Nim

👋 Intro If you have ever spent time hardening Linux applications, you probably know the frustration of the all-or-nothing permission model. In the standard Linux environment, once a process starts running, it usually has far more filesystem access than it actually needs. While we have tools like seccomp, chroot, or heavy-duty modules like SELinux and AppArmor, they often feel too complex for simple, application-level sandboxing. Landlock changes this. Since its merge into the Linux kernel in version 5.13, it has become a game-changer for developers. It allows a process to restrict itself without requiring root privileges, moving security away from global system policies and directly into your application code. ...

The problem When we write our programs or libraries, usually we ship to the end user a packaged binary. If a user wants to report a bug or ask for a feature, one of the most important information to have is “which version of the software are you using ?” Since as any good programmer you likely use a source code control system, you should not rely only on the numeric version, but it’s practical to include also the git commit hash of the software you are actually shipping. ...

The Good 😇 Today I decided to submit an openSUSE package update for the nim compiler. It went almost all well but unfortunately I faced a problem: on the i586 platform it fails to build. ...

On this February I decided to participate with a project to the SUSE Hackweek. ...