Friday, February 14, 2020

Digest for comp.lang.c++@googlegroups.com - 22 updates in 5 topics

Nikki Locke <nikki@trumphurst.com>: Feb 14 11:23PM

Available C++ Libraries FAQ
 
URL: http://www.trumphurst.com/cpplibs/
 
This is a searchable list of libraries and utilities (both free
and commercial) available to C++ programmers.
 
If you know of a library which is not in the list, why not fill
in the form at http://www.trumphurst.com/cpplibs/cppsub.php
 
Maintainer: Nikki Locke - if you wish to contact me, please use the form on the website.
Melzzzzz <Melzzzzz@zzzzz.com>: Feb 14 06:02AM

> guarantee myself that I'm using RAM by going with a shared memory
> object instead.
 
> Any advice or ideas on this?
https://wiki.wireshark.org/CaptureSetup/CapturePrivileges
 
--
press any key to continue or any other to quit...
U ničemu ja ne uživam kao u svom statusu INVALIDA -- Zli Zec
Svi smo svedoci - oko 3 godine intenzivne propagande je dovoljno da jedan narod poludi -- Zli Zec
Na divljem zapadu i nije bilo tako puno nasilja, upravo zato jer su svi
bili naoruzani. -- Mladen Gogala
jak <nospam@please.ty>: Feb 14 07:38AM +0100

Il 13/02/2020 21:24, Frederick Gotham ha scritto:
>> standard Unix way of doing it, and
>> maybe some Linux-specific ones, too.
 
> Kindly illuminate me.
 
Hi,
you could try this way:
 
- change owner of your program to root
chown root YourProgram
- change file permission from -r-xr-xr-x to -r-sr-xr-x
chmod u+s YourProgram
- now call setuid system call from main function of you program
with 0 as parameter and the owner of your program will be root.
Frederick Gotham <cauldwell.thomas@gmail.com>: Feb 14 01:26AM -0800

[QUOTE]
By the way, after thinking about it for a minute... my main application is actually in memory three times. There's the first one when the global data of the 'starter' program is loaded. There's the second one when I copy it into the shared memory object, and there's the third one when I execute "/dev/shm/prog_binary".
[/QUOTE]
 
If I wanted to be a real miser with RAM then I could get my main application to reuse the memory that is wasted by the starter program.
David Brown <david.brown@hesbynett.no>: Feb 14 10:38AM +0100

On 13/02/2020 14:58, Frederick Gotham wrote:
 
> shared memory object will be accessible at "/dev/shm/prog_binary". As
> everything is a file in Linux, I can then set the execution bit on
> "/dev/shm/prog_binary" and then try to start it as root.
 
I can tell you that this is /not/ going to be popular with anyone who
takes their security seriously. You want to create a program on the fly
to run as root, and delete it afterwards? Can you imagine a better way
to make the program look like malware?
 
> want to guarantee myself that I'm using RAM by going with a shared
> memory object instead.
 
> Any advice or ideas on this?
 
Yes. Drop the "single executable" idea. It is silly - it offers
negligible benefits at a very high price.
 
If you want to provide a program that people have to run as root, you
have several sensible options:
 
1. Provide the program as an archive (tgz, typically). Include an
installer that people have to run as root, that copies the program to a
suitable path (/usr/local/bin is the first choice), makes it owned by
root and sets the setuid bit.
 
2. Provide the program as an archive or single program, and require the
user to start it as root directly (with sudo or whatever method they
prefer).
 
3. Provide the program as a deb or rpm (or both).
 
4. Provide it as a flatpak.
Frederick Gotham <cauldwell.thomas@gmail.com>: Feb 14 02:55AM -0800

On Friday, February 14, 2020 at 9:38:43 AM UTC, David Brown wrote:
 
> to run as root, and delete it afterwards?
> Can you imagine a better way
> to make the program look like malware?
 
 
Noted.
 

> Yes. Drop the "single executable" idea. It is silly - it offers
> negligible benefits at a very high price.
 
 
Have you seen the website "https://portableapps.com/"? I want to have my application up on that website as an application that does not need to be installed (e.g. you can run it from a USB pen drive). To give an example, in the past I've found it very handy to run Mozilla Thunderbird as a portable app on a USB stick so that I can organise and check my emails in an internet café or on a friend's computer.
 
With that said though, a 'portable' app doesn't need to be just one file. It would be nice if it were just one file though.
 

<snip>
> installer that people have to run as root, that copies the program to a
> suitable path (/usr/local/bin is the first choice), makes it owned by
> root and sets the setuid bit.
<snip>
> 3. Provide the program as a deb or rpm (or both).
<snip>
 
 
I think that the best way to keep everyone happy is to provide 5 files with every new release of my application:
 
source_code.zip
mswin_installer.exe
mswin_portable.exe
linux_installer
linux_portable
 
So let's say, for instance, that you're running MS-Windows 10 on your desk PC at work. Well, you have the option of using the installer which will do everything the canonical way on Windows, e.g. installing to "C:\Program Files" and setting the file to be run as Administrator, and you also have the choice of using the 'portable' one which you can run from a USB pen drive.
 
By the way just now I found the coolest header file in the galaxy for embedding a binary inside another binary:
 
https://github.com/graphitemaster/incbin
Ralf Fassel <ralfixx@gmx.de>: Feb 14 12:19PM +0100

* Frederick Gotham <cauldwell.thomas@gmail.com>
| Up until now, the user has had to explicitly run the program as an
| Administrator (or as "root"). So if they run it as a normal user, it
| will load up and say "Failed to open network interface". I want to
| change this. If my program is run as a normal user then I want the
| user to be prompted to elevate to Administrator (or "root") and to
| input their password as necessary.
 
What exactly is your program doing that requires root access?
"Open network interface" can mean many things...
 
Opening TCP connections sure does not require root access unless you
are trying to provide a TCP server port <= 1024 on Linux...
 
R'
David Brown <david.brown@hesbynett.no>: Feb 14 12:35PM +0100

(Please get a proper newsreader, or if you must use google groups, get
your line lengths right. For most posts it is not much of a pain, but
when you have formatted text such as code or lists, other posters have
to make a lot of effort when replying if they want to avoid ruining the
formatting.)
 
On 14/02/2020 11:55, Frederick Gotham wrote:
> and check my emails in an internet café or on a friend's computer.
 
> With that said though, a 'portable' app doesn't need to be just one
> file. It would be nice if it were just one file though.
 
Yes, I have seen portable apps. I have found them useful sometimes on
Windows, but never felt the need on Linux. (Perhaps that's because the
main use I have had for portable apps is virus checkers, malware
scanners, and the like, for fixing broken or infected Windows machines.)
 
Another difference here is that every application installed on Windows
slows the whole thing down, and can't be fully uninstalled - there are
always files left, traces left, registry entries, etc. Portable apps
helps a Windows system avoid accumulating cruft, and can help keep it
workable for longer. This is not an issue on Linux systems, where
programs don't usually have a resource cost when they are not in use.
 
And again, I am unlikely to want to run a program from a USB stick as
root. And if I really /do/ want to do so, I'd be happy to do it using
sudo or su manually.
 
I don't know what your program is and who would use it. But I think you
need to think carefully about who will use it, why, and in what
circumstances. Do you really have a large target audience who would
want to run the program as a "portable app" on Linux systems, and who
are not sufficiently technical to handle the "run as root" themselves?
 
 
> By the way just now I found the coolest header file in the galaxy for
> embedding a binary inside another binary:
 
> https://github.com/graphitemaster/incbin
 
That's an interesting idea. I've had occasion to include binary files
in my code, but I do it with a simple Python script that turns the
binary into a C file with a const uint8_t array.
Frederick Gotham <cauldwell.thomas@gmail.com>: Feb 14 04:02AM -0800

On Friday, February 14, 2020 at 11:35:52 AM UTC, David Brown wrote:
 
> And again, I am unlikely to want to run a program from a USB stick as
> root. And if I really /do/ want to do so, I'd be happy to do it using
> sudo or su manually.
 
 
Of the 5 files provided with each release, it sounds like you would be one of the folks who go for the linux_installer. Some other dude from another town might go for linux_portable.
 
 
> I don't know what your program is and who would use it.
 
 
You set it to listen on a network interface and it gives you a long and detailed list of MAC addresses, IP addresses and port numbers observed. You can also send out ARP request in a particular range (e.g. 10.0.0.0/8), and finally you can send what I call an "internet probe" to every observed MAC address to see if you get any reply (thus indicating that the target MAC address is in fact a router with a route to the internet).
 
 
> circumstances. Do you really have a large target audience who would
> want to run the program as a "portable app" on Linux systems, and who
> are not sufficiently technical to handle the "run as root" themselves?
 
 
It would be cool if the Ubuntu guys would at some point allow me to add it into their "apt install" system. In this case I would make a .deb file that installs everything the right way on Ubuntu Linux. Right now the translation files (German, Irish) are embedded in the executable file but I can put them in the usual place on Ubuntu.
 
 
> That's an interesting idea. I've had occasion to include binary files
> in my code, but I do it with a simple Python script that turns the
> binary into a C file with a const uint8_t array.
 
 
I do pretty much exactly the same thing in one of my pre-build steps for my main application, however the "incbin.h" way of doing it is WAY faster at compiling. In my own project, I scan the current directory looking for translation files (*.mo) and country flags (*.png), and then I make char arrays out of each of them, and then these get embedded in my executable. I have automated it in such a way that you just need to add a translation file (e.g. es.mo) and a flag picture (e.g. es.png) to the directory and hit "make" and it pulls it into my main application automagically.
Ben Bacarisse <ben.usenet@bsb.me.uk>: Feb 14 01:00PM

Have you considered posting in group in which the replies you get will
be read and vetted by experts? If not, what is your objection to using
Usenet as it was intended?
 
(You've had at least one piece of incorrect advice already but in order
to constrain the thread from getting huge and off-topic it may not ever
be commented on.)
 
--
Ben.
David Brown <david.brown@hesbynett.no>: Feb 14 02:10PM +0100

On 14/02/2020 13:02, Frederick Gotham wrote:
> On Friday, February 14, 2020 at 11:35:52 AM UTC, David Brown wrote:
 
This is all getting really off-topic for this newsgroup. You might do
better in a Linux-specific group or reading some appropriate web resources.
 
 
> Of the 5 files provided with each release, it sounds like you would
> be one of the folks who go for the linux_installer. Some other dude
> from another town might go for linux_portable.
 
Or I might want to copy it manually to a chosen directory.
 
 
> probe" to every observed MAC address to see if you get any reply
> (thus indicating that the target MAC address is in fact a router with
> a route to the internet).
 
Anyone who should be using this program can do "sudo" or "su". If they
need hand-holding and point-and-droll interfaces to get superuser
privileges for a program, they should definitely not be doing this kind
of low-level network activity.
 
I'd even consider /requiring/ that the person be root to run the
program, to make it clear that this is not a toy for amateurs.
 
> .deb file that installs everything the right way on Ubuntu Linux.
> Right now the translation files (German, Irish) are embedded in the
> executable file but I can put them in the usual place on Ubuntu.
 
You don't need permission from Ubuntu to make a deb file. You don't
need permission from them to make a PPP repository that is simple for
Ubuntu users to use. (The same applies to other deb based
distributions, of which Ubuntu is only one, and equally to rpm
distributions and other types of distro.)
 
Make the deb, check it on a dozen different distros and versions
(VirtualBox is your friend here, especially with snapshots), and then
persuade the Ubuntu distributors to include your deb in their main
distros. (It makes more sense to go via Debian, then Ubuntu can inherit
it.)
 
Faff around with creating binaries on the fly, and other weird ideas,
and you can be confident that distros will reject it.
 
Frederick Gotham <cauldwell.thomas@gmail.com>: Feb 14 06:48AM -0800

On Friday, February 14, 2020 at 1:10:48 PM UTC, David Brown wrote:
 
> Faff around with creating binaries on the fly, and other weird ideas,
> and you can be confident that distros will reject it.
 
 
I'll only do this in the 'portable' versions. When it comes to a .deb file for Ubuntu, or an installer for MS-Windows, I will do everything the vanilla way.
Chris Vine <chris@cvine--nospam--.freeserve.co.uk>: Feb 14 06:48PM

On Fri, 14 Feb 2020 02:55:03 -0800 (PST)
> check my emails in an internet café or on a friend's computer.
 
> With that said though, a 'portable' app doesn't need to be just one
> file. It would be nice if it were just one file though.
 
The AppImage format for linux (look it up) is a single file which will
run from any filesystem. Done properly it works well but a lot of
contributor AppImages are total rubbish and don't include all
dependencies correctly. For an example of it done properly, look at the
libreoffice AppImage, which is excellent:
https://www.libreoffice.org/download/appimage/
"Chris M. Thomasson" <chris.m.thomasson.1@gmail.com>: Feb 13 11:53PM -0800

On 2/13/2020 11:43 AM, Manfred wrote:
>> cppreference, <url: https://en.cppreference.com/w/cpp/memory/shared_ptr
>>  >:
 
> Which means it should be changed into the following, right?
 
Right! Well, it sure damn should. Bingo. And it complies right up. I am
going to examine this is more detail. Thanks everybody.
 
:^)
 
"Chris M. Thomasson" <chris.m.thomasson.1@gmail.com>: Feb 14 12:15AM -0800

On 2/13/2020 11:43 AM, Manfred wrote:
> On 2/13/2020 3:34 PM, Alf P. Steinbach wrote:
>> On 13.02.2020 01:48, Chris M. Thomasson wrote:
>>> Can anybody else get this to compile:
[...]
> Which means it should be changed into the following, right?
[...]
 
Indeed. However, its funny to get the following output from:
___________________________
#include <iostream>
#include <memory>
#include <atomic>
 
struct foo
{
int m_a;
int m_b;
};
 
static std::shared_ptr<foo> g_bar;
// static std::atomic<std::shared_ptr<foo>> g_bar;
 
int main()
{
{
std::shared_ptr<foo> local = std::atomic_load(&g_bar);
 
std::cout << "local = " << local << "\n";
 
std::cout << "std::atomic_is_lock_free(&g_bar) = "
<< std::atomic_is_lock_free(&g_bar) << "\n";
}
 
return 0;
}
___________________________
 
 
On some online compilers:
___________________________
local = 0

 
std::atomic_is_lock_free(&g_bar) = 1
___________________________
 
 
1 is sometimes lock free wrt std::atomic_is_lock_free... I can see this
for a smart pointer. Others give 0. Well, there are ways to make it
always lock-free wrt grabbing a reference. Say, from that global g_bar.
 
The memory_order is nice for this as well:
 
std::atomic_load_explicit(&g_bar, std::memory_order_acquire);
 
or even:
 
std::shared_ptr<foo> local = std::atomic_load_explicit(&g_bar,
std::memory_order_relaxed);
 
It's using the C API, with is fine. It would be fun to use it with the
std::atomic<> in C++20. :^)
"Chris M. Thomasson" <chris.m.thomasson.1@gmail.com>: Feb 14 12:15AM -0800

On 2/12/2020 5:01 PM, Ian Collins wrote:
 
>> //static std::shared_ptr<foo> g_bar;
>> static std::atomic<std::shared_ptr<foo>> g_bar;
 
> I'm not sure if any tools support this C++20 feature yet!
 
Speaking of C++20... I am existed to see:
 
https://en.cppreference.com/w/cpp/atomic/atomic_wait
 
I need to dig into it more, but it sure looks like some sort of futex,
or eventcount.
"Chris M. Thomasson" <chris.m.thomasson.1@gmail.com>: Feb 14 12:23AM -0800

On 2/12/2020 4:48 PM, Chris M. Thomasson wrote:
[...]
 
Afaict, _if_ the following program indicates that shared_ptr is always
lock-free, then we can use it to build proxy collectors. Which can be an
interesting way to get a RCU like setup. Poor mans RCU, but very
scalable nonetheless. Great for read mostly scenarios.
__________________________
#include <iostream>
#include <memory>
#include <atomic>
 
struct foo
{
int m_a;
int m_b;
};
 
static std::shared_ptr<foo> g_bar;
// static std::atomic<std::shared_ptr<foo>> g_bar;
 
int main()
{
{
std::shared_ptr<foo> local = std::atomic_load(&g_bar);
 
std::cout << "local = " << local << "\n";
 
std::cout << "std::atomic_is_lock_free(&g_bar) = "
<< std::atomic_is_lock_free(&g_bar) << "\n";
}
 
return 0;
}
__________________________
 
 
If this gives:
__________________________
local = 0

 
std::atomic_is_lock_free(&g_bar) = 2
__________________________
 
 
we are in business!
"Öö Tiib" <ootiib@hot.ee>: Feb 14 02:16AM -0800

On Friday, 14 February 2020 10:23:43 UTC+2, Chris M. Thomasson wrote:
 
> std::atomic_is_lock_free(&g_bar) = 2
> __________________________
 
> we are in business!
 
With what you got that outcome?
 
http://coliru.stacked-crooked.com/a/ce4932794eb8edd0
http://coliru.stacked-crooked.com/a/4d6f517ea0d1e888
"Chris M. Thomasson" <chris.m.thomasson.1@gmail.com>: Feb 14 10:39AM -0800

On 2/14/2020 2:16 AM, Öö Tiib wrote:
>> __________________________
 
>> we are in business!
 
> With what you got that outcome?
 
So far, I have only managed to get an output of
std::atomic_is_lock_free(&g_bar) = 1 on:
 
https://www.onlinegdb.com/online_c++_compiler
 
We need to get a return value of 2 in order to use shared_ptr to create
a lock-free proxy collector.
 
"Chris M. Thomasson" <chris.m.thomasson.1@gmail.com>: Feb 14 10:43AM -0800

On 2/14/2020 10:39 AM, Chris M. Thomasson wrote:
> On 2/14/2020 2:16 AM, Öö Tiib wrote:
>> On Friday, 14 February 2020 10:23:43 UTC+2, Chris M. Thomasson  wrote:
>>> On 2/12/2020 4:48 PM, Chris M. Thomasson wrote:
[...]
> So far, I have only managed to get an output of
> std::atomic_is_lock_free(&g_bar) = 1 on:
 
> https://www.onlinegdb.com/online_c++_compiler
 
I forgot to give a direct link to the code:
 
https://onlinegdb.com/SyU-5vV7U
 
[...]
pmueller@sinelabore.com: Feb 14 09:14AM -0800

Hello list readers,
 
SinelaboreRT generates clean and robust C/C++ code
from UML state machine diagrams.
 
Features:
- Support for various UML modelling tools or built-in editor (EA, UModel, Modelio ...)
- Generates clear production quality code
- No run-time environment needed
- Special features for high availability systems
- Supports hierarchical designs
- No gap between design and code anymore!
 
If you want to give it a try please visit www.sinelabore.com
 
A demo version is available.
 
With best regards,
Peter Mueller
aminer68@gmail.com: Feb 14 07:42AM -0800

Hello,
 
 
About my EasyList now..
 
As you have noticed i have quickly in 1 day wrote 600 lines of new Delphi code of EasyList, and i have corrected the bugs in one more day, so in two days i have provided you with my EasyList that i think is stable and fast, and i have decided to write an EasyList with generics for Freepascal , it is now at version 1.25, but i think that EasyList for Delphi and Freepascal is much more "general", so you can look at the source code since i have provided you with it.
 
You can download my EasyList for Delphi and Freepascal from:
 
https://sites.google.com/site/scalable68/easylist-for-delphi-and-freepascal
 
And you can download my new EasyList with generics for Freepascal from:
 
https://sites.google.com/site/scalable68/easylist-with-generics-for-freepascal
 
 
You can port it to C++ if you want..
 
 
Thank you,
Amine Moulay Ramdane.
You received this digest because you're subscribed to updates for this group. You can change your settings on the group membership page.
To unsubscribe from this group and stop receiving emails from it send an email to comp.lang.c+++unsubscribe@googlegroups.com.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)