Message from @shadowedROM
Discord ID: 225429801035497474
what do you work on nowadays?
infra stuff, the meta task of spinning up lots of your SaaS webapps
and keeping all the plates in the air, monitored and not pwned by the worst enemy: ourselves
accidentally pwning your webapps?
it happens
people aren't that good
I got a piece of software running in the wild
someone bought it
It's made to download spotify songs with a web interface
The input for the url is directly pipped into command line as root
without input santization
It's not pwned yet!
there's a laundry list of stuff you watch out for but yeah i mean, your rinkydink app probabilistically isn't an attractive target to anyone besides folks hunting for trophies right
there's xss stuff in addition to input sql / stack smash attacks or whatever
but i was actually referring to devs who push out malperforming code
it happens way too often, stupid race conditions esp with front end js these days, which is really frustrating because that's tough to run a test for; it's the halting problem etc
but yeah sometimes the old dumb use of ORM knocks down a DB and whoops there goes our weekend
oh so
with AWS there's a cheat code there in the form of being able to feed more horsepower to dynamoDB and such
and that's basically where people fuck themselves
it's enough to make someone want to stop doing tech stuff and go into ... marketing or something. :/
too many incompetents
where you from?
Temping to assume US
nyc
so my experience is likely colored
I keep hearing they got good devs in general in the US
hell no
we have a large sample space is all
there's a toxic work culture thing in tech the past few years where everyone wants their teams to work like it's a startup and put in 60 hours a week to push inane projects out
likely not going away
btw sorry to interrupt
but where tf is the php.ini file
which os? usually /etc/php/php.ini no
linux yea
ubuntu
it's not there
It was there like a month ago
find . | grep php
I remember editing it
are you using php-fpm