Hacker News: gnoack

New comment by gnoack in "Log messages are mostly for the people operating your software"

gnoack — Sun, 08 Mar 2026 19:07:06 +0000

How does this change the point that is being made in the article? Your agent is also only taking one of the existing roles that humans today occupy (e.g. the software operator or developer)

New comment by gnoack in "FOSDEM 2026 – Open-Source Conference in Brussels – Day#1 Recap"

gnoack — Mon, 02 Feb 2026 14:55:09 +0000

Those are pathname UNIX domain sockets, so you address them through the socket file, which is conventionally stored somewhere under /run.

You can run "netstat --listening --unix" to list the UNIX domain servers on your system, to get an impression.

See https://man7.org/linux/man-pages/man7/unix.7.html

New comment by gnoack in "FOSDEM 2026 – Open-Source Conference in Brussels – Day#1 Recap"

gnoack — Mon, 02 Feb 2026 12:02:04 +0000

I think you are misrepresenting this;

Varlink is based on much more conventional UNIX technology than Dbus, which is decades old: You connect to a named UNIX socket through its socket file in the filesystem (man page: unix(7)).

This is an old mechanism and it is known to work well. It does not require a broker service, it works right at system startup, and it does not require a working user database for permission checks (which would be a circular dependency for systemd in some configurations). If at all, I am surprised that systemd didn't use that earlier.

The main thing that Varlink standardizes on top of that is a JSON-based serialization format for a series of request/response pairs. But that seems like a lightweight addition.

It also does not require kernel support to work, the kernel support is already there. He mentioned in the talk that he'd like to be able to "tag" UNIX sockets that speak varlink as such, with kernel support. But that is not a prerequisite to use this at all. The service discovery -- and he said that in the talk as well -- is simply done by listing socket files in the file system, and by having a convention for where they are created.

New comment by gnoack in "Étoilé – desktop built on GNUStep"

gnoack — Thu, 04 Sep 2025 06:54:13 +0000

Etoile had its own Smalltalk dialect back in the day, Pragmatic Smalltalk. This was a Smalltalk based on the Objective-C runtime, based on an OMeta implementation and a LLVM backend. David Chisnall, who created it at the time, ended up getting involved more in LLVM in the long run, I believe.

New comment by gnoack in "Étoilé – desktop built on GNUStep"

gnoack — Thu, 04 Sep 2025 06:47:50 +0000

CDE was open sourced a while back: https://sourceforge.net/projects/cdesktopenv/

Landlock Your Vibe Coding

gnoack — Sat, 02 Aug 2025 18:44:09 +0000

Article URL: https://blog.gnoack.org/post/landlock-your-vibe-coding/

Comments URL: https://news.ycombinator.com/item?id=44770205

Points: 2

# Comments: 0

New comment by gnoack in "A quick look at unprivileged sandboxing"

gnoack — Tue, 15 Jul 2025 21:00:24 +0000

Absolutely, seccomp is also an unprivileged sandboxing mechanism in Linux. It does have the drawback however that the policies are defined in terms of system call numbers and their (register value) arguments, which complicates things, as it is a moving target.

The problem was also recently discussed at https://lssna2025.sched.com/event/1zam9/handling-new-syscall...

New comment by gnoack in "A quick look at unprivileged sandboxing"

gnoack — Tue, 15 Jul 2025 20:52:30 +0000

Landlock is currently still lacking some wrapper libraries that make it easier to use, in C.

We do have libraries for Go and Rust, and the invocation is much more terse there, e.g.

  err := landlock.V5.BestEffort().RestrictPaths(
      landlock.RODirs("/usr", "/bin"),
      landlock.RWDirs("/tmp"),
  )

FWIW, the additional ceremony in Linux is because Linux guarantees full ABI backwards compatibility (whereas in OpenBSD policy, compiled programs may need recompilation occasionally).

Similarly terse APIs as for Go and Rust are possible in C as well though, as wrapper libraries.

For full disclosure, I am the author of the go-landlock library and contributor to Landlock in the kernel.

New comment by gnoack in "The Gang of Four is wrong and you don't understand delegation (2012)"

gnoack — Wed, 26 Mar 2025 16:34:18 +0000

The way I interpreted most of these "subclassing" cases in the GoF diagrams was actually as "subtyping", and then it makes more sense.

Regarding no one having a lock on the term "delegation", I think this is spot on. Yes, someone might have used the term differently before GoF, but that does not mean that GoF was wrong. It just meant something else in their context.

(Btw, congratulations, your comment is the first one so far in this comment thread that actually discusses the linked article and not just the GoF book itself.)

New comment by gnoack in "Landrun: Sandbox any Linux process using Landlock, no root or containers"

gnoack — Sun, 23 Mar 2025 18:28:56 +0000

It's tracked in https://github.com/landlock-lsm/go-landlock/issues/35 - signals and abstract Unix sockets do unfortunately not interact well with the inherently multithreaded Go runtime. We are working on a fix in https://github.com/landlock-lsm/go-landlock/issues/36 but this needs to be on the kernel side and this is delaying this feature in Go, unfortunately. It is usable from (single threaded) C programs though.

New comment by gnoack in "Landrun: Sandbox any Linux process using Landlock, no root or containers"

gnoack — Sat, 22 Mar 2025 20:33:31 +0000

A rough description of upcoming network restriction features in Landlock and how they map to the BSD socket API is in the talk at https://youtu.be/K2onopkMhuM?start=2025 starting around 33:45

I really hope we can get back to these features soon :) I think these would be very useful.

New comment by gnoack in "Landrun: Sandbox any Linux process using Landlock, no root or containers"

gnoack — Sat, 22 Mar 2025 20:24:39 +0000

(Author of go-Landlock here)

Awesome! I'm happy to hear that you and others are interested in the configuration language. We should probably coordinate that on the Landlock mailing list when the time comes, so that we don't duplicate that work. We are open to outside contributions :)

New comment by gnoack in "Landrun: Sandbox any Linux process using Landlock, no root or containers"

gnoack — Sat, 22 Mar 2025 20:00:29 +0000

OpenBSD did get it right, but they also have a more relaxed scheme for backwards compatibility across releases. Linux's strict ABI compatibility guarantees complicate matters slightly, but with the right supporting library it becomes tolerable.

See the example at the top of the Readme at https://github.com/landlock-lsm/go-landlock

(Full disclosure, I am the author of that library)

FWIW, I do hope that we can motivate people to use Landlock in the same way as people use pledge on OpenBSD, as a lightweight self-sandboxing mechanism that requires fewer architectural changes to your program and results in more constrained sandboxes than Linux namespaces and other mechanisms do.

New comment by gnoack in "Landrun: Sandbox any Linux process using Landlock, no root or containers"

gnoack — Sat, 22 Mar 2025 19:54:38 +0000

(Author of that library here)

It is a library, as already linked in the other comment: https://github.com/landlock-lsm/go-landlock

The landrun tool is built on the same library. We also provide an official library for Rust, and obviously you can do it from C as well.

I also collected some libraries for other languages at https://wiki.gnoack.org/SoftwareUsingLandlock (but I can not vouch for their quality in detail)

New comment by gnoack in "Landrun: Sandbox any Linux process using Landlock, no root or containers"

gnoack — Sat, 22 Mar 2025 19:47:58 +0000

Exactly, for resource limits you can use setrlimit(2) or cgroups if needed.

New comment by gnoack in "Landrun: Sandbox any Linux process using Landlock, no root or containers"

gnoack — Sat, 22 Mar 2025 19:46:32 +0000

(Landlock reviewer here)

Namespaces can also be used for sandboxing, but they have a series of problems. Most importantly, they require more substantial changes to your program that wants to sandbox itself, and the program has to jump through a series of hoops to get everything into the right state. It is possible, but the resulting program environment is in the end more unusual and the mechanisms for enabling unprivileged namespaces are making it difficult to use it for smaller use cases. (It involves re-execution of the program that wants to sandbox itself, whereas with Landlock, a small program can just install a Landlock policy during an early startup phase and continue with that.)

Controlling the rules through a separate process is not currently possible, but it was proposed earlier this month on the kernel mailing lists:

https://lore.kernel.org/all/cover.1741047969.git.m@maowtm.or...

New comment by gnoack in "How to setup self hosted wiki for your startup"

gnoack — Sun, 17 Nov 2024 19:01:59 +0000

I ended up building my own Wiki in Go at some point, although I use this mainly for my own smaller purposes. Description and demo instance at:

https://wiki.gnoack.org/UkuleleWeb

It takes very little resources on my Raspberry Pi and is built to be extensible and safe through its transparent way of storing wiki pages as markdown files.

New comment by gnoack in "Funding restored for man-page maintenance"

gnoack — Fri, 08 Nov 2024 11:55:54 +0000

I find this an offensive comment. The GIGO principle applies to documentation, and we would be in a much worse place if we didn't have the man page documentation written and reviewed by humans.

Man Pages Maintenance Suspended

gnoack — Sat, 07 Sep 2024 10:58:11 +0000

Article URL: https://lwn.net/Articles/989215/

Comments URL: https://news.ycombinator.com/item?id=41473130

Points: 7

# Comments: 3

New comment by gnoack in "Linux man-pages project maintenance"

gnoack — Sat, 07 Sep 2024 10:57:26 +0000

It is not the Debian package maintainer stepping down here, but the project maintainer.