Language Selection

English French German Italian Portuguese Spanish

Programming Leftovers

Filed under
Development
  • C: sigprocmask Function Usage

    You may have heard about socket programming in C. One of the socket functions is the “sigprocmask” function. This function has been usually utilized in the code to inspect or alter the signal mask of the calling function. The signal mask is a term used for a group of signals that are presently blocked and cannot be conveyed for the calling function. Such kind of signal is known as “Blocked Signals.” You can say that a process can still receive the blocked signals, but it will not be used until they are unblocked and released, i.e., raised. Until then, it will be pending. Therefore, within today’s guide, we will be discussing the use of the sigprocmask function in C programming. Let’s have a start.

    After the Ubuntu 20.04 successful login, you need to launch the shell of the Ubuntu 20.04 system first after the login. So, try out the “Ctrl+Alt+T” shortcut simply on the desktop screen. It will launch the terminal shell for you in some seconds. Make sure to update your system using the apt package of your system. After that, you have to execute the “touch” instruction along with the file name you want to generate, i.e., to create the C file via the shell. This newly created file can be found in the “home” folder of your system’s file explorer. You can try opening it with the “text” editor to create code in it. Another way to open it in the shell is using the “GNU Nano” editor using the “nano” keyword with a file name as demonstrated beneath.

  • C: sigaction function usage

    A sigaction() is a function that allows to call/observe or examine a specific action associated with a particular signal. It is thought to consider a signal and sigaction function on the same page. But in reality, it has not occurred. The signal() function does not block other signals when the current handler’s execution is under process. At the same time, the sigaction function can block other signals until the current handler has returned.

  • delegation of authority from the systems programming perspective – Ariadne's Space

    As I have been griping on Twitter lately, about how I dislike the design of modern UNIX operating systems, an interesting conversation about object capabilities came up with the author of musl-libc. This conversation caused me to realize that systems programmers don’t really have a understanding of object capabilities, and how they can be used to achieve environments that are aligned with the principle of least authority.

    In general, I think this is largely because we’ve failed to effectively disseminate the research output in this area to the software engineering community at large — for various reasons, people complete their distributed systems degrees and go to work in decentralized finance, as unfortunately, Coinbase pays better. An unfortunate reality is that the security properties guaranteed by Web3 platforms are built around object capabilities, by necessity – the output of a transaction, which then gets consumed for another transaction, is a form of object capability. And while Web3 is largely a planet-incinerating Ponzi scheme run by grifters, object capabilities are a useful concept for building practical security into real-world systems.

    Most literature on this topic try to describe these concepts in the framing of, say, driving a car: by default, nobody has permission to drive a given car, so it is compliant with the principle of least authority, meanwhile the car’s key can interface with the ignition, and allow the car to be driven. In this example, the car’s key is an object capability: it is an opaque object, that can be used to acquire the right to drive the car. Afterwards, they usually go on to describe the various aspects of their system without actually discussing why anybody would want this.

  • Pip Install: Install and Remove Python Packages
  • A dog-cat-horse-turtle problem

    Sometimes the text-processing problems posted on Stack Exchange have so many solutions, it's hard to decide which is best.

    A problem like that was posted in the "Unix & Linux" section in December 2021...

More in Tux Machines

Videos and Audio: 7 Tools Every GNU/Linux Gamer 'Needs' To Use, Peppermint OS 5-22-2022 Walkthrough, Late Night Linux

Obarun is gradually becoming a fork of Artix

Take a look at this on your own and judge. It may not be in the official repositories but the last commit is signed by the Founder of Obarun and the rest by his co-author. When OUR was released to the public one of the claimed rules of participation was to not build any parts of systemd or any package that wouldn?t conform to Obarun. Obarun?s version of pacman incorporated a block from installing systemd or its libraries. Elogind is the central part, the essence of systemd. When you have no set principles and values, anything goes, and you can drift from one character to another, without remorse. Obarun will not be removed from the strict list of distros without systemd or elogind, but as soon as this OUR package moves to the repos it will be ?bye bye? Obarun from any mention in this site. At least VOID never claimed to not involve systemd or its parts into the distribution, people just assumed it was systemd-free because of the use of runit and consolekit. So VOID was more justified to switch to systemd?s logind. Read more Newly-updated: 2022 hardcore list of linux distributions without elogind and other systemd parts

Canonical/Ubuntu: LXD, Ubuntu Weekly Newsletter, and More

  • Install ROS 2 Humble in Ubuntu 20.04 or 18.04 using LXD containers | Ubuntu

    We welcome the new release of ROS 2 Humble which targets the recently released Ubuntu 22.04. If you want to install it now, please visit the ROS 2 Humble documentation. But if you want to install ROS 2 Humble and test compatibility, keeping your current Ubuntu (20.04, 18.04,…) environment stable until you know you are ready to upgrade, you can dive into LXD containers.

  • Ubuntu Fridge | Ubuntu Weekly Newsletter Issue 736

    Welcome to the Ubuntu Weekly Newsletter, Issue 736 for the week of May 15 – 21, 2022.

  • Canonical at HPE Discover 2022 | Ubuntu

    HPE and Canonical have a long-standing relationship, certifying Ubuntu on HPE hardware. Now, you can go beyond the operating system and engage with us on hybrid cloud, AI/ML, and open source support projects. Now we’re excited to share that we’ll be at the HPE Discover 2022 in Las Vegas on June 28-30 showcasing our solution in the expo. From the latest insights in secure connectivity, hybrid cloud, AI and unified data analytics, HPE Discover 2022 is the best place to stay ahead of the trends and technologies that will move your business forward, faster.

Security Leftovers

  • Hijacking webcams with Screencastify | Almost Secure

    Everyone has received the mails trying to extort money by claiming to have hacked a person’s webcam and recorded a video of them watching porn. These are a bluff of course, but the popular Screencastify browser extension actually provides all the infrastructure necessary for someone to pull this off. A website that a user visited could trick the extension into starting a webcam recording among other things, without any indications other than the webcam’s LED lighting up if present. The website could then steal the video from the user’s Google Drive account that it was uploaded to, along with anything else that account might hold. Screencastify is a browser extension that aids you in creating a video recording of your entire screen or a single window, optionally along with your webcam stream where you explain what you are doing right now. Chrome Web Store shows “10,000,000+ users” for it which is the highest number it will display – same is shown for extensions with more than 100 million users. The extension is being marketed for educational purposes and gained significant traction in the current pandemic. As of now, it appears that Screencastify only managed to address the Cross-site Scripting vulnerability which gave arbitrary websites access to the extension’s functionality, as opposed to “merely” Screencastify themselves and a dozen other vendors they work with. As this certainly won’t be their last Cross-site Scripting vulnerability, I sincerely recommend staying clear of this browser extension.

  • Malicious Python Repository Package Drops Cobalt Strike on Windows, macOS & Linux Systems [Ed: This is not an OS issue; it's about people installing malware on their own systems and it's not even an "Open Source" issue; led by companies that put NSA back doors in their proprietary software, there's an effort underway to say "Open Source" is the real threat and they tell us the solution to the problem is with the firms that help NSA invade machines]

    The PyPI "pymafka" package is the latest example of growing attacker interest in abusing widely used open source software repositories.

  • Why sudo is so important in Linux and how to use it | ZDNet

    When I first started using Linux, things were exponentially more complicated. The distributions were far less mature, but they also required the use of a particular system account to get certain things done. That account was root, and with it, you had unlimited power over your operating system. To demonstrate the power of root, one trick you could always play on unsuspecting users was to tell them to change to the root user with the command su and then have them issue the following command:

  • An uncomplicated introduction to Uncomplicated Firewall | ZDNet

    When I first started using Linux, back in '97, working with the built-in firewall was not something just anyone could do. In fact, it was quite complicated. Starting around 1998, if you want to manage the security of a system, you had to learn iptables (which is a suite of commands for manipulating the Netfilter packet filtering system).

  • Best Wi-Fi Security & Performance Testing Tools for 2022

    The prevalence of Wi-Fi has been accelerating for two decades, but in the last two years, it’s surged even further as so many people were forced to work from home. That trend led to many strengthening the performance of their Wi-Fi networks. But security remains a problem.

  • CISA Adds 21 Known Exploited Vulnerabilities to Catalog [Ed: A huge chunk of these are Microsoft holes, actively exploited while Microsoft commandeers the media to obsess over "Linux"]

    CISA has added 21 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow on the of the "Date Added to Catalog" column, which will sort by descending dates.

  • Surfshark introduces Linux VPN app with a graphical user interface (GUI)

    Surfshark is one of the better-known VPN providers and is often seen being promoted by large YouTube accounts. Today, the company announced the availability of its VPN on Linux with an entire graphical user interface, or GUI.