chrysn

joined 5 years ago
[–] [email protected] 5 points 1 year ago

The very same type of mistakes happens in file systems even without URIs being involved. Directory traversal checks look simple but sooner or later need hard-to-understand symlink following rules. Enforcing processor policy has terrible portability there (it even only became practical on Linux with landlock), but nonetheless I think it's preferable.
Not mixing URI parsers is a good advice for when processor policies are unavailable – but let's try to make them available more often.

[–] [email protected] 1 points 1 year ago (2 children)

@snaggen I think the better lesson than "don't mix URI parses" here is "don't LBYL, rely on EAFP". Many "Look before you leap" (LBYL) schemes are subject to variations of time-of-check/time-of-use errors. It's preferable to not sanitize input, but tell the processor what the policy on processing is; when it comes to a violation, it's easier to ask forgiving (i.e. report the error) than permission (EAFP).

[–] [email protected] 2 points 1 year ago

@0xsaksham @snaggen Last polls I saw, the #RustLang hashtag (it's case sensitive, but capitalization helps for accessibilisy) was a tad more popular than #Rust due to the latter's ambiguities.

[–] [email protected] 2 points 1 year ago

@jvisick That process is completely intransparent to anyone approaching this without preexisting knowledge of that Lemmy instance. Do you know who runs that account? They should really make a note in its metadata.

[–] [email protected] 0 points 1 year ago (1 children)

Last time I checked, GTK could do laziness well where it matters (lists /trees), but admittedly that was some time ago.

[–] [email protected] 1 points 1 year ago

My impression is that they are using WASM primarily from the browser, which really is a no-std shaped environment. Using WASI there would be as much of a band-aid as is emscripten.