Hacker Newsnew | past | comments | ask | show | jobs | submit | enjolras's commentslogin

Indeed. Looking at the assembly generated it looks like gcc is too smart for its own good.


And here are some recent bencmarks :

http://lists.dragonflybsd.org/pipermail/users/2016-May/24964...

http://lists.dragonflybsd.org/pipermail/users/2016-June/2496...


If your server is running Unix you might want to check Ocaml with js_of_ocaml (and maybe eliom), part of the ocsigen Web stack. Both languages are very similar but ocaml is a first class Unix citizen with native compiler backend.

http://ocsigen.org


Just my 2cs, but the complexity of this code is here to remind you there are a lot of cases you have to take into account :

    let path = Path::new(&app_path);
    if let Some(ostr) = path.file_name() {
       if let Some(str) = ostr.to_str() {
           println!("file name : {}", str);
       } else {
          println!("WARNING : file name is not a valid unicode sequence ! (file name : {:?}", ostr);
       }
    } else {
      println!("Path is either a root directory or a dot entry, it has no filename");
    }


I agree with you that this comment is quite harsh, but i'd like to point out that it's not a fair representation of steveklabnik's usual interaction with the community on reddit and IRC, as far as i can tell.


look at the code. AT_RANDOM is. used when it's avaible in the fallback function. For some reason, the devs don't seem to trust it much, according to the comment.


Is it guaranteed to at least be different for different processes? They could use that in addition to the PID test to know when to reseed.


No. It's only filled on execve, not fork.


I don't know why apache says freeBSD, but i'm pretty sure that the server is running DragonFly


Capsicum is still work in progress and worked on. Since FreeBSD 9, it has undergone a lot of internal design changes (capabilities are now embedded in the filedescriptors instead of being standalone structures), and API changes.

Yet another API change is undergoing to make the code more future proof (currently, you can have only 64 different capability rights, which is not enough), but it's happening out of tree. There are also new libraries to ease applications developpement.

Capsicum is not yet in a real production state. It's a big project and it needs a lot of thoughs to get it right. I don't know if it will get in FreeBSD 10, I'm not a freeBSD guy, but you can be sure there are still a lot of work dedicated to capsicum ! After the basic kernel API and libs has been stabilized, it will still need work to convert applications to capsicum before you can consider capsicum as a deployed security mechanism in FreeBSD.


Note that the problem you describe for process is not a fundamental design choice. For instance, FreeBSD has added such API.

http://www.freebsd.org/cgi/man.cgi?query=pdfork


I wonder if this is going to make it to OSX at some point, given the commonality between OSX and FreeBSD?


OS X has provided such APIs for a while - you can create processes using posix_spawn rather than fork, and monitor them with kqueues.

That said, if you're writing an app you might be able to go higher level and use XPC services, which can be much less pain.


Maybe the name Ph. D., but the Ph. D. itself is older in the USA and in Europe. There were Ph. D. in the 19th century both in Europe and in Universities like Yale or Harvard.


Could you clarify? Humboldt University started granting PhDs in the early 19th century, Yale in 1861, so yes, of course there were PhDs in the 19th century.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: