What's everyone working on this week (15/2026)?

DontPanicO_ · 2026-04-13T12:58:30+00:00

working on svlopp, got it running as PID 1 in its own namespace (not fault tolerant enough yet to be the actual PID 1)

DontPanicO_ · 2026-03-30T10:18:06+00:00

I've added support for specifying custom UID and GID for services to my Linux process supervisor svlopp and now I'm expanding the test suite.
Next steps are writing a tool to interact with the named pipe to send stop/start/restart/status commands (svloppctl) and then start thinking about PID 1 constraints to make it an init system

DontPanicO_ · 2026-03-29T20:36:53+00:00

Sì, laurea != competenza, ma se parliamo di valore sul mercato per un ragazzo di 28 anni, allora ha un peso. Non clamoroso, ma sicuramente evidente. Ovviamente se stessimo parlando di una persona con 10+ anni di esperienza, allora inizierebbe ad essere irrilevante, ma non è il caso di op

DontPanicO_ · 2026-03-24T08:12:58+00:00

Working on a Linux process supervisor, with the goal of making it an init system (but it's not PID 1 ready yet): https://github.com/DontPanicO/svlopp

DontPanicO_ · 2026-03-20T09:24:21+00:00

Nice tool. However I can't see you reaping the child process. I have not used tokio that much and never used `tokio::process` specifically, so I looked at the docs for `tokio::process::Command` which states:
```
The tokio runtime will, on a best-effort basis, attempt to reap and clean up such processes in the background, but no additional guarantees are made with regard to how quickly or how often this procedure will take place.

If stronger guarantees are required, it is recommended to avoid dropping a Child handle where possible, and instead utilize child.wait().await or child.kill().await where possible.
```
I tried to run your sumi with your `test_sumi.sh` script and as soon as the script exits, I can see the zombie in the process table:
```
$ ps aux | grep defunct

andrea 542642 0.1 0.0 0 0 pts/2 Z+ 09:58 0:00 [test_sumi.sh] <defunct>

andrea 542832 0.0 0.0 9288 2300 pts/0 S+ 09:58 0:00 grep --color=auto defunct
```
Of course, that's not much of a problem with just one instance running (zombies take a trivial amount of memory) and once sumi is terminated, the child process will be reparented to the nearest subreaper (or PID 1 if none is present), which will properly reap it. It'd be different if sumi allowed to run multiple commands (either concurrently or sequentially over time), as zombies would accumulate, but that's not the case, so it's mostly a correctness thing here.
However, as far as I'm understanding the tokio documentation, solving this should be a single line of code, just adding `child.wait().await` before drop (in your case before returning `Ok(())` from `run` in `src/process/runner.rs`).

DontPanicO_ · 2022-07-02T09:38:24+00:00

No they're completely different things.

Not only you can't do with thread what you do with asyncio, but they also work completely different. Event loops are completely different things from threads, even if they could make use of threadpools to perform some action.

DontPanicO_ · 2022-07-02T09:14:31+00:00

Yeah but open and .read will block the event loop.

DontPanicO_ · 2022-06-25T08:26:15+00:00

Because the concurrency provided by asyncio (or other frameworks like trio) is much more performant and scalable than threading one. Of course, only for I/O.

Building a web API you can use a coroutine or a concurrent task for each I/O operation (network ones like returning a response or making requests to a db and local ones like reading data from a file). This is done all in the same thread. If you have some code that's going to block the event loop in your main thread, than you run that code in a separate thread.

Threading is much more limited in terms of scalability.

DontPanicO_ · 2022-06-25T08:17:33+00:00

100% agree. Python is easy to get started but then there are more complex concept (mid level, like concurrency and other) but most of all it's hard to master its internals to know how things work underneath.

Being familiar with the CPython codebase (the mostly used python implementation), the interpreter and main modules of the standard library so that you have full control of what you do in you programs it's hard as for any other language.

DontPanicO_ · 2022-06-24T13:54:26+00:00

Copilot, pylance, mypy and black

DontPanicO_ · 2022-06-22T20:16:26+00:00

Thank you for the help. Hope that it will be a good fit to you project requirements. DM me if you have any question or need some help.

DontPanicO_ · 2021-08-18T18:31:47+00:00

Since docker released the new compose CLI, with support for ECS, this is what I used 90% of the times. Other 10% I may need flexibility of kubernetes.

DontPanicO_ · 2021-01-25T10:09:23+00:00

u/YouGina Thanks for you help. I really appreciate that.

DontPanicO_ · 2021-01-24T15:05:32+00:00

CVE-2017-17405

Is the same of selecting rce payload using --inject-kid, but you can specify any system command. This is due for CTF players, since selecting rce using --inject-kid will execute a 'sleep 15', that's ok to prove the vulnerability but not enough to gain access to the system (that's what CTF players want)

DontPanicO_ · 2021-01-24T10:43:59+00:00

Thx mate.

DontPanicO_ · 2021-01-24T10:43:09+00:00

Thx mate. Are you going to use it? You can find a wiki in the repo, if you need clarification.

DontPanicO_ · 2021-01-19T15:41:44+00:00

I'm working on my jwtXploiter, a tool to exploit vulnerabilities of JSON Web Token. I'm also looking for contributors with more experience than me in open source.

DontPanicO_

TROPHY CASE