I think that’s true, but it’s a different moral imperative than either open source (understood as just being able to get the code for the software you have) or Free Software (which was conceived when software came on tapes in the mail and completely fails to address project governance in the era of forges).
Well, yes, under normal circumstances things work properly and do not need to be debugged. But generally eventually any system encounters abnormal circumstances, and one does not want the correct answer to be “give up on that system forever and go home”.
Have you had to recover from a failed device yet? Managing the SIM with the app will work great as long as the app is in fact working, but it’s not obvious how you would go about connecting a new device when the old device is not available.
But if I am trying to debug some mobile connection related thing I can’t be waiting 30 minutes to swap it back and forth every time. Then I won’t be able to solve the problem in a timely fashion.
I don’t think ActivityPub is set up for one server storing and forwarding a whole feed of everything, like Usenet. Right?
But you can, in fact, be too careful. Availability is one arm of the security triad.
If whatever complex configuration you have set up to avoid exposing something to the Internet is incompatible with something and what you wanted to do can’t be done, or if you look and see that setting all that up would be too hard and don’t bother to expose the service at all, then your security posture is incorrect because your service is just as unavailable as if someone else broke it.
That certainly sounds like a thing you would want, nay need, to fix.
This is just https://xkcd.com/2347/ but the person in Nebraska has been replaced with a new one and neither uses capital letters.
I mean if you put up an Internet-facing unauthenticated file acceptor it will quickly become stuffed with all sorts of garbage and aspiring malware. You definitely don’t want to hook that up to an untar and exec loop, even with some notion of sandboxing. It will just start mining Bitcoins or sending spam or something.
But if it is built properly, with only authorized users being able to upload stuff, and a basic understanding of not dropping stuff where the web server will happily execute every PHP web shell someone sticks in the slot, and the leverage to threaten people into not uploading pictures of their own or others’ butts or Iron Man (2009), I don’t see why all but the file-uploading professionals should immediately give up.
You could definitely build something like this. You definitely want either human review before execution or a fair amount of sandboxing for whatever your students submit.
Do you want students trying to brute force or exfiltrate whatever test data lives in the server? If not, either they should just have the test cases already, or they can get back how many/which of the secret test cases they passed along with their grade, so showing them the results live might not be so important. Unless you want something like “you have 3 tries to pass the secret tests so you can get a hint that your own tests missed a case and go back and try to guess what it was”.
You also might want to invest time first in test harnesses for the students to run themselves, because you want them to learn good practices like coding against a test suite. If nothing else it makes it easier to make the auto-grader later if the students’ code is all already hooked up to the same test framework.
Teaching students how to use fully use a multi-user Unix system can for some topics put unnecessary faffing about between the students and what they are trying to learn (are you teaching front-end web dev or something?), but in a lot of cases your students might actually be better served by something that makes them touch the deep magic than by a slick web UI that handles everything for them, as long as you turn it into a learning experience and not a protracted period of bafflement.
Does your school not already have some kind of shared CD department server/Unix environment for the students that could get you out of account management?
Also, the Right Way to get the code to the server is probably going to be Git and not a tarball. The students could/should be set up with a Git forge and indoctrinated in never leaving their code on their laptop to be sat upon and lost.
Don’t they owe the kernel code to anyone with the kernel binaries under GPL? Anyone with a Pixel running this release has a right to get the code on demand from Google, right? The news coverage doesn’t seem to consider this.
It works on some devices; they do sign the builds as far as I can tell. But the bootloader itself needs to be convinceable to trust the LOS signatures, and needs to understand the secure boot implementation used in the Android that the current LOS is built from (since Android has re-done it all a few times). Nobody knows anything about bootloaders to figure out which of them can do this or how they would be induced to do it.
qsnc is a gentleperson and a scholar
I think you can keep doing the SMB shares and use an overlay filesystem on top of those to basically stack them on top of each other, so that server1/dir1/file1.txt and server2/dir1/file2.txt and server3/dir1/file3.txt all show up in the same folder. I’m not sure how happy that is when one of the servers just isn’t there though.
Other than that you probably need some kind of fancy FUSE application to fake a filesystem that works the way you want. Maybe some kind of FUES-over-Git-Annex system exists that could do it already?
I wouldn’t really recommend IPFS for this. It’s tough to get it to actually fetch the blocks promptly for files unless you manually convince it to connect to the machine that has them. It doesn’t really solve the shared-drive problem as far as I know (you’d have like several IPNS paths to juggle for the different libraries, and you’d have to have a way to update them when new files were added). Also it won’t do any encryption or privacy: anyone who has seen the same file that you have, and has the IPFS hash of it, will be able to convince you to distribute the file to them (whether you have a license to do so or not).
You might want to try Openstack. It is set up for running a multi-tenant cloud.
Seems to not be paying off though; having whole communities and instances close is pretty inconvenient.
Why does Lemmy even ship its own image host? There are plenty of places to upload images you want to post that are already good at hosting images, arguably better than pictrs is for some applications. Running your own opens up whole categories of new problems like this that are inessential to running a federated link aggregator. People selfhost Lemmy and turn around and dump the images for “their” image host in S3 anyway.
We should all get out of the image hosting business unless we really want to be there.
That could work fine, probably? Or you could use it on the same machine as other stuff.
No?
I mean, how else are you meant to play the game actually?
I guess you could be like opening ports just to particular IPs. And you need a game that isn’t Swiss cheese that gets immediately hacked.
But like hackers don’t sort of seep in through port forwards; they need to physically identify and exploit a particular vulnerability.