Skip to content(if available)orjump to list(if available)

HN

macOS 26.2 enables fast AI clusters with RDMA over Thunderbolt

developer.apple.com

OpenAI are quietly adopting skills, now available in ChatGPT and Codex CLI

simonwillison.net

ratsplaydoom.com

Show HN: Tiny VM sandbox in C with apps in Rust, C and Zig

Capsudo: Rethinking Sudo with Object Capabilities

Show HN: I made a spreadsheet where formulas also update backwards

victorpoughon.github.io

Ensuring a National Policy Framework for Artificial Intelligence

50 years of proof assistants

lawrencecpaulson.github.io

Freeing a Xiaomi humidifier from the cloud

Security issues with electronic invoices

invoice.secvuln.info

SQLite JSON at full index speed using generated columns

Go is portable, until it isn't

simpleobservability.com

Motion (YC W20) Is Hiring Senior Staff Front End Engineers

jobs.ashbyhq.com

4 billion if statements (2023)

andreasjhkarlsson.github.io

Fast Median Filter over arbitrary datatypes

martianlantern.github.io

Pg_ClickHouse: A Postgres extension for querying ClickHouse

Building small Docker images faster

Sick of smart TVs? Here are your best options

arstechnica.com

Home Depot GitHub token exposed for a year, granted access to internal systems

String theory inspires a brilliant, baffling new math proof

quantamagazine.org

Bit flips: How cosmic rays grounded a fleet of aircraft

CM0 – A new Raspberry Pi you can't buy

jeffgeerling.com

flak.tedunangst.com

Capsudo: Rethinking Sudo with Object Capabilities

Capsudo: Rethinking Sudo with Object Capabilities

4 comments

·December 12, 2025

charcircuit

You don't need to elevate privileges if you give things the right privileges from the start.

Sudo is just a hack to avoid setting up proper capabilities / permissions in the first place.

PunchyHamster

That's functionally equivalent to using sudo but only allowing a certain shell script that's a wrapper for what needs to be done by a given user (to avoid the whole syntax mess). But somehow with more boilerplate.

ryukafalz

If I'm a user who's been given access to run such a wrapper script via sudo, how do I further delegate that access?

esseph

Every time somebody wants to do something in Linux and they mention Objects, I turn around and go the other way.

These people still do not understand why that userspace became so powerful and so useful.

I also think that's the "solution", which is to craft a new optional userspace experience that leaves traditional unix strings and pipes alone. It's not for me, but I'm sure many would like it. I mean, look at PowerShell on Linux :/