16 Matching Annotations
  1. Feb 2021
  2. Dec 2020
  3. Nov 2020
    1. If the goal of this is purely to avoid showing a runtime warning (and isn't needed for other functionality) I think we should try to consider other ways of dealing with the root issue. See also #4652, which has been opened for just this concern.
  4. Oct 2020
  5. Sep 2020
    1. We don't want to rely on there being a single root element - or prevent ourselves from ever implementing named slots without a single root node - and so there's not anything to apply the class to or the transition to.
    1. This specification defines the ::part() pseudo-element on shadow hosts, allowing shadow hosts to selectively expose chosen elements from their shadow tree to the outside page for styling purposes.
  6. Aug 2020
  7. Jul 2020
    1. if you only need to display the tags of a single question, use the first schema. If you want somehow to display all the tags of all questions, the second schema is recommended
  8. May 2020
    1. If any Firefox engineers are reading this, please don't try to subvert the above workaround, it requires multiple steps and administrator rights to set up, and we must all agree that it is of little sense for Firefox to try defending against unwanted programs or malware that has root access on the device.
  9. Dec 2019
    1. do not run the installer directly as/from the 'root' account! Always use the sudo command from a non-privileged user account. This is due to variables that are different between root's environment and a user's that aren't affected by an EUID change, as well as code checks in the install itself.
    1. sudo, especially combined with NOPASSWD as recommended in the comments, has no security benefits over just using the root account.

      Well, there is at least one security benefit: security through obscurity. Every hacker will try to ssh root@host. But they may not think to attempt rsyncuser@host.

      (Same argument used for using non-standard port instead port 22)

    2. Now using sudo to work around the root account is not only pointless, it's also dangerous: at first glance rsyncuser looks like an ordinary unprivileged account. But as I've already explained, it would be very easy for an attacker to gain full root access if he had already gained rsyncuser access. So essentially, you now have an additional root account that doesn't look like a root account at all, which is not a good thing.
    3. No, clumsily working around the root account in situations where it is absolutely appropriate to use it is not for good reasons. This is just another form of cargo cult programming - you don't really understand the concept behind sudo vs root, you just blindly apply the belief "root is bad, sudo is good" because you've read that somewhere.
  10. Sep 2019
  11. Sep 2018
  12. Jul 2018
    1. Facebook isn’t a mind-control ray. It’s a tool for finding people who possess uncommon, hard-to-locate traits, whether that’s “person thinking of buying a new refrigerator,” “person with the same rare disease as you,” or “person who might participate in a genocidal pogrom,” and then pitching them on a nice side-by-side or some tiki torches, while showing them social proof of the desirability of their course of action, in the form of other people (or bots) that are doing the same thing, so they feel like they’re part of a crowd.

      Similar to the riot theory...