31 Jul 2024 |
Pratham Patel (you can mention me) | I was on kde6 until a few weeks ago when I realized that their implementation of workspaces was not what I wanted and coming from bspwm, hyprland felt like the wayland equivalent | 06:53:18 |
K900 | Just use Sway or something | 06:53:43 |
K900 | Hyprland is horrible | 06:53:50 |
K900 | In a variety of ways | 06:53:56 |
Pratham Patel (you can mention me) | honestly no idea about that, mind pointing me to some bulletins? | 06:54:16 |
K900 | Well they recently stopped executing arbitrary code from /tmp | 06:54:39 |
K900 | As part of their plugin system | 06:54:44 |
K900 | "Plugin" "system" | 06:54:48 |
K900 | And yes, that is how low the bar is | 06:54:54 |
Pratham Patel (you can mention me) | I get it but I don't use plugins :) | 06:55:05 |
K900 | It's not about plugins | 06:55:12 |
K900 | It's about knowing what the fuck you're doing | 06:55:17 |
Pratham Patel (you can mention me) | and I also see some irony in the blog post about the C++ thingy migration where it was mentioned that C++ has better memory safety than C; sure but eh, C++ isn't that that better than C in shoot-yourself-in-the-foot-guns either lo
| 06:56:02 |
K900 | Like, if your solution to "we should allow people to extend our thing" is "just compile some code in /tmp at runtime and dlopen it", I don't trust any code you've written | 06:56:06 |
K900 | Oh yeah they had a security fix a few days ago | 06:56:51 |
K900 | https://github.com/hyprwm/xdg-desktop-portal-hyprland/commit/0bb709491baffd69f4f861802f00cf60c77cc2cd | 06:56:51 |
K900 | Where you could get arbitrary command execution from a window title | 06:57:01 |