| 1 Apr 2025 |
 artemist | sounds boring, i should just use a bpf lsm | 23:40:59 |
 rhelmot | it sounds like the basic consideration is that root-in-jail is the basic ingredient for privesc, though it can be mitigated away. might be something we want to enable with an option only exposed to trusted users | 23:44:32 |
| artemist | Yeah, that's probably a reasonable explanation. There's a lot of weird edge cases to deal with if you have untrusted root | 23:46:33 |
 jade_ | yeah, linux has had infinite kernel bugs because userns root is kind of a security model break, but it's too useful to get rid of | 23:47:03 |
| rhelmot | u_u | 23:47:24 |
| rhelmot | what a world | 23:47:27 |
 KFears (burning out) | It's almost like Linux has never had a good security model... | 23:51:07 |
| jade_ | more congealed than designed | 23:51:32 |
| KFears (burning out) | Pretty much, yeah | 23:51:57 |
| 2 Apr 2025 |
| KFears (burning out) | Does anyone use (or wants to use) Forgejo milestones and Projects for like tracking stuff and visibility? | 00:17:16 |
 just1602 | In reply to @kfears:matrix.org
Does anyone use (or wants to use) Forgejo milestones and Projects for like tracking stuff and visibility? They're already use from what I understand! If you check the milestone to remove regex ans other stuff like that | 00:18:43 |
| KFears (burning out) | Yeah there is some stuff, particularly in Projects, but milestones seem quite unused, and Projects are very basic "TODO/Done" | 00:19:48 |
| KFears (burning out) | Not that having two columns is bad tbh | 00:20:05 |
| KFears (burning out) | It's more like, I might be able to think of a few more "projects"? | 00:20:30 |
| KFears (burning out) | I'd like to gauge if there's any desire to do more stuff there | 00:21:42 |
| KFears (burning out) | Like for example the curl bug is a release blocker so it should be in 2.93 milestone but 2.93 milestone is basically unused | 00:22:12 |
| KFears (burning out) | And I'm like a little unsure if there are people who didn't know that curl bug is a release blocker and would immediately benefit from knowing that | 00:22:50 |
| just1602 | I don't think there's currently people who are not aware of the work that need to be done who could actually du it.
I think that there's work that is worked that is not in the forgrjo issues, but since it's core dev doing cleanup work, it's less of an issue d'une it's known by the core team. | 00:29:55 |
| jade_ | the curl bug is really schrödinger's release blocker | 01:24:23 |
| jade_ | as in, theres not much we can actually do about it besides file it upstream, and i am not sure if we actually want to block releasing on it | 01:24:45 |
| jade_ | but i am considering doing said filing tomorrow assuming things go well | 01:24:54 |
| KFears (burning out) | That would be amazing. I read up on the bug and holy shit... | 01:26:02 |
| jade_ | i think we are like. worst case scenario for that particular api | 01:26:22 |
| jade_ | we are constantly returning "give me that data later pls" because we basically return that after every single time curl gives us data | 01:27:01 |
| jade_ | i think | 01:27:06 |
| KFears (burning out) | Yeah, seems like all stars had to align on this one | 01:27:52 |
 ToxicFrog | What bug is this? | 01:37:32 |
 Lily Foster | https://git.lix.systems/lix-project/lix/issues/662 | 01:38:30 |
| ToxicFrog | oh wow that just gets worse the more I read | 01:41:04 |
| ToxicFrog | "It's fixed upstream" yay!
"but the fix causes corrupt transfers" \includegraphics{melting_screaming_cat_face} | 01:43:54 |
