• 3 Posts
  • 18 Comments
Joined 1 year ago
Cake day: July 12th, 2023
  • Salix@sh.itjust.workstoNews@lemmy.worldHomeowners are increasingly re-wilding their homes with native plants, experts say
    2·
    3 months ago

    1/3rd of our backyard is native plants, and other 2/3rd is concrete. We have a table in the back that we normally like to hang during the day instead of staying inside. Sometimes reading, playing games on laptops, chatting, eating, etc.

    We decided to let our backyard grow wild for a few months. Now we keep getting a lot of ten-lined June beetles, moths (lots of morning-glory plume moths), bees, blister beetles, lacewings, katydid, stink bugs, earwigs, among other bugs.

    Never seen a ten lined June beetle until we did this. Their hissing freaked me out the 1st time I saw them. And their grips are so strong when trying to get them off our backyard curtain that we use to block the sun. They are pretty cool looking though, and huge!

    We haven’t sat outside really in a couple months now because it isn’t that enjoyable when there are so many bugs around you, sometimes crawling on you, and sometimes ending up in my teacup or on my food plate. We’re probably going to cut it back again and maintain it more so that we can actually use our backyard again

  • Salix@sh.itjust.workstoNews@lemmy.worldStarbucks is reeling as customers go elsewhere, sales decline
    2·
    3 months ago

    I personally do not like any sugar in my coffee unless at a Viennese coffee house. I have a lot of amazing coffee roasters in the area.

    I still find McDonald’s coffee to be good for the price. Well, as long as there is a bit of creamer in it. I don’t ever eat at McDonald’s, I only go there for coffee if I need something quick and cheap that is better than gas station / 7-Eleven / Starbucks coffee.

    I don’t use creamer/milk in any actual good coffee. I prefer my coffee black to actually taste it, and normally it’s already sweet without anything added. And don’t like drip coffee usually.

  • Salix@sh.itjust.workstoNo Stupid Questions@lemmy.worldDo 9-5 jobs still exist in the U.S.?English
    8·
    5 months ago

    I didn’t even know paid lunch breaks were/are even a thing. Most jobs I’ve been in had 30 min unpaid lunch.

    I work 9 to 6 with 1 hour unpaid lunch at my current job. I don’t really do anything during my lunch besides sit in the office wasting time for an hour. Home is 30 min drive away, so I can’t go home. No parks nearby to walk around. Makes it feel like I am working a 9 hour shift getting paid 8 since I am sitting in the office for 9 hours…

  • Salix@sh.itjust.workstolinuxmemes@lemmy.worldThe real magic wordEnglish
    4·
    6 months ago

    Someone did a ELI3 explanation for this a couple days ago. The ELI5 explanation was more complicated so someone asked for ELI3 lol

    ELI3

    Pouring a cup of juice is something an adult needs to be involved with.

    sudo is when you ask for permission to pour your own cup of juice. You ask an adult, they give you the cup and the juice, and then you’re responsible for pouring it. If the adult isn’t paying attention they may leave the fridge open for you to go back for more juice or another beverage, but otherwise you’re limited to the amount of juice the adult has given you.

    run0 is when the adult just gets you a cup of juice. You tell them what you want, they go and pour the juice, and just give you the cup with the juice in it. You never enter the kitchen, so you don’t have access to the fridge, just your cup of juice.

    ELI5

    Basically, the SUID bit makes a program get the permissions of the owner when executed. If you set /bin/bash as SUID, suddenly every bash shell would be a root shell, kind of. Processes on Linux have a real user ID, an effective user ID, and also a saved user ID that can be used to temporarily drop privileges and gain them back again later.

    So tools like sudo and doas use this mechanism to temporarily become root, then run checks to make sure you’re allowed to use sudo, then run your command. But that process is still in your user’s session and process group, and you’re still its real user ID. If anything goes wrong between sudo being root and checking permissions, that can lead to a root shell when you weren’t supposed to, and you have a root exploit. Sudo is entirely responsible for cleaning the environment before launching the child process so that it’s safe.

    Run0/systemd-run acts more like an API client. The client, running as your user, asks systemd to create a process and give you its inputs and outputs, which then creates it on your behalf on a clean process tree completely separate from your user session’s process tree and group. The client never ever gets permissions, never has to check for the permissions, it’s systemd that does over D-Bus through PolKit which are both isolated and unprivileged services. So there’s no dangerous code running anywhere to exploit to gain privileges. And it makes run0 very non-special and boring in the process, it really does practically nothing. Want to make your own in Python? You can, safely and quite easily. Any app can easily integrate sudo functionnality fairly safely, and it’ll even trigger the DE’s elevated permission prompt, which is a separate process so you can grant sudo access to an app without it being able to know about your password.

    Run0 takes care of interpreting what you want to do, D-Bus passes the message around, PolKit adds its stamp of approval to it, systemd takes care of spawning of the process and only the spawning of the process. Every bit does its job in isolation from the others so it’s hard to exploit.