IIRC Mono was mostly used for WASM as it was optimized for smaller builds than the full fat CoreCLR (talking about .NET non-Framework Mono)
IIRC Mono was mostly used for WASM as it was optimized for smaller builds than the full fat CoreCLR (talking about .NET non-Framework Mono)
It really wouldn’t change anything in the long run. Any company that creates a browser is gonna need some form of income and people aren’t willing to pay for a browser. What would be their incentive to continue to work on the browser when they aren’t being paid?
The kernel modules usually are signed with a different key. That key is created at build time and its private key is discarded after the build (and after the modules have been signed) and the kernel uses the public key to validate the modules IIRC. That is how Archlinux enables can somewhat support Secure Boot without the user needing to sign every kernel module or firmware file (it is also the reason why all the kernel packages aren’t reproducible).
And technically you can whitelist other certificates, too, but I have no idea how you might do that.
When you enter the UEFI somewhere there will be a Secure Boot section, there there is usually a way to either disable Secure Boot or to change it into “Setup Mode”. This “Setup Mode” allows enrolling new keys, I don’t know of any programs on Windows that can do it, but sbctl
can do it and the systemd-boot
bootloader both can enroll your own custom keys.
I did hear that one of their newer versions does use eBPF, but I haven’t even remotely looked into it.
I don’t think any of the major distros do it currently (some are working twards it tho), but there are ways (primarily/only one I know is with systemd-boot
). It invokes one of the boot binaries (usually “Unified Kernel Images”) that are marked as “good” or one that still has “tries left” (whichever is newer). A binary that has “tries left” gets that count decremented when the boot is unsuccessful and when it reaches 0 it is marked as “bad” and if it boot successfully it gets marked as “good”.
So this system is basically just requires restarting the system on an unsuccessful boot if it isn’t done already automatically.
I also didn’t expect Lucy, I expected some other FGC character but I am not too too surprised considering they have RWBY in BBTAG
Accent colors are coming with GNOME 47.
They should test this much more often and frequently. Unlike Gnome, KDE do actually care about their users, not just about themselves.
It’s not like GNOME is the only outlier here (for the specific icon problem sure), someone on the linux subreddid also posted this screenshot https://imgur.com/a/1ELtsJb. It seems to really just be that KDE apps kinda struggle out side of KDE. And most of the GNOME devs do care about the users as well, just they also care that their apps look as intended.
It’s been a thing I personally have been wondering why this is how it is for a while. Personally I like most of the GNOME stuff, but this decision has always stood out as odd.
But then again I almost always use ctrl+w or alt-f4 to close apps, so I am mostly unaffected.
Just a minor clarification/correction: the “or later” part also depends on the license per se. There is a GPL-3.0-only and a GPL-3.0-or-later. Usually you’ll find something like “or at your option any later version.” if that is the case, but by default you should expect the GPL-3.0-only to apply.
doas
is relativly simple (a few hundred LOC), especially compared to sudo
. The main benefit of run0
over doas
is that it isn’t a SUID binary, they are similary complex.
Basically. systemd-run
was already able to do it, all that really changed is the interface for it. The change to run.c
in the patch itself was <400LOC, and the entire patch was <1.4k lines with most being docs, tests and utils for coloring the terminal.
I don’t understand how this is any improvement over pkexec
That has the same problem as sudo
: the SUID bit is set for it.
The fact that run0
uses polkit is more of a byproduct that this kinda authentication is already done with polkit all over the place in systemd. You can have individual subcommand accessible to different users (for example everyone can systemctl status
, but systemctl reboot
needs to be in the wheel
group) which is why its generally used within systemd already. And it wouldn’t surprise me if again you can do it with this as well, limiting what commands can unconditionally run, need prompt or are completely blocked.
This has already been possible, the patch modifying run.c
to be able to do this is not even 400 lines long and was mostly just exposing its feature in a different way. (the entire patch was <1.5k lines, with most being docs, tests and a bit of plumbing for the colored terminal)
As the other comment said, no. But I’ve had the idea and will to at some point write a edit
script (that I can just set EDITOR=
to) that would just choose one of the first common editors. That could in theory have a -0
option to run as root (there also probably looking through run0
, doas
, sudo
and su
). Not the editor, but doing the editing on a temp file and then copying with root
I don’t know, unless I personally allow the admin to have that kinda access to my files I wouldn’t really want it. And for that case you can enroll recovery keys (which would need to be manually stored, but still) or a fido token or whatever other supported mechanism there is, its LUKS2 backed encryption after all. Then there is also the possibility to just not encrypt the home directory at all.
systemd-run
, which is calling into PID1)dlopen
ed on demand (which was planned even before the attack, which is speculated that the attack was accelerated in timeline because he was on a timer before the change was released)I guess my interpretation was too charitable.
Nothing in the protocol prevents you from splitting the server from the window manager, just everyone implementing the wayland server protocol didn’t see any benefit in splitting it out.
yes