moe
2023-02-20T16:29:45.310167Z
1 likes, 0 repeats
@errante @Mia @Thesciencepony Makes sense! We use languages that are more general purpose, but that is due to the nature of the deployment model we utilize. The deployments themselves are reproducible in our work, though—by way of utilizing various forms of infrasture as code.
(DIR) Post #ASsP76VGWqOKJNosZk by Thesciencepony@kitty.social
2023-02-20T16:36:54.389Z
0 likes, 0 repeats
@errante@rot.gives @arcana@pengi-san.moe @Mia@k.posix.gay I am looking at pony or austral probably
(DIR) Post #ASsP77DDtPYMViNz5k by errante@rot.gives
2023-02-20T16:37:23.162402Z
0 likes, 0 repeats
@Thesciencepony @Mia @arcana austral is more relevant
(DIR) Post #ASsYmRYc3RIR4OAkFs by yujiri@social.freetalklive.com
2023-02-20T18:23:08Z
1 likes, 0 repeats
@errante @Mia @Thesciencepony i'll check out oil sometime i guss
(DIR) Post #ASsYpT8ucGRcr7asIS by Thesciencepony@kitty.social
2023-02-20T18:25:49.782Z
0 likes, 0 repeats
@Mia@k.posix.gay @errante@rot.gives @yujiri@social.freetalklive.com I will check out oil
(DIR) Post #ASsYpVLOQpcHgPRs1o by errante@rot.gives
2023-02-20T18:26:15.054484Z
0 likes, 0 repeats
@Thesciencepony @Mia @yujiri america after world war 1
(DIR) Post #ASsZinWwW7iG0vDUxM by errante@rot.gives
2023-02-20T18:36:12.370805Z
0 likes, 0 repeats
@Thesciencepony @Mia @yujiri what? 😟
(DIR) Post #ASsjC2pFcywrR8nipU by Mia@k.posix.gay
2023-02-20T20:21:53.995809Z
1 likes, 0 repeats
@errante @Thesciencepony that's prob from the insanity threadthey were tagged for too much of it