Message from @shadowedROM
Discord ID: 225430244516036608
someone bought it
It's made to download spotify songs with a web interface
The input for the url is directly pipped into command line as root
without input santization
It's not pwned yet!
there's a laundry list of stuff you watch out for but yeah i mean, your rinkydink app probabilistically isn't an attractive target to anyone besides folks hunting for trophies right
there's xss stuff in addition to input sql / stack smash attacks or whatever
but i was actually referring to devs who push out malperforming code
it happens way too often, stupid race conditions esp with front end js these days, which is really frustrating because that's tough to run a test for; it's the halting problem etc
but yeah sometimes the old dumb use of ORM knocks down a DB and whoops there goes our weekend
oh so
with AWS there's a cheat code there in the form of being able to feed more horsepower to dynamoDB and such
and that's basically where people fuck themselves
it's enough to make someone want to stop doing tech stuff and go into ... marketing or something. :/
too many incompetents
where you from?
Temping to assume US
nyc
so my experience is likely colored
I keep hearing they got good devs in general in the US
we have a large sample space is all
there's a toxic work culture thing in tech the past few years where everyone wants their teams to work like it's a startup and put in 60 hours a week to push inane projects out
likely not going away
btw sorry to interrupt
but where tf is the php.ini file
which os? usually /etc/php/php.ini no
linux yea
ubuntu
it's not there
It was there like a month ago
find . | grep php
I remember editing it
are you using php-fpm
no i dont think so, i dont remember
using it with apache
on my machine it's /etc/php5/fpm/php.ini, but i'm using php-fpm
the non-fpm one is likely /etc/php5/cli/php.ini
that's on a debian box
should be the same.
anyways I'll find it someday... so you worked in on of those startups minus the fun?