Ian Denhardt

I'm not sure I follow what the security issue is; what are we concerned could happen if we allow this?

Ah, I think I understand the concern: if we navigate to a blob: URL, does the browser enforce our CSP on the loaded document itself? If the answer is no,...

Perhaps we should just set this ourselves on startup if it is below a certain reasonable value?

(It would be nice to find a more generally robust way to track space usage, but I don't know of one that wouldn't be major surgery. In general, I do...

(Fwiw, the value on my laptop is 524288, having not changed it. On my live sandstorm box it is 14280. I don't know how these values are normally chosen).

Ok, well, hopefully as users upgrade to kernels that set this value based on available memory, this will be less and less of an issue. Available memory for the two...

Thinking about this again, and I discovered there's a comparatively new (kernel version 5.1) alternative to inotify; fanotify now supports watching a *mount point*, which would be less racy and...

Yeah, we'd have to probably -- but it would at least make things better for most deployments.

Having slept on it I came to more or less the same reasoning/conclusion. I *have* looked at tge tzdata changelogs, and they're... Impressive. As it turns out, znc does have...

So, additional context, as my more recent interest came up in the context of SandCal, a calendar app, which per @kentonv's comment above really really needs to care about time...