16th April 2009
Connecting remotely via ssh to my Debian box at work, I needed to mount a CIFS (samba) share, but didn’t remember server name (or IP) and share name.
At least two convenient utilities are available in Debian Lenny for non-X Samba browsing.
smbtree (part of smbclient package) will list all visible workgroups, their servers, and share names of those servers – including “hidden” shares like C$, IPC$, ADMIN$, print$. Very handy and greppable!
samba-commander (smbc package) is a ncurses samba browser with “find file” functionality.
Posted in *nix, Software | No Comments »
11th April 2009
Linux users are not affected with a plethora of autorun.inf “viruses”, but that seems to be a real plague for Windows users.
Ideologically correct solution is offered by Panda software – a free Panda USB and AutoRun Vaccine. It can do two things for your Windows box:
- with a single click disable auto-execution of programs from USB sticks and CDs/DVDs, and
- with one more click – make the autorun.inf file on your pendrive inaccessible, so as to prevent infecting your USB stick with an “autorun.inf virus”.
Program does not require installation, but requires Administrator privileges. It supports FAT/FAT32 pendrives, but NTFS-enabled version is being tested and should be made available shortly.
Note, that if you perform step 2, re-enabling access to autorun.inf may require pendrive formatting. Also, after step 1 your favourite CDs and DVDs won’t start automatically anymore – but you will be able to start them manually.
And, of course, Linux users have nothing to worry about (yet).
Posted in Links, Misc, Software | No Comments »
20th February 2009
I assume that you already have your gitosis-admin repository working (this is described elsewhere).
- cd gitosis-admin && git pull – enter your gitosis administrative repository and ensure it is up-to-date
- $EDITOR gitosis.conf
- add [group newreponame] section (newreponame is the name of your new repository being added); add yourself with members = yourlogin@yourhost line; also add writable = newreponame line:
[group newreponame]
members = yourlogin@yourhost
writable = newreponame
- based on my assumption of a correctly setup gitosis-admin repository, you should already have the appropriate public key in the keydir directory, but if not – copy your user’s ssh public key to keydir in the form of yourlogin@yourhostname.pub, then do git add keydir/yourlogin@yourhostname.pub
- git commit -am ‘new repository: newreponame’; git push;
- now that you have the new repo permissions configured, let’s actually create it. Navigate to the directory holding the files of your project (e.g. cd ~/newreponame), and do git init; git add . – this initializes empty git repository, and then adds all the files to it. If you have no files – you can skip the ‘git add .’ command, as it will do nothing for you.
- git commit -m ‘initial commit’. If you had no files added to the commit, git will complain that it cannot create an empty commit. In this case use the command git commit ––allow-empty -m ‘initial commit’
- git remote add origin ssh://gitosis@yourGitosisServerName/newreponame.git
- git push ––all
- final thing: git config ––add branch.master.remote origin && git config ––add branch.master.merge refs/heads/master; alternatively, cd .git && $EDITOR config, and then add these lines:
[branch "master"]
remote = origin
merge = refs/heads/master
Without these lines, you won’t be able to git pull.
Posted in *nix, how-to, Software | 16 Comments »
14th February 2009
GSoC 2009 FAQs
Don’t forget to update your personal calendars with important GSoC 2009 dates.
Posted in Links, Software | No Comments »
13th February 2009
Since some WP release, the comment author’s link in comments is broken – it has ‘ external nofollow’ attached straight to the href attribute (which breaks the link).
I assume that the problem is caused by Google Analytics, namely the “track outgoing clicks” feature (as recalled, might be inaccurate feature name). “Track outgoing links” adds some JavaScript code to all outgoing links, and that script has tick characters like this one ‘ which, incidentally, are also used for delimiting the values of comment anchor tags.
To fix:
Read the rest of this entry »
Posted in CMS, how-to, PHP, Programming, Software, Web | 2 Comments »
28th January 2009
favicon.cc has cool real-time previews and allows creating animated favicons.
Update: check the comments below for more online favicon editors/generators!
Posted in Links, Notepad, Software, Web | 3 Comments »
26th January 2009
Yesterday I had a look at mod.email.php – the Email module of ExpressionEngine CMS.
It appears that it is very easy to use ExpressionEngine’s contact form (which uses Email module) to send emails to arbitrary addresses – simply put, send spam using someone’s EE.
And here’s why:
- recipients hidden field is passed to the client; it is encrypted, but with access to the mod.email.php code, it is a matter of several minutes to write your own email-encoding function which will produce a completely valid recipients field
- there’s also XID field, which seems to be unique for each page load
Spamming algorithm is clear, so I won’t elaborate. (I could have missed some session variables, though – didn’t check them.)
This information is valid as of ExpressionEngine 1.6.6, but nothing in the change-logs indicates that this mechanism was modified in the newer versions of EE.
Update: I’ve tested, and this vulnerability does exist. The simplest prevention measure is to enable Captcha for Contact Form.
I’ve notified the developers.
Posted in CMS, PHP, Programming, Software, Web | 1 Comment »