Drew DeVault's Blog

on Drew DeVault's blog

State of Sway April 2017

Development on Sway continues. I thought we would have slowed down a lot more by now, but every release still comes with new features - Sway 0.12 added redshift support and binary space partitioning layouts. Sway 0.13.0 is coming soon and includes, among other things, nvidia proprietary driver support. We already have some interesting features slated for Sway 0.14.0, too!

MSG_PEEK is pretty common, CVE-2016-10229 is worse than you think

I heard about CVE-2016-10229 earlier today. In a nutshell, it allows for arbitrary code execution via UDP traffic if userspace programs are using MSG_PEEK in their recv calls. I quickly updated my kernels and rebooted any boxes where necessary, but when I read the discussions on this matter I saw people downplaying this issue by claiming MSG_PEEK is an obscure feature.

Principles for C programming

In the words of Doug Gwyn, “Unix was not designed to stop you from doing stupid things, because that would also stop you from doing clever things”. C is a very powerful tool, but it is to be used with care and discipline. Learning this discipline is well worth the effort, because C is one of the best programming languages ever made. A disciplined C programmer will…

Compiler devnotes: Machine specs

I have a number of long-term projects that I plan for on long timelines, on the order of decades or more. One of these projects is cozy, a C toolchain. I haven’t talked about this project in public before, so I’ll start by introducing you to the project. The main C toolchains in the “actually usable” category are GNU and LLVM, but I’m satisfied with neither and I want to build my own toolchain. I see no reason why compilers should be deep magic. Here are my goals for cozy:

Lessons to learn from C

C is my favorite language, though I acknowledge that it has its warts. I’ve tried looking at languages people hope will replace C (Rust, Go, etc), and though they’ve improved on some things they won’t be supplanting C in my life any time soon. I’ll share with you what makes C a great language to me. Take some of these things as inspiration for the next C replacement you write.

The only problem with Python 3's str is that you don't grok it

I’ve found myself explaining Python 3’s str to people online more and more often lately. There’s this ridiculous claim about that Python 3’s string handling is broken or somehow worse than Python 2, and today I intend to put that myth to rest. Python 2 strings are broken, and Python 3 strings are sane. The only problem is that you don’t grok strings.

Actually, you CAN do it

I maintain a lot of open source projects. In order to do so, I have to effectively manage my time. Most of my projects follow this philosophy: if you want something changed, send a patch. If you are running into an annoying bug, fix it and send a patch. If you want a new feature, implement it and send a patch. It’s definitely a good idea to talk about it beforehand on the issue tracker or IRC, but don’t make the mistake of thinking this processes ends with someone else doing it for you.

State of Sway December 2016 - secure your Wayland desktop, get paid to work on Sway

Earlier today I released sway 0.11, which (along with lots of the usual new features and bug fixes) introduces support for security policies that can help realize the promise of a secure Wayland desktop. We also just started a bounty program that lets you sponsor the things you want done and rewards contributors for working on them.

A broad intro to networking

Disclaimer: I am not a network engineer. That’s the point of this blog post, though - I want to share with non-networking people enough information about networking to get by. Hopefully by the end of this post you’ll know enough about networking to keep up with a conversation on networking, or know what to search for when something breaks, or know what tech to research more in-depth when you are putting together something new.

Electron considered harmful

Yeah, I know that “considered harmful” essays are allegedly considered harmful. If it surprises you that I’m writing one, though, you must be a new reader. Welcome! Let’s get started. If you’re unfamiliar with Electron, it’s some hot new tech that lets you make desktop applications with HTML+CSS+JavaScript. It’s basically a chromeless web browser with a Node.js backend and a Chromium-based frontend. What follows is the rant of a pissed off Unix hacker, you’ve been warned.