Conversation
dalias@hachyderm.io

Cassandrich

15 years later, the misguided glibc feature request to add a nonstandard "dlopen in-memory shared library image" function is still getting requests from folks who don't understand any of the technical details (specifically, why it wouldn't help) but have an ideological objection to temp files. 🤦

3
0
0
hipsterelectron@circumstances.run

d@nny mc²

Reply to @dalias@hachyderm.io

@dalias i love temp files! how absurd

1
0
0
dalias@hachyderm.io

Cassandrich

Reply to @hipsterelectron@circumstances.run

@hipsterelectron I suspect the hatred for them comes from Windows-land, where you can't unlink a temp file until you're done using it and where open files have nasty locking semantics. And where they're always on real disks.

On unix temp files are beautiful. Open, unlink, use, and never worry about stale ones getting left around. And on Linux, put them on tmpfs so there's no disk involved.

0
0
0
r@glauca.space

R

Reply to @dalias@hachyderm.io

@dalias wait, what is the issue with trying to implement something like this? it feels like it should be totally doable (and easier than with PE, where this type of trick is/was a reasonably-common overly-clever/malcode thing)?

1
0
0
dalias@hachyderm.io

Cassandrich

Reply to @r@glauca.space

@r Implementing it is 100% functionally equivalent in resource usage, capabilities, etc. to writing out a temp file an dlopen'ing it.

What folks continually refuse to understand is that you cannot use the ELF image in-place in memory. It's not going to have the right access modes, likely isn't going to be aligned right, etc., and even if it were, most ELF objects are not mapped linearly but have different range mappings mapped at different relative offsets. Which can't be done with an existing in-memory copy.

1
0
0
charlotte

Charlotte 🦝 therian

Reply to @dalias@hachyderm.io

@dalias seems like a suspect use case anyhow. i presume this is for some sort of management backdoor thing, but wouldn’t it make sense to drop the so on disks anyways so that you can look at them after?

0
0
0
r@glauca.space

R

Reply to @dalias@hachyderm.io

@dalias ah, didn't realize that ELF objects also had different relative offsets -- somehow thought that they usually didn't (and only PE typically did)

1
0
0
dalias@hachyderm.io

Cassandrich

Reply to @r@glauca.space

@r On typical classic ELF shared objects without any fancy relro, non-executable rodata, etc. you typically have two mappings that overlap in the ELF image on the last page (one page mapped twice, partly as end of code/rodata and partly as beginning of rw data). Newer stuff is more elaborate.

0
0
0
About Raccoon Noises

Rules

  • Hate against minority groups is forbidden. This includes racism, sexism, ableism, xenophobia, homophobia, transphobia,, antisemitism, islamophobia, queer exclusionism, etc.
  • Content that is illegal under German Law is not permitted. This especially includes the promotion and dissemination of any Nazi symbolism and ideology, except for education, reporting on past or current events, and antifascist art.
  • Please add content description to all media that you post. This instance automatically adds a CW if it is missing. If you are unable to create one, you can request one via the #DescriptionWanted hashtag
  • Be considerate. Add content warnings for NSFW Content, common phobias, overly long posts, controversial subjects, etc. Please try to avoid flashing images and quickly moving text inside of your posts.
  • NSFW content is generally allowed, but all NSFW content must be properly marked as such, including kinks. Profile images, names, bios, etc must be fully SFW, or they are subject to removal
  • Bots are allowed, however they must be marked as such and must make unlisted posts, may only @ or interact with posts of other users iff they have prompted the bot, or have given explicit permission to do so. Additionally, bots may not post more than 10 posts in a 60 minute interval without interaction.
We highly encourage reporting posts violating our rules, even if they are not on our instance. Your reports will not be ignored. For transparency we publish local moderation decisions for users on this server, and federation moderation decisions on the #FediBlock hashtag.
We do the following moderation automatically:
  • Unlisting of bot posts
  • Adding of CWs to unlabeled media
  • Modification or removal of posts that cause issues with certain clients

Privacy Policy

What data do we collect?

We collect the following data:
  • Email Addresses from local users
  • Posts and Media uploaded by local users
  • User Profiles and Posts by certain remote users

How do we collect your data?

If you are a user of this instance, we collect and process your data when you sign up for or use interactive features (e.g. Posting) of the Website.
If you are not a local user, we collect your data over the following ways:
  • One of our users has requested to follow your account, and you have accepted the request.
  • One of your posts has been interacted with by a remote account, that a local account has followed. This includes Replies, Repeats, Quotes, Likes, Emoji Reactions, and @-Mentions.
  • You have requested that your post is shown to one of our users (i.e. through @-Mentions or DMs)
  • User Interaction: One of our users has explicitely looked up your profile or one of your posts on this instance, for example to interact with it.
  • You have posted a public post on an instance that participates in the awoo.today relay.

How will we use your data?

We collect your data so that we can:
  • Store and display your posts to our local users
  • Display public posts to anonymous users
  • Deliver your public, unlisted, and private posts to your followers
  • Deliver direct messages to the recipient
  • Allow our users to follow you
  • Allow our users to interact with your posts
As members of the awoo.today relay, we will send posts that you have marked as “public” to all of the other instances participating in the relay.

How do we store your data?

We store your post, profile and account data securely in the Hetzner Datacenter in Falkenstein, Germany. See their DIN ISO/IEC 27001 certification Media is stored on Backblaze B2
We employ technical security measures to avoid exposure to sensitive data.
We also store backups of post, profile, and account data in multiple locations, in an encrypted form, on our server near Chemnitz, Germany, as well as on Backblaze B2.
For technical reasons it is not possible modify these backups to remove your data. If this is a concern, please contact us.

What are your data protection rights?

We want to make sure that you are aware of your data protection rights. Every user is entitled to the following:
The right to access — You can request a copy of the data we have about you. This may require a short verification for remote users. Local users can do so in the settings under Export/Import
The right to rectification — You can request us to correct any information you believe is inaccurate. You also have the right to request us to complete the information you believe is inaccurate.
The right to erasure — You can request us to erase the data we have about you.
The right to restrict to processing — You can restrict us from transmitting your posts to other servers by setting your post visiblity to “Local”. Remote users can also restrict processing of certain posts, by setting its visiblity to “Unlisted” or “Private”.
The right to object to processing — As a remote user, you can object to further processing of posts and profile data by blocking this domain.
The right to data portability — You can at any point move to other instances. Due to technical restrictions, it is currently not possible to automatically transfer the users you follow and posts to your new account.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, or need help with the included tools, please contact us at our email privacy@chir.rs

Cookies

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology
For further information, visit allaboutcookies.org.

How do we use cookies?

We use cookies for keeping you logged in. Additionally we store certain configuration in cookies, however these cookies are never transmitted to anyone.

How to manage cookies

You can tell your browser to not accept cookies, or tell it to remove cookies this website has stored on your device. Please consult your browser’s documentation on instructions on how to do that.

Privacy policies of other websites

This site contains many links to other websites. This privacy policy only applies to this website. Please consult the privacy policy of these remote sites before entering any personal information.

Changes to our privacy policy

We may make occasional adjustments to this privacy policy. This policy was last updated on 2022-12-30.

How to contact us

If you have any questions about this policy, the data we hold about you, or want to exercise one of your data protection rights, please contact us at: privacy@chir.rs

How to contact the appropriate authority

Should you wish to report a complaint, or if you feel that we haven’t addressed your concern in a satisfactory manner, you may contact the Sächsische Datenschutzbehörde.
We also offer the Mastodon Web UI. Keep in mind that some features are missing, like emoji reactions, quoting, and JPEG XL.

Art Credit