When a unix process is running in a directory, and that directory gets renamed, the process is taken on a ride to a new location in the filesystem. Suddenly, any "../" paths it might be using point to new, and unexpected locations.

This can be a source of interesting behavior, and also of security holes.

Suppose root is poking around in ~user/foo/bar/ and decides to vim ../../etc/conffile

If the user notices this process is running, they can mv ~/foo/bar /tmp and when vim saves the file, it will write to /tmp/bar/../../etc/conffile AKA /etc/conffile.

(Vim does warn that the file has changed while it was being edited. Other editors may not. Or root may be feeling especially BoFH and decide to overwrite the user's changes to their file. Or the rename could perhaps be carefully timed to avoid vim's overwrite protection.)

Or, suppose root, in the same place, decides to archive ../../etc with tar, and then delete it:

tar cf etc.tar ../../etc; rm -rf ../../etc

Now the user has some time to take root's shell on a ride, before the rm starts ... and make it delete all of /etc!

Anyone know if this class of security hole has a name?

July and August are always the months when I look at our garden and despair. Not for the usual reason --- weeds. But because perfection was not achieved.

This year, we're trying out drip irrigation, set on a timer to water for three hours twice a week. When I got the first monthly water bill, it had skyrocketed up $55. Yikes! Was the haul worth the sticker shock?

On the one hand...very much! All of that water has our asparagus sending up enough spears that we're harvesting a meal weekly, figuring we might as well pick the spears since the canopy is already completely full of happy, older fronds. At organic, summer prices, that pays for about half of our water bill right there.

And the cucumbers! I always succession plant in case bugs and disease get the early crops, which means we've been rolling in cukes. We eat about six a day and I've still been having to gift grocery bagsful to the neighbors.

Oh, and did I mention lettuce? Mark's gotten into the habit of making us salad for lunch every day, which can be tough in the summer. But drip is keeping leaf lettuce soft and delicious as long as I plant a new bed each month.

So what's the problem?

The walnut trees. We have a couple of largish black walnuts about fifteen feet from one corner of the garden and they never caused problems in the past. But I suspect irrigating strips of garden beds tempted walnut roots to concentrate their attention on my growing area. As you likely know, walnut roots produce toxic juglone. When many garden plants come in contact, they go kaput.

To cut a long story short, the first to wilt were the tomatoes. Then the summer squash --- we only got one zucchini! The pepper plants look okay, but they're barely producing. Even the green beans appear to have been hit.

And the walnuts are sandwiched right between the garden fence, the electric pole, and the road. I suspect we're going to have to hire a pro to cut them down. Expensive!

Hopefully that will be a one-time fix. The other issue, not so much.

The photo above shows my carrot bed. Notice how the only sizeable plants are right along the drip line? I started some more carrots inside (the tiny plants closer to the bucket) to fill in the gaps. Lesson learned --- drip irrigation isn't sufficient to get fall crops up and running during our parched summers up on the ridge.

Okay, enough about drip. How about Mark's caterpillar tunnels?

On the one hand, they are awesome! Look at those brussels sprouts --- thriving under their covers!

On the other hand...wedding tulle is so very, very tender. I swear, our caterpillar tunnels sprout holes even when they haven't been touched.

I've been mending these gaps at least once a month, but even that wasn't enough to keep caterpillar worms out of one tunnel. On the other hand, the real fabric intended for this use is $300 and up per roll, so maybe I'll learn to enjoy mending.

In other news, while I've had lots of unexpected garden failures this year, I've also had one unexpected success. I've never managed to ripen melons previously, which was mostly due to viral diseases caused by bugs. But research turned up the tidbit that melons are very sensitive to cool soil, so I held my horses and planted a disease-resistant cantaloupe (Divergent) outside on June 4 (after starting the seeds inside a month before).

How's it doing? The vines are taking over the garden! There are lots of big fruit hiding under those leaves, the skin crackling and starting to yellow!

Which brings me to the garden lesson I never seem to learn --- for every unexpected loss, there's an unexpected win. Now if I can just figure out when cantaloupes are ripe...

Today I implemented external backends for keys. So unusual new hashes can be used by writing a small program.

Probably lots of other uses for this too; I don't know if I'll like them all. It has the potential to warp git-annex in some directions I don't want to deal with. Still, it's good to have this feature.

I was able to reuse a lot of the external special remote code for this, and only had to write around 400 lines of new code. Dunno how that all happened in 8 hours, but it did!

One more day working on performance, as I had a few known improvements I had not had time to get to. Managed to double the speed of move --to,copy --to, anddrop` when seeking files to act on and a few percent more in general.

My laptop's keyboard is failing, with more and more keys not working -- luckily so far only ones in the number row -- so I'm stopping early and hoping the fix arrives quickly on Monday. At some point I know that this todo will be able to speed up using things like --in and --copies by a similar amount as the recent performance improvements.

--

Today's work was sponsored by Jake Vosloo on Patreon.

I'm happiest when I have something complex and natural to keep my brain occupied. This year I found the perfect hobby --- fireflies! A citizen science project asks you to spend thirty seconds once a week counting the firefly flashes in your backyard. I gave it a try...and was instantly hooked.

Did you know that there are hundreds of species in the U.S., possibly dozens within a single backyard? One species, though, is pretty simple to figure out. The male Big Dipper (Photinus pyralis) usually comes out right at sunset and flies for half an hour or so. He's got long, yellow flashes that are either J-shaped or (as in my yard) simply rise upward. Count about 5 seconds of darkness in between at 76 F and you've got one firefly species to check off your life list!

(Why do I say "he"? Because the female is hidden in the grass, surveying the field and choosing a mate. Yes, firefly flashes are all about sex.)

Then, of course, identification gets more complicated. The other common type of fireflies --- Photuris species --- is often predatory, preferring to hunt flashing fireflies of other species rather than seeking mates of their own kind. So Photuris will mimic the flash patterns of other fireflies as well as (sometimes) making specific flash patterns of their own.

There are also a lot of Photuris species out there. I've plotted out a 550 square foot section of our septic field for summer studies and I usually manage to watch about the first half hour of the Photuris show twice a week. Over the course of the last month, I've found at least five different Photuris flash patterns before my eyelids get heavy. Are they all different species? Who knows!

The flash photo above, by the way, shows a typical Photuris habit --- when caught (in a petri dish in this case), they scurry around flashing as fast as they can. Did you notice the flashes here are green rather than yellow, like the Big Dipper's? That's a diagnostic difference between the two genera, along with the long legs of the Photuris and the stripes you often see on their wing covers.

If you want to delve deeper into fireflies, I can recommend some books and gear. Fireflies, Glow-worms, and Lightning Bugs is a beautifully illustrated and easy to read field guide...to a few of the most common species.

Definitely start there, then once you outgrow easy you might want to download the free, intense, and highly technical A naturalist’s long walk among shadows: of North American Photuris – patterns, outlines, silhouettes… This book will help you realize that scientists don't know enough yet to ID a lot of the Photurises. Still, it's fun to try!

Trying involves catching and photographing fireflies after you've gotten a handle on their flash patterns. (Here's a free download to some of the most common patterns.) For catching, I found this net to be cheap and effective (especially when combined with masked, socially distancing neighbor kids). Glass petri dishes made it much easier to photograph fast-moving Photurises, and it's now a breeze to measure insects in those photos since I drew a 1 cm grid on the bottom of the petri dish with a sharpie.

Other than that, the only hard part is staying up late (can't help you there --- I'm terrible at it). Oh, and accepting that firefly season is fleeting with species winking out with each week of summer. What better way to squeeze every bit of joy out of the year, though, than to watch fireflies during these short, hot nights?

Copied from a friend.  Not my words.

Consider this Betsy!!!

One of the saddest days of my life was the day of this woman’s appointment over our educational system. Now that she has completely dismantled it & removed civil rights protections for students, she’s planning a full out slaughter.

Teacher friends, good talking points for your conversations! 

I've spent all week working on performance. It started when Lukey found a way to use git cat-file --buffer to make --all faster. Once implemented, that turned out to be a 2x to 16x speedup in seek time.

I felt that same approach could probably also speed up other parts of git-annex that use git cat-file, so spent another 4 days finding ways to do that. Some of the ideas are not implemented yet, but I landed a 2x speedup today, to all git-annex commands that seek annexed files to work on.

Oh and also there used to be a git-annex branch read cache, but it got removed many years ago, and I forgot it had been removed. Which does not lead to writing the fastest code. Bringing the cache back makes some things another 20% faster.

This work was sponsored by Mark Reidenbach, Jake Vosloo, and Graham Spencer on Patreon.