All of the things you listed are ops topics. But sockets are a programming concept.

I would expect a person with 10+ years of Unix sysadmin experience — but who has never programmed directly against any OS APIs, “merely” scripting together invocations of userland CLI tools — to have exactly this kind of lopsided knowledge.

(And that pattern is more common than you might think; if you remember installing early SuSE or Slackware on a random beige box, it probably applies to you!)

As a blogger who makes similar assumptions, I think we depend on how a lot of us from that time "grew up" similarly. Sockets came to relevance later in my career compared to everything else listed here.

I haven't even realized that while I was reading the article, but it is amusing!

Though one explanation is that I think for the other stuff that the writer doesn't explain, one can just guess and be half right, and even if the reader guesses wrong, isn't critical to the bug ­— but sockets and capabilities are the concepts that are required to understand the post.

It still is amusing and I wouldn't have even realized that until you pointed that out.

I found it interesting that they know how to use strace, but not how to list open files held by a process which to me seems simpler. Again, not criticism just an observation and I enjoyed the article

Most people these days are using http and don’t need to touch sockets. (Except for the people implementing http of course).

To be fair, it does link the CVE, so if you don't know what a CVE is, you can click the link.

I agree that it's amusing.

I mean, the title is a quote from Buckaroo Banzai. Lack of context is part of the fun!

I love mjd! He once replied to me on an HN thread and it lives forever in my memory :)

Mh, I am starting to dislike this kind of hyper-configurability.

I know when this was necessary and used it myself quite a bit. But today, couldn't we just open up a mount namespace and bind-mount something else to /tmp, like SystemDs private tempdirs? (Which broke a lot of assumptions about tmpdirs and caused a bit of ruckus, but on the other hand, I see their point by now)

I'm honestly starting to wonder about a lot of these really weird, prickly and fragile environment variables which cause security vulnerabilities, if low-overhead virtualization and namespacing/containers are available. This would also raise the security floor.

Vibe coded sleeper bugs have always been a thing, they just came from the bosses' nephew who was still learning PHP at the time and left several years ago.

Also, computers in 2015 were not meaningfully less complex than today. Certainly not when the topic is weird emacs and perl interactions.

From my perspective vibe coding was always a thing.

Yup. I nearly had this movie memorized when I was a child.

https://www.youtube.com/watch?v=aWXuDNmO7j8

Peter Weller, playing Buckaroo Banzai, is late for his military-particle-physics-interdimensional-jet-car test because he's helping Jeff Goldblum's character with neurosurgery. Later that day he will go play lead guitar in an ensemble.

Scriptwriting gurus advise that your protagonist should have flaws and character progression. The writers of this movie disagree.