11 lines
26 KiB
HTML
11 lines
26 KiB
HTML
|
<!doctype html><html lang=en dir=auto><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="index, follow"><title>Jake's Weekly - 14th March 2022 | Jake Hillion</title><meta name=keywords content><meta name=description content="Research Project Read Capsicum (Watson et al., 2010) I re-read this paper, but in the context of my project’s work, it provided some incredibly useful insight. I’ve listed the most important takeaways here, but there are more.
|
|||
|
|
My niche might now be figured out. Capsicum discusses eliminating dual-coding by only being in the code, at the cost of potential static analysis. By using high-level language integrations, I think that my solution can achieve both being integral to the code and having a static description."><meta name=author content="Jake Hillion"><link rel=canonical href=https://blog.hillion.co.uk/posts/weekly-2022-03-14/><link crossorigin=anonymous href=/assets/css/stylesheet.min.48a18943c2fc15c38a372b8dde1f5e5dc0bc64fa6cb90f5a817d2f8c76b7f3ae.css integrity="sha256-SKGJQ8L8FcOKNyuN3h9eXcC8ZPpsuQ9agX0vjHa3864=" rel="preload stylesheet" as=style><script defer crossorigin=anonymous src=/assets/js/highlight.min.b95bacdc39e37a332a9f883b1e78be4abc1fdca2bc1f2641f55e3cd3dabd4d61.js integrity="sha256-uVus3DnjejMqn4g7Hni+Srwf3KK8HyZB9V4809q9TWE=" onload=hljs.initHighlightingOnLoad()></script>
|
|||
|
|
<link rel=icon href=https://blog.hillion.co.uk/favicon.ico><link rel=icon type=image/png sizes=16x16 href=https://blog.hillion.co.uk/favicon-16x16.png><link rel=icon type=image/png sizes=32x32 href=https://blog.hillion.co.uk/favicon-32x32.png><link rel=apple-touch-icon href=https://blog.hillion.co.uk/apple-touch-icon.png><link rel=mask-icon href=https://blog.hillion.co.uk/safari-pinned-tab.svg><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><noscript><style>#theme-toggle,.top-link{display:none}</style><style>@media(prefers-color-scheme:dark){:root{--theme:rgb(29, 30, 32);--entry:rgb(46, 46, 51);--primary:rgb(218, 218, 219);--secondary:rgb(155, 156, 157);--tertiary:rgb(65, 66, 68);--content:rgb(196, 196, 197);--hljs-bg:rgb(46, 46, 51);--code-bg:rgb(55, 56, 62);--border:rgb(51, 51, 51)}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}</style></noscript><script async src="https://www.googletagmanager.com/gtag/js?id=G-4CXXF49E7M"></script>
|
|||
|
|
<script>var doNotTrack=!1;if(!doNotTrack){window.dataLayer=window.dataLayer||[];function gtag(){dataLayer.push(arguments)}gtag("js",new Date),gtag("config","G-4CXXF49E7M",{anonymize_ip:!1})}</script><meta property="og:title" content="Jake's Weekly - 14th March 2022"><meta property="og:description" content="Research Project Read Capsicum (Watson et al., 2010) I re-read this paper, but in the context of my project’s work, it provided some incredibly useful insight. I’ve listed the most important takeaways here, but there are more.
|
|||
|
|
My niche might now be figured out. Capsicum discusses eliminating dual-coding by only being in the code, at the cost of potential static analysis. By using high-level language integrations, I think that my solution can achieve both being integral to the code and having a static description."><meta property="og:type" content="article"><meta property="og:url" content="https://blog.hillion.co.uk/posts/weekly-2022-03-14/"><meta property="article:section" content="posts"><meta property="article:published_time" content="2022-03-14T11:00:00+00:00"><meta property="article:modified_time" content="2022-03-14T11:00:00+00:00"><meta property="og:site_name" content="Jake Hillion"><meta name=twitter:card content="summary"><meta name=twitter:title content="Jake's Weekly - 14th March 2022"><meta name=twitter:description content="Research Project Read Capsicum (Watson et al., 2010) I re-read this paper, but in the context of my project’s work, it provided some incredibly useful insight. I’ve listed the most important takeaways here, but there are more.
|
|||
|
|
My niche might now be figured out. Capsicum discusses eliminating dual-coding by only being in the code, at the cost of potential static analysis. By using high-level language integrations, I think that my solution can achieve both being integral to the code and having a static description."><script type=application/ld+json>{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Posts","item":"https://blog.hillion.co.uk/posts/"},{"@type":"ListItem","position":2,"name":"Jake's Weekly - 14th March 2022","item":"https://blog.hillion.co.uk/posts/weekly-2022-03-14/"}]}</script><script type=application/ld+json>{"@context":"https://schema.org","@type":"BlogPosting","headline":"Jake's Weekly - 14th March 2022","name":"Jake\u0027s Weekly - 14th March 2022","description":"Research Project Read Capsicum (Watson et al., 2010) I re-read this paper, but in the context of my project\u0026rsquo;s work, it provided some incredibly useful insight. I\u0026rsquo;ve listed the most important takeaways here, but there are more.\nMy niche might now be figured out. Capsicum discusses eliminating dual-coding by only being in the code, at the cost of potential static analysis. By using high-level language integrations, I think that my solution can achieve both being integral to the code and having a static description.","keywords":[],"articleBody":"Research Project Read Capsicum (Watson et al., 2010) I re-read this paper, but in the context of my project’s work, it provided some incredibly useful insight. I’ve listed the most important takeaways here, but there are more.\nMy niche might now be figured out. Capsicum discusses eliminating dual-coding by only being in the code, at the cost of potential static analysis. By using high-level language integrations, I think that my solution can achieve both being integral to the code and having a static description.\nI should replace my cp example with modifying gzip. They run into very similar privilege separation problems but gzip is a bit more interesting and allows for comparison with Capsicum if it becomes relevant.\nMany of the figures align well with what I’m trying to achieve. Learning from some of these and creating similar for my project will likely be valuable.\nThe overall conclusions here is that the work is fairly similar but taking a different approach. Comparisons are worthwhile.\nWrote an early dissertation draft I’ve been in a bit of a slump and some of the work directions were feeling a little aimless. To counteract this, I have written a dissertation draft (pre-alpha…).\nIn the ACM paper format, as I have become most familiar with reading and reviewing papers of this format. This will (hopefully) allow me to review my own work effectively.\nWrote a related work section.\nStarted defining a threat model, may expand it depending on how much room is available.\nStarted defining the unique contributions of this project.\nWrote some filler on related work (containers, systemd and Capsicum).\nStarted creating figures (these are also very alpha).\nWrote code listings and text as if features are finished, to motivate finishing the features.\nThe work is available here on Overleaf (permissions required), here on Gitea (no permissions required), and a current draft is available here.\nUp Next This up next section is built from the gaps found when writing my draft. That is, the features which are best suited to make the dissertation flow properly.\nAnalyse the different file descriptor passing methods and finish §3.1 with a comparison.\nFinish networking. A clear design for this now exists in Figure 2.\nWrite an overrides system for the specification. E.g. a DNS server might default to port 53 statically, but there needs to be some way to modify this when executing the application. Should be trivial. Write a very basic TLS server (perhaps hello world) to take advantage of this before moving on to the proper TLS server. Write a privilege separated gzip.\nWorking on the language frontend for Rust (first) is going to be extre
|
|||
|
|
<span class=logo-switches><button id=theme-toggle accesskey=t title="(Alt + T)"><svg id="moon" xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1111.21 3 7 7 0 0021 12.79z"/></svg><svg id="sun" xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg></button></span></div><ul id=menu><li><a href=https://blog.hillion.co.uk/categories/ title=categories><span>categories</span></a></li><li><a href=https://blog.hillion.co.uk/tags/ title=tags><span>tags</span></a></li></ul></nav></header><main class=main><article class=post-single><header class=post-header><div class=breadcrumbs><a href=https://blog.hillion.co.uk/>Home</a> » <a href=https://blog.hillion.co.uk/posts/>Posts</a></div><h1 class=post-title>Jake's Weekly - 14th March 2022</h1><div class=post-meta><span title='2022-03-14 11:00:00 +0000 UTC'>March 14, 2022</span> · 3 min · Jake Hillion</div></header><div class=post-content><h2 id=research-project>Research Project<a hidden class=anchor aria-hidden=true href=#research-project>#</a></h2><h3 id=read-capsicum-watson-et-al-2010>Read Capsicum (Watson et al., 2010)<a hidden class=anchor aria-hidden=true href=#read-capsicum-watson-et-al-2010>#</a></h3><p>I re-read this paper, but in the context of my project’s work, it provided some incredibly useful insight. I’ve listed the most important takeaways here, but there are more.</p><ul><li><p>My niche might now be figured out. Capsicum discusses eliminating dual-coding by only being in the code, at the cost of potential static analysis. By using high-level language integrations, I think that my solution can achieve both being integral to the code and having a static description.</p></li><li><p>I should replace my <code>cp</code> example with modifying <code>gzip</code>. They run into very similar privilege separation problems but <code>gzip</code> is a bit more interesting and allows for comparison with Capsicum if it becomes relevant.</p></li><li><p>Many of the figures align well with what I’m trying to achieve. Learning from some of these and creating similar for my project will likely be valuable.</p></li></ul><p>The overall conclusions here is that the work is fairly similar but taking a different approach. Comparisons are worthwhile.</p><h3 id=wrote-an-early-dissertation-draft>Wrote an early dissertation draft<a hidden class=anchor aria-hidden=true href=#wrote-an-early-dissertation-draft>#</a></h3><p>I’ve been in a bit of a slump and some of the work directions were feeling a little aimless. To counteract this, I have written a dissertation draft (pre-alpha…).</p><ul><li><p>In the ACM paper format, as I have become most familiar with reading and reviewing papers of this format. This will (hopefully) allow me to review my own work effectively.</p></li><li><p>Wrote a related work section.</p></li><li><p>Started defining a threat model, may expand it depending on how much room is available.</p></li><li><p>Started defining the unique contributions of this project.</p></li><li><p>Wrote some filler on related work (containers, systemd and Capsicum).</p></li><li><p>Started creating figures (these are also very alpha).</p></li><li><p>Wrote code listings and text as if features are finished, to motivate finishing the features.</p></li><li><p>The work is available <a href=https://www.overleaf.com/project/6227c8e96fcdc06e56454f24>here</a> on Overleaf (permissions required), <a href
|
|||
|
|
<a class=next href=https://blog.hillion.co.uk/posts/drone-hack/><span class=title>Next Page »</span><br><span>Drone CI and Crypto Honeypots 💰🍯📚</span></a></nav><div class=share-buttons><a target=_blank rel="noopener noreferrer" aria-label="share Jake's Weekly - 14th March 2022 on twitter" href="https://twitter.com/intent/tweet/?text=Jake%27s%20Weekly%20-%2014th%20March%202022&url=https%3a%2f%2fblog.hillion.co.uk%2fposts%2fweekly-2022-03-14%2f&hashtags="><svg viewBox="0 0 512 512"><path d="M449.446.0C483.971.0 512 28.03 512 62.554v386.892C512 483.97 483.97 512 449.446 512H62.554c-34.524.0-62.554-28.03-62.554-62.554V62.554c0-34.524 28.029-62.554 62.554-62.554h386.892zM195.519 424.544c135.939.0 210.268-112.643 210.268-210.268.0-3.218.0-6.437-.153-9.502 14.406-10.421 26.973-23.448 36.935-38.314-13.18 5.824-27.433 9.809-42.452 11.648 15.326-9.196 26.973-23.602 32.49-40.92-14.252 8.429-30.038 14.56-46.896 17.931-13.487-14.406-32.644-23.295-53.946-23.295-40.767.0-73.87 33.104-73.87 73.87.0 5.824.613 11.494 1.992 16.858-61.456-3.065-115.862-32.49-152.337-77.241-6.284 10.881-9.962 23.601-9.962 37.088.0 25.594 13.027 48.276 32.95 61.456-12.107-.307-23.448-3.678-33.41-9.196v.92c0 35.862 25.441 65.594 59.311 72.49-6.13 1.686-12.72 2.606-19.464 2.606-4.751.0-9.348-.46-13.946-1.38 9.349 29.426 36.628 50.728 68.965 51.341-25.287 19.771-57.164 31.571-91.8 31.571-5.977.0-11.801-.306-17.625-1.073 32.337 21.15 71.264 33.41 112.95 33.41z"/></svg></a><a target=_blank rel="noopener noreferrer" aria-label="share Jake's Weekly - 14th March 2022 on linkedin" href="https://www.linkedin.com/shareArticle?mini=true&url=https%3a%2f%2fblog.hillion.co.uk%2fposts%2fweekly-2022-03-14%2f&title=Jake%27s%20Weekly%20-%2014th%20March%202022&summary=Jake%27s%20Weekly%20-%2014th%20March%202022&source=https%3a%2f%2fblog.hillion.co.uk%2fposts%2fweekly-2022-03-14%2f"><svg viewBox="0 0 512 512"><path d="M449.446.0C483.971.0 512 28.03 512 62.554v386.892C512 483.97 483.97 512 449.446 512H62.554c-34.524.0-62.554-28.03-62.554-62.554V62.554c0-34.524 28.029-62.554 62.554-62.554h386.892zM160.461 423.278V197.561h-75.04v225.717h75.04zm270.539.0V293.839c0-69.333-37.018-101.586-86.381-101.586-39.804.0-57.634 21.891-67.617 37.266v-31.958h-75.021c.995 21.181.0 225.717.0 225.717h75.02V297.222c0-6.748.486-13.492 2.474-18.315 5.414-13.475 17.767-27.434 38.494-27.434 27.135.0 38.007 20.707 38.007 51.037v120.768H431zM123.448 88.722C97.774 88.722 81 105.601 81 127.724c0 21.658 16.264 39.002 41.455 39.002h.484c26.165.0 42.452-17.344 42.452-39.002-.485-22.092-16.241-38.954-41.943-39.002z"/></svg></a><a target=_blank rel="noopener noreferrer" aria-label="share Jake's Weekly - 14th March 2022 on reddit" href="https://reddit.com/submit?url=https%3a%2f%2fblog.hillion.co.uk%2fposts%2fweekly-2022-03-14%2f&title=Jake%27s%20Weekly%20-%2014th%20March%202022"><svg viewBox="0 0 512 512"><path d="M449.446.0C483.971.0 512 28.03 512 62.554v386.892C512 483.97 483.97 512 449.446 512H62.554c-34.524.0-62.554-28.03-62.554-62.554V62.554c0-34.524 28.029-62.554 62.554-62.554h386.892zM446 265.638c0-22.964-18.616-41.58-41.58-41.58-11.211.0-21.361 4.457-28.841 11.666-28.424-20.508-67.586-33.757-111.204-35.278l18.941-89.121 61.884 13.157c.756 15.734 13.642 28.29 29.56 28.29 16.407.0 29.706-13.299 29.706-29.701.0-16.403-13.299-29.702-29.706-29.702-11.666.0-21.657 6.792-26.515 16.578l-69.105-14.69c-1.922-.418-3.939-.042-5.585 1.036-1.658 1.073-2.811 2.761-3.224 4.686l-21.152 99.438c-44.258 1.228-84.046 14.494-112.837 35.232-7.468-7.164-17.589-11.591-28.757-11.591-22.965.0-41.585 18.616-41.585 41.58.0 16.896 10.095 31.41 24.568 37.918-.639 4.135-.99 8.328-.99 12.576.0 63.977 74.469 115.836 166.33 115.836s166.334-51.859 166.334-115.836c0-4.218-.347-8.387-.977-12.493 14.564-6.47 24.735-21.034 24.735-38.001zM326.526 373.831c-20.27 20.241-59.115 21.816-70.534 21.816-11.428.0-50.277-1.575-70.522-21.82-3.007-3.008-3.007-7.882.0-10.889 3.003-2.999 7.882-3.003 10.885.0 12.777 12.781 40.11 17.317 59.637 17.317 19.522.0 46.86-4.536 59.657-17.321 3.016-2.999 7.886-2.995 10.885.008 3.008 3.011 3.003 7.882-.008 10.8
|
|||
|
|
<span>Powered by
|
|||
|
|
<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
|
|||
|
|
<a href=https://git.io/hugopapermod rel=noopener target=_blank>PaperMod</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg></a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script><script>document.getElementById("theme-toggle").addEventListener("click",()=>{document.body.className.includes("dark")?(document.body.classList.remove("dark"),localStorage.setItem("pref-theme","light")):(document.body.classList.add("dark"),localStorage.setItem("pref-theme","dark"))})</script></body></html>
|