Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 320/3920 | < Previous Page | 316 317 318 319 320 321 322 323 324 325 326 327  | Next Page >

  • Are there any lint tools for C and C++ that check formatting?

    - by Nathan Fellman
    I have a codebase that is touched by many people. While most people make an effort to keep the code nicely formatted (e.g. consistent indentation and use of braces), some don't, and even those that do can't always do it because we all use different editors, so settings like spaces vs. tabs are different. Is there any standard lint tool that checks that code is properly formatted, but doesn't actually change it (like indent but that returns only errors and warnings)? While this question could be answered generally, my focus is on C and C++, because that's what this project is written in.

    Read the article

  • SQL Server db_owner

    - by andrew007
    Hi, in my SQL2008 I have a user which is in the "db_datareader", "db_datawriter" and "db_ddladmin" DB roles, however when he tries to modify a table with SSMS he receives a message saying: You are not logged in as the database owner or system administrator. You might not be able to save changes to tables that you do not own. Of course, I would like to avoid such message, but until now I did find the way... Therefore, I try to modify the user by adding him to the "db_owner" role, and of course I do not have the message above. My question is: Is it possible to keep the user in the "db_owner" role, but deny some actions like alter user or ? I try "alter any user" securable on DB level, but it does not work... THANKS!

    Read the article

  • Appending html code to a section inside a dialog window isn't working in IE6

    - by user338413
    I'm using jQuery's validation on a form. When the form is validated, I'm using a submitHandler to fill a dialog with data from the form then I open the dialog to display it. Works great except for in IE6. Nothing displays. I've tried initializing the dialog before and after running the validation code but neither makes a difference. Here's the validation code: $("#acct").validate({ ... submitHandler: function() { fillVerificationDialog(); $("#verification_dialog").dialog('open'); return false; } }); Here's the fillVerificationDialog: function fillVerificationDialog() { $("#dialog-data").empty(); $("<span class='label'>").text("First Name: ").appendTo("#dialog-data"); $("<span class='value'>").text($("#firstname").val()).appendTo("#dialog-data"); $("<br/>").appendTo("#dialog-data"); ... }

    Read the article

  • Is it a good idea to use only a key to encrypt an entire (small) filesystem?

    - by Fernando Miguélez
    This question comes as part of my doubts presented on a broader question about ideas implementing a small encrypted filesystem on Java Mobile phones (J2ME, BlackBerry, Android). Provided the litte feedback received, considering the density of the question, I decided to divide those doubts into small questions. So to sum up I plan to "create" an encrypted filesystem for for mobile phones (with the help of BoucyCastle or a subset of JCE), providing an API that let access to them in a transparent way. Encryption would be carried out on a file basis (not blocks). My question is this: Is it a good idea to use only a simmetric key (maybe AES-256) to encrypt all the files (they wouldn't be that many, maybe tens of them) and store this key in a keystore (protected by a pin) or would you rather encrypt each file with an on-the-fly generated key stored alongside each file, encrypting that key with the "master" key stored on the keystore? What are the benefits/drawbacks of each approach?

    Read the article

  • Why do a small amount of add/deletes take several seconds in EF4?

    - by TomWij
    Using the Entity Framework 4. I have created a Code First database in the past and a piece of code needs to delete and add 16 objects, this takes 6 seconds each. That's 300+ ms for each query! The deletes/adds occur in a foreach scope and there is a SaveChanges() outside the foreach. In the above image you see that each takes 6 seconds, which is 34% of the time, for 16 calls. That doesn't sound normal to me... Why is this and how can I improve the performance? If there is no solution: Are there any workarounds I can use? It would be a pain to rewrite my project...

    Read the article

  • unfounded Secure Unsecure Messages

    - by Marty Trenouth
    I'm having significant difficulty locating the root cause for a secure/insecure message comming from IE. I've looked through the entire output and there are NO references to http: I've searched for unsource Iframes, which cause this message, and there are none and other than jquery 1.4 there isn't even the text "iframe" in the source. I'm almost at an end trying the cause for this. Does anyone have any ideas

    Read the article

  • Good File Organization Suggestions for Developer

    - by Paul
    I am struggling a little with folder organization to organize the many projects that I work on. I work on OS X - right now I am using ~/Development/ as the root folder, and I have many types of projects. For example, I have my iPhone apps under ~/Development/Xcode I develop in many languages, from PHP, to Ruby, to Python, to Objective-C. So, for example, I might have a couple of open-source apps based on PHP where I am using the Zend framework. Some of these projects are for clients, others are tests/experiments when learning a new language or general experimenting. I am really interested in how other developers have organized code/projects and could pass along some advice to make it very easy to navigate through code/projects related to many languages and types of projects.

    Read the article

  • arbitrary input from stdin to shell

    - by python_noob
    So I have this existing command that accepts a single argument, but I need something that accepts the argument over stdin instead. A shell script wrapper like the following works, but as I will be allowing untrusted users to pass arbitrary strings on stdin, I'm wondering if there's potential for someone to execute arbitary commands on the shell. #!/bin/sh $CMD "`cat`" Obviously if $CMD has a vulnerability in the way it processes the argument there's nothing I can do, so I'm concerned stuff like this: Somehow allow the user to escape the double quotes and pass input into argument #2 of $CMD Somehow cause another arbitary command to run

    Read the article

  • [0-9a-zA-Z]* string expressed with primes or prime-factorization-style way to break it into parts?

    - by HH
    Suppose a string consists of numbers and alphabets. You want to break it into parts, an analogy is primes' factorization, but how can you do similar thing with strings [0-9a-zA-Z]* or even with arbitrary strings? I could express it in alphabets and such things with octal values and then prime-factorize it but then I need to keep track of places where I had the non-numbers things. Is there some simple way to do it? I am looking for simple succinct solutions and don't want too much side-effects. [Update] mvds has the correct idea, to change the base, how would you implement it?

    Read the article

  • Ensure that my C# desktop application is making requests to my ASP .NET MVC action?

    - by Mathias Lykkegaard Lorenzen
    I've seen questions that are almost identical to this one, except minor but important differences that I would like to get detailed. Let's say that I have a controller and an action method in MVC which therefore accepts requests on the following URL: http://example.com/api/myapimethod?data=some-data-here. This URL is then being called regularly by 1000 clients or more spread out in the public. The reason for this is crowdsourcing. The clients around the globe help feed a global cache on my server, which makes it faster for the rest of the clients to fetch the data. Now, if I'm sneaky (and I am), I can go into Fiddler, Ethereal, Wireshark or any other packet sniffing tool and figure out which requests the program is making. By figuring that out, I can also replicate them, and fill the service with false corrupted data. What is the best approach to ensuring that the data received in my ASP .NET MVC action method is actually from the desktop client application, and not some falsely generated data that the user invented? Since it is all based on crowdsourcing, would it be a good idea for my users to be able to "vote" if some data is falsified, and then let an automatic cleanup commence if there are enough votes? I do not have access to a tool like SmartAssembly, so unfortunately my .NET program is fully decompilable. I realize this might be impossible to accomplish in an error-proof manner, but I would like to know where my best chances are.

    Read the article

  • Tool To Catch All The Inputs That Cause Crash?

    - by Barakat
    Hi all, I need a Windows tool records inputs and debugging informations that cause program's crashing. I don't mean a fuzzing tool ! Ammmmm ... let me show you a scenario may explain what I'm talking about. Sometimes during using a program, It's crashed without known reason ! and when I want to debug it, I will not find helpful informations to know how the crash happened. Because that the data that cause the crash no longer exist. So I need a tool records all the inputs and debugging informations to find helpful informations to reuse the inputs data to make the program crashes under a debaucher in order to understand how the crash happen.

    Read the article

  • Does anyone see any downsides of doing the following to prevent CSRF?

    - by Spines
    I'm wondering if the following method will completely prevent CSRF, and be compatible with all users. Here it is: In the form just include an extra parameter that is: encrypted(user's userID + request time). Server-side just decrypt and make sure it's the right userID and the request time was reasonably recent. Aside from someone sniffing the user's traffic, is this completely secure? Are there any downsides?

    Read the article

  • Can I tell if the iPhone has a passcode?

    - by tewha
    I'm developing an application that asks for a PIN when you start it. That's not great, but I can live with it. The problem is I'm being asked to ask for the PIN each time the phone wakes from sleep, too. Combined with the OS asking for its passcode, it's too much. Is there any legitimate way to detect if the phone has a passcode required for waking, so I can skip requiring a PIN in this case? I don't want to know the PIN and I don't actually care if it was locked (for instance, if the phone was asleep very briefly), I just want to know that the data is in some way "protected."

    Read the article

  • How to hash and salt passwords

    - by Henrik Skogmo
    I realize that this topic have been brought up sometimes, but I find myself not entirely sure on the topic just yet. What I am wondering about how do you salt a hash and work with the salted hash? If the password is encrypted with a random generated salt, how can the we verify it when the user tries to authenticate? Do we need to store the generated hash in our database as well? Is there any specific way the salt preferably should be generated? Which encryption method is favored to be used? From what I hear sha256 is quite alright. And lastly, would it be an idea to have the hash "re-salted" when the user authenticates? Thank you!

    Read the article

  • Get information about a function in python, looking at source code

    - by Werner
    Hi, the following code comes from the matplotlib gallery: #!/usr/bin/env python from pylab import * x = array([10, 8, 13, 9, 11, 14, 6, 4, 12, 7, 5]) y = array([8.04, 6.95, 7.58, 8.81, 8.33, 9.96, 7.24, 4.26, 10.84, 4.82, 5.68]) I am new to python, and would like to change the content of x and y from an input file. I have two short questions: I could guess what array means, but once I see it on the code, how can I know to which library it belongs and more information about it? Should I use some kind of python debug commands? How do I insert the content of my input file into x? Thanks

    Read the article

  • How To Refactor If-else Code Segment?

    - by LostInLib
    I'm developing win8(metro style) application with Html5-js-jquery. I have this code segment; GetBoutiqueDetail: function (boutiqueId, options) { if (IsUserLogin()) { //different job A } else { ShowLoginPanel(undefined); } }, GetProductDetail: function (boutiqueId, productId, options) { if (IsUserLogin()) { //different job B } else { ShowLoginPanel(undefined); } }, AddBasket: function (productId, productVariantId, quantity, options) { if (IsUserLogin()) { //different job C } else { ShowLoginPanel(undefined); } },.... .And ~20 functions should check if user login or not. I should call functions like similar to "Library.GetBoutiqueDetail();" So my question is simple, how can I refactor that code to remove these if-else sections ?

    Read the article

  • Is my code really not unit-testable?

    - by John
    A lot of code in a current project is directly related to displaying things using a 3rd-party 3D rendering engine. As such, it's easy to say "this is a special case, you can't unit test it". But I wonder if this is a valid excuse... it's easy to think "I am special" but rarely actually the case. Are there types of code which are genuinely not suited for unit-testing? By suitable, I mean "without it taking longer to figure out how to write the test than is worth the effort"... dealing with a ton of 3D math/rendering it could take a lot of work to prove the output of a function is correct compared with just looking at the rendered graphics.

    Read the article

  • How do I secure password parameters in RESTful web service URIs?

    - by adam
    i'm a newbie to server-side programming, so please forgive me if this gets messy. i've been contracted to create a web service to allow authenticated users to access a database. users have to enter a login and password. been reading and reading about REST vs SOAP, and i thought i'd settled on a RESTful design when i came across this statement: "Data that needs to be secure should not be sent as parameters in URIs." this seems like a major demerit against a RESTful approach. i'm aware that with https the password would be encrypted to prevent man-in-the-middle interception, but that leaves the server logs and client history as possible exposure points. is there a RESTful solution out there for this problem, or do i need to go SOAPy? any advice appreciated.

    Read the article

  • Execute python code inside browser without Jython

    - by proportional
    Is there a way to execute python code in a browser, other than using Jython and an applet? The execution does not have to deal with anything related to graphics. For example, just sum all the digits of a binary 1Gb file (chosen by the browser user) and then return the result to the server. I am aware that python can be executed remotely outside a browser, but my requirement is to be done inside a browser. For sure, I take for granted the user will keep the right to execute or not, and will be asked to do so, and all this security stuff... but that is not my question.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 316 317 318 319 320 321 322 323 324 325 326 327  | Next Page >