MS Dos 5.0 on my first PC was a bit short on features and I had not enough money for Windows 3.1… I heard that American students were using something called Unix and that their was something close available through mail-order CDs. Yggdrasil CDs were cheap too!

A process owned by any user will be able to exploit a userspace vulnerability, whatever this user is. Selinux, chroot, cgroups/containerization add a layer of protection to this, but any vulnerability that bypass these will be as exploitable from nobody as from any other local user. It will protect a user files from some access attempts but will fail to prevent any serious attack. And as usual when it comes to security, a false sense of security is worse than no security at all.

Remember that some exploits exist that can climb outside of a full-blown virtual machine to the virtualisation host, finding a user escalation vulnerability is even more likely.

The only real protection is an up-to-date system, sane user behavior and maybe a little bit of paranoia.

Each and every line of code you write is a liability. Even more so when you wrote it for someone else. You must always be able to rebuild it from source, at least as long as your client expect the software to work. If you feel it’s not worth it, you probably low-balled the contract. If you don’t want to maintain code, have the client pay a yearly maintenance fee, give the code and the responsibility to maintain it to your client at the end of development, or add a time limit to it’s support.

There’s no “maintenance mode” software: either it’s in use and must be kept updated with regard to it’s execution environment, or it’s not used anymore and can be erased and forgotten. Doing differently opens too much security issues, which shouldn’t be acceptable for us all as a trade.

Subjective take: there’s worse than FreeCAD - sure it’s a bit “old school” but it’s bearable. O. The other hand, the solver has crashed on me so many times… The workbench way of doing things requires some time to get usdmed to, sure, but a crashing solver is far worse.

That’s a lot of words for “I’m too lazy to master the most essential tool of my professional life and keep it updated to my requirements”.

If you don’t want to do it, feel free to pay an Ubuntu support subscription, open a ticket, and get back to work. As you said: you should be working on your problem instead of whining. Or maybe you earn more whining?

There’s a saying that goes like that: “To a bad workman, there’s always bad tools.”

Modular’s Mojo might interest you - it just popped up in my news feed, it’s entirely a coincidence.

Others has answered the specific cases where TTM is paramount.

When time is less of an issue, in my experience it’s in no particular order a mix of:

• product owners or similar role wanting “everything and right now” for no reason whatsoever, except maybe some bonus;
• bosses bossing around to try and justify their existence instead of easying progress ;
• developers being not much more than code jockeys with a tendancy to develop by StackOverflow copy/paste;
• operations lacking time, resources or knowledge to build a proper CI/CD pipeline - when it’s not an issue of operations by ServerFault copy/paste;
• experts (DBA, virtualization, middlewares) being kept out of the project, and only asked for advice when things go terribly wrong later.

All in all, instead of short term profit, it’s a lack of not-so-long term vision and engagement from everyone involved. They just don’t care.

Yeah, I’m the one in charge of fixing the mess, why you ask?

Your question is a bit vague but it looks to me that what you want is some sort of expert system of inference engine.

There might be some open source solutions, and there’s always the GNU Prolog language that might suit your needs.

I suspect that you won’t get a graphviz structure out of it though.

EOL of version 7 is next year in June, you got a nice pile of work here!

And *nix shells a perfect example of the KISS principle.

On behalf of garbage, I loudly protest on this attempt to assimilate it to Powershell.