The Rust Security Response WG was notified that Cargo did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local user, another local user could exploit this to change the source code compiled and executed by the current user.
I'm a web developer working on an app running in Docker on my MacBook. Chrome, Edge and Safari trust the self-signed certificate that has been imported into the Mac's root certificate store and have no security issues, but when I try and access the web app, I'm hit with "Warning: Potential Security Risk Ahead" and the error code...
Does the certificate have a basic constraints extension with CA:TRUE set? Firefox doesn't allow that for certificates used as ‘end entity’ certificates. You'll want to re-generate the certificate without the extension.
Hello again from the Rust Leadership Council. In our first blog post, we laid out several immediate goals for the council and promised to report back on their progress. It has been about a month since our first update so we wanted to share how it's going and what we're working on now.
Someone I know recently switched from automatic bathroom lights to manual ones. Remembering to turn them on isn't an issue, but months later everyone still forgets to turn them off.
I really wish there was more word from mozilla on this. There are a few electron apps that I’d much rather use a PWA for so I can totally ditch chromium/electron
The Rust team is happy to announce a new version of Rust, 1.71.0. Rust is a programming language empowering everyone to build reliable and efficient software....
They're not going to have open signups. It's government agencies only. Not that there's technically anything stopping Germans from joining the PR departments of our government agencies…
Security advisory for Cargo (CVE-2023-38497) | Rust Blog (blog.rust-lang.org)
The Rust Security Response WG was notified that Cargo did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local user, another local user could exploit this to change the source code compiled and executed by the current user.
This Week in Rust 506 (this-week-in-rust.org)
How to make Firefox trust a self-signed certificate? (fedia.io)
I'm a web developer working on an app running in Docker on my MacBook. Chrome, Edge and Safari trust the self-signed certificate that has been imported into the Mac's root certificate store and have no security issues, but when I try and access the web app, I'm hit with "Warning: Potential Security Risk Ahead" and the error code...
#106 GUADEC 2023 · This Week in GNOME (thisweek.gnome.org)
Update on what happened across the GNOME project in the week from July 21 to July 28.
Did you know: Gnome’s MVP of the year gets a pair of pants. (i.imgur.com)
Photo 1.1 Tobias Bernard from the Gnome Design Team gets a pair of pants
Firefox 115.0.3 released (www.mozilla.org)
This Week in Rust 505 (this-week-in-rust.org)
July 2023 Leadership Council Update | Inside Rust Blog (blog.rust-lang.org)
Hello again from the Rust Leadership Council. In our first blog post, we laid out several immediate goals for the council and promised to report back on their progress. It has been about a month since our first update so we wanted to share how it's going and what we're working on now.
#105 Legendary Saturday Edition · This Week in GNOME (thisweek.gnome.org)
Update on what happened across the GNOME project in the week from July 15 to July 22.
My office has automatic faucets in the bathroom and I've started sticking my hands under the faucet at home and wondering for a second where the water is.
What the hell is wrong with me?
Firefox still doesn't have PWA support (connect.mozilla.org)
I really wish there was more word from mozilla on this. There are a few electron apps that I’d much rather use a PWA for so I can totally ditch chromium/electron
This Week in Rust 504 (this-week-in-rust.org)
Announcing Rust 1.71.0 | Rust Blog (blog.rust-lang.org)
The Rust team is happy to announce a new version of Rust, 1.71.0. Rust is a programming language empowering everyone to build reliable and efficient software....
This Week in Rust 503 (this-week-in-rust.org)
What hostname do you use for server? home.box or home.local?
There are many DNS names options. Which one do you use?
Dutch government starts own Mastodon instance as reaction to the instability of Twitter (lemmy.world)
@beheerder
So I tried signing up for Twitter to do a little trolling there... (lemmy.dbzer0.com)
I thought: Okay I’ll do 15 of these and start spamming twitter....