Skip to content

Instantly share code, notes, and snippets.

@jessfraz
jessfraz / proposal.md
Created February 3, 2017 00:09
High-Level Security Profile Generator

High-Level Security Profile Generator

(originally from my proposal on moby/moby#17142 (comment) but generic)

The profile would generate artificats of an apparmor profile and seccomp filters.

Obviously doesn't have to be toml since that's super hipster :p

Assumptions

  • no one is going to sit and write out all the syscalls/capabilities their app needs
  • automatic profiling would be super cool but like aa-genprof it is never
@talyian
talyian / A_Blitz_FSharp
Last active September 28, 2018 15:22
POC for New Breve Idea
Breve was designed as a backwards-compatible Blitz replacement that does safe context-aware sanitization.
The current architecture uses Blitz's parser frontend + Latte as a context-aware backend to achieve this goal. This was because I figured writing a context-aware HTML+macro parser was harder than re-implementing Blitz's logic flows (blocks, variable lookups, partial templates, etc.) in Latte.
As it turns out, reimplementing logic is a difficult problem. An alternate solution would be to write our own Blitz-compatible frontend that just adds context-aware output and delegates to Blitz for the logic implementation. This is a Proof of concept that shows it isn't that bad in a language that makes writing parsers easy.
@kachayev
kachayev / css-parser.md
Last active November 12, 2022 04:20
Parsing CSS file with monadic parser in Clojure
@lukehefson
lukehefson / uninstall-GHfM.sh
Created November 27, 2013 13:48
Completely uninstall GitHub for Mac
#!/bin/bash
function remove_dir () {
rm -rf "$1_"
if [ -d "$1" ]
then
mv "$1" "$1_"
fi
}
@erikreagan
erikreagan / mac-apps.md
Created August 4, 2012 19:18
Mac developer must-haves

Mac web developer apps

This gist's comment stream is a collection of webdev apps for OS X. Feel free to add links to apps you like, just make sure you add some context to what it does — either from the creator's website or your own thoughts.

— Erik