2007/10/27
The Leaning Tower and other miracles in Pisa, Italy
The Leaning Tower and other miracles in Pisa, Italy was added to the site http://places-to-visit.info/.
2007/10/16
2007/10/13
Python and comma
The problem - there was a tuple:t = ("abc", "def")
Somwhere inside the program was an instruction:something = t[0]
and thensomething
returned "abc".
Some time later it turned out that "def" was not necessary
in
t so was modified:t = ("abc")and sowhere inside the program instruction
something = t[0]
made that something returned "a".It was Bad.
Why that happened?
Beacuse t was not a tuple anymore, it became a string. Instruction
t[0] returns first item in iterable so it returned "a" for us.What was ommited?
A coma.
After the change it was (bad):
t = ("abc")instead (good):
t = ("abc",)The coma creates a tuple. In our case consisting of one item, but still the tuple.
2007/10/10
2007/10/07
Comments for not logged in users activated
Comments for not logged in users activated on site http://places-to-visit.info.
Comments are welcome.
This article The Myth of Login was an impulse to rethink our design decision. Thanks.
Comments are welcome.
This article The Myth of Login was an impulse to rethink our design decision. Thanks.
2007/10/05
2007/10/03
Security hole - text buffer, middle mouse button, Firefox
The scenario:
In my case in the text buffer was ip address of host from which somebody did something not friendly on one of my pages. I've pasted (intentionally, of course) this ip address as parameter for some command line tools. And forgot about the text buffer with ip address inside.
Some time later I've pressed mouse middle button while having mouse cursor over Firefox window. Firefox started loading web page from offending ip address.
What information was disclosed?
It's a word of caution, mostly for myself.
Update: to switch off Firefox behavior described in 6.: on page about:config set value
- The User has opened window of the Firefox.
- The User selects some text on the terminal window by draggin mouse cursor with left mouse button pressed.
- The User inserts selected text into it's intended location using mouse middle button.
- The User does a lot of other things. And some time later.
- The User presses mouse middle button over opened Firefox window.
- Firefox tries to load web page using text pasted in step 5.
In my case in the text buffer was ip address of host from which somebody did something not friendly on one of my pages. I've pasted (intentionally, of course) this ip address as parameter for some command line tools. And forgot about the text buffer with ip address inside.
Some time later I've pressed mouse middle button while having mouse cursor over Firefox window. Firefox started loading web page from offending ip address.
What information was disclosed?
- the fact that I've read logs on the server and found interesting actions and ip address connected with them
- the fact that I've done something with this address
- most important, my own ip address
It's a word of caution, mostly for myself.
Update: to switch off Firefox behavior described in 6.: on page about:config set value
middlemouse.LoadContentURL to false and restart browser.
Subscribe to:
Comments (Atom)
