What's called "Roman law" in Europe derives from the Justinian Code, which was nominally a codification of but in many respects a radical reinterpretation of late roman law. Prior to the Justinian Code, and especially Scholastic era glosses, Roman law was arguably more like a very rigid style of common law; that is, requiring judges to hew closely to precedent rather than applying abstract legal principles.
It was the rediscovery of the Justinian Code during the Scholastic age which kickstarted a blossoming of legal theory in Europe. But they didn't understand that the Justinian Code wasn't a reflection of Roman law so much as a reflection of Emperor Justinian's reforms, which were in part an attempt to reassert control over and simplify the legal system.
The modern mass can be done ad orientem. The switch of orientation was only permitted, not required, in the Novus Ordo.
Most of the changes people associate with the Novus Ordo were completely optional and often not even expected to have become so common. This is why all the popes have been exasperated, to varying extents, with the Latin Mass movement. Literally nothing prevents dioceses from celebrating the Novus Ordo mass in Latin, ad orientem, chanting, etc.
What's colloquially called the Latin Mass is the Tridentine Mass, which among other things uses a different calendar, including different biblical readings each week (a smaller selection of biblical passages than the Novus Ordo uses). So it's not just a variation of the Novus Ordo, though the Novus Ordo could be performed in a way that satisfies the vast majority of traditional-minded parishioners. It's exasperating because certain ideologues behind the movement are elevating small changes into pseudo-doctrinal issues that have a tendency to lead to schism. The Orthodox churches have fractured over the centuries over calendar related issues, for example. It's fundamentally traditionalism for traditionalism's sake, which is a little ironic because in many respects the Novus Ordo reverts the mass to an older form more similar to the practices of the church over a millennia ago, as well as more similar in some respects to Orthodox masses.
If the Latin Mass advocates were serious, they'd engage with the Novus Ordo. For example, seek more uniformity--the Novus Ordo has too many optional variations, which means the mass might have different prayers in one geographic area than another, whereas the Tridentine Mass is more uniform. (See, e.g., https://lms.org.uk/missals) The fact they don't betrays some of the underlying motivations and dynamics.
Another aspect mostly unrelated to the mass itself was the Second Vatican Council deemphasisizing the role of clerics and religious--nuns, religious sisters, etc. That's a whole 'nother thing, but it's a significant factor behind the movement. It's far more understandable, but again can be addressed directly, without the subterfuge.
All institutional religions struggle with the tension between traditionalists and reformers; it's a form of politics. What has made the Roman Catholic church almost singularly unique has been it's ability to hold together so many people across diverse cultures and geographies. What's playing out now has played out many times before, though obviously the Roman Church has not always been successful at avoiding schism. Notably, though, it continues to keep in mind undoing previous schisms, and some choices made by the Second Vatican Council were focused on reconciliation, both with Protestant but also Orthodox churches. For example, the change in biblical readings seems to have been aimed at Protestantism--the readings in the US are coordinated through a group that includes representatives from, IIRC, Methodists and Episcopalians. Being less doctrinaire about some of the prayers in the Tridentine Mass was a way to affirm the validity of Orthodox rites.
> Now, is it exploitable that `find` also reads the uninitialized auto variable `status` (UB) from a `waitpid(&status)` before checking if `waitpid()` returned error? (not reported) I can't imagine an architecture or compiler where it would be, no.
The only signal handler find installs is for SIGINFO, and it uses the SA_RESTART flag, so EINTR can be ruled out. The pid argument is definitely valid as you can't reach the above if it wasn't, and there's no other way for the child process to be reaped[1], so no ECHILD.
A check should probably be added in case the situation changes in the future, triggering spooky action at a distance, or were that code to be copy+pasted somewhere where the invariants didn't hold. But I think the current code in its current context is, strictly speaking, correct as-is.
[1] OpenBSD lacks the kernel features for such surprises that might theoretically be possible on Linux.
Indeed. That's why I didn't deem it worth reporting.
But in my code, I would have fixed for the reasons you mention. Sprinkle enough of these around, and some low percentage will in the future have its assumption invalidated.
No. You only get EINTR when a signal handler fires and you didn't use the SA_RESTART flag with sigaction. If you don't install any signal handlers, or you use SA_RESTART on all handlers, or you've blocked/masked all signals (or at least the ones with handlers), you won't get EINTR.
When writing library code, it's important to consider EINTR because you can't know about signal dispositions. Though, the common practice of looping on EINTR kind of defeats the purpose.
unveil was designed and intended to effectively sandbox root when combined with sufficiently strict pledge permissions. I don't think this exploit would have effected any existing OpenBSD services, but sometimes services need to keep around processes with higher privileges than the network-facing process, yet you still want to sandbox them as much as possible. For example, sshd uses a special auth process, and that process needs higher privileges to be able to access the password database. On OpenBSD this auth process doesn't need root, but there may be similar cases where you want to use unveil with a root process for defense-in-depth. Suffice it to say, it would be foolish to only use unveil with such processes.
The bug here actually involved the intersection of unveil and pledge. IIUC, it was more a pledge bug that accidentally allowed bypassing unveil checks.
All OpenBSD services, including HTTP (httpd), SMTP (smtpd), and DNS (nsd, unbound, unwind), use privilege separation and sandbox themselves with pledge and either unveil or chroot. There's no extra configuration. And the developers dog-food these services; it's why they're in the base system.
How many Linux services use seccomp? Or chroot, mount namespaces, or landlock? If they do at all, it's usually imposed externally by systemd or docker, in which case they usually run with overly broad permissions because there's no integration with the specific application code, thus the AF_ALG exploits in containers. On OpenBSD services continue to narrow their privileges after starting up so by the time an external request is serviced they have only minimal access to syscalls and the filesystem, often only read/write/send/recv syscalls, and if open is allowed only the specific files and directories needed to service requests. Typically even the network-facing daemon accepting TLS connections doesn't have access to the private key--you simply can't do that by running a vanilla service application in docker.
Does OpenBSD have bugs? Of course. The question is, which environment has more trustworthy backstops? The Linux kernel provides all the facilities, but they're not used effectively, for many reasons.
Mencken's cynicism and mockery were arguably the type of thing Kierkegaard lamented, and perhaps in a sense were more a cause of social breakdown more than a consequence.
From reading his journals the editor of the Corsair publicly mocked him and used the paper to hide behind (in the name of journalism). His lamentations on journalism are very much due to this personal attack and he does name the perpetrator in his writings.
Kierkegaard himself had his targets for cynicism, primarily the state church (Danish Lutheran) that he attacked endlessly in his writings.
Russia also does this, with both drones and missiles. It also sends cheap decoys mixed in with the Shaheds, because it turns out they're not as cheap and plentiful as people think, especially when you're trying to hit hard targets.
The concept of fundamental human rights is certainly new, but our notion of intrinsic human value (and intrinsic value of other life and things) arises from our empathy, which at least in its degree is perhaps our most important defining trait as a species. (Our empathy may have been a prerequisite for the emergence of our intelligence.)
Conflating the two is why some people have trouble understanding why religions like Buddhism and Christianity seemed to tolerate so much inequality and violence; or more generally just assumed people writ large were historically more callous and uncaring than today.
Arguably one of the downsides, though, to a focus on rights vs intrinsic value is that rights are typically couched in materialist terms. Most of the time that's probably for the better, but sometimes maybe not.
Dogs show empathy towards not only dogs and humans, but even baby birds and rabbits - animals which one would expect to be viewed as pure caloric units, sans empathy.
Whales show empathy towards their young, and towards humans.
Male "loner" lions have been known to show empathic protection toward human and antelope young in the bush.
It's increasingly hard to define a clear difference between Humans and "mere Animals"; empathy is emphatically not a clear difference.
To date, fear of vacuum cleaners may well be the only known difference.
Sure, just like many other animals exhibit analytical intelligence and complex communication. The seeds are there. The distinction is by degree, but the gap is pretty wide in all three cases.
No other species has been shown to systematically display non-kin, non-mating-system altruism (for which empathy is probably an integral component). It seems likely you need systematic non-kin altruism to achieve the ubiquitous, complex cooperation humans exhibit. And that complex cooperation is probably a prerequisite to make our degree of intelligence evolutionarily profitable. Otherwise human-level intelligence should be more common than our immediate lineage. (Some cousin species may very well have been smarter or more cooperative than us; relatively speaking it could be homo sapiens found a more effective equilibrium. Nonetheless our immediate lineage seems to be the only one to break through the selfish gene bottleneck that restricts other species along these axes.)
Lasers obey the inverse square law as perfect collimation isn't possible. But I guess as a practical matter it does make it easier to achieve a particular energy level at a target. You still apparently need megawatt scale lasers just to discern a signal from Alpha Centauri, though: https://academic.oup.com/mnras/article/516/2/2938/6668809 (I dunno how to calculate the other way around--from here to there--as it's partly a function of the origin star's luminosity.)
It was the rediscovery of the Justinian Code during the Scholastic age which kickstarted a blossoming of legal theory in Europe. But they didn't understand that the Justinian Code wasn't a reflection of Roman law so much as a reflection of Emperor Justinian's reforms, which were in part an attempt to reassert control over and simplify the legal system.
reply