Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 321/3920 | < Previous Page | 317 318 319 320 321 322 323 324 325 326 327 328  | Next Page >

  • Detecting suspicious behaviour in a web application - what to look for?

    - by Sosh
    I would like to ask the proactive (or paranoid;) among us: What are you looking for, and how? I'm thinking mainly about things that can be watched for programaticaly, rather than manually inspecting logs. For example: - Manual/automated hack attempts - Data skimming - Bot registrations (that have evaded captcha etc.) - Other unwanted behaviour Just wondering what most people would consider practical and effective..

    Read the article

  • Simple wrapping of C code with cython

    - by Jose
    Hi, I have a number of C functions, and I would like to call them from python. cython seems to be the way to go, but I can't really find an example of how exactly this is done. My C function looks like this: void calculate_daily ( char *db_name, int grid_id, int year, double *dtmp, double *dtmn, double *dtmx, double *dprec, double *ddtr, double *dayl, double *dpet, double *dpar ) ; All I want to do is to specify the first three parameters (a string and two integers), and recover 8 numpy arrays (or python lists. All the double arrays have N elements). My code assumes that the pointers are pointing to an already allocated chunk of memory. Also, the produced C code ought to link to some external libraries.

    Read the article

  • Claims-based Authentication: Are strings the essence of claims?

    - by Rising Star
    I've been programming with claims-based authentication for some time now with Windows Identity Foundation. It appears to me that in Windows Identity Foundation, once a user is logged in, the claims are basically strings of information that describe the user. With the old role-based authentication, I could say that a user is or is not a member of a given group, but with claims-based authentication, I can now have strings of information that describe a user. "This user is female". This user was born on "July 6, 1975". "This user logged in using a USB key". Is it the essence of claims-based authentication,that I have strings of information about the user given to the application by the framework?

    Read the article

  • Get information about a function in python, looking at source code

    - by Werner
    Hi, the following code comes from the matplotlib gallery: #!/usr/bin/env python from pylab import * x = array([10, 8, 13, 9, 11, 14, 6, 4, 12, 7, 5]) y = array([8.04, 6.95, 7.58, 8.81, 8.33, 9.96, 7.24, 4.26, 10.84, 4.82, 5.68]) I am new to python, and would like to change the content of x and y from an input file. I have two short questions: I could guess what array means, but once I see it on the code, how can I know to which library it belongs and more information about it? Should I use some kind of python debug commands? How do I insert the content of my input file into x? Thanks

    Read the article

  • PHP 2-way encryption: I need to store passwords that can be retrieved

    - by gAMBOOKa
    I am creating an application that will store passwords, which the user can retrieve and see. The passwords are for a hardware device, so checking against hashes are out of the question. What I need to know is: How do I encrypt and decrypt a password in PHP? What is the safest algorithm to encrypt the passwords with? Where do I store the private key? Instead of storing the private key, is it a good idea to require users to enter the private key any time they need a password decrypted? (Users of this application can be trusted) In what ways can the password be stolen and decrypted? What do I need to be aware of?

    Read the article

  • How can we store password other than plain text?

    - by Eric
    I've found numerous posts on stackoverflow on how to store user passwords. However, I need to know what is the best way to store a password that my application needs to communicate with another application via the web? Currently, our web app needs to transmit data to a remote website. To upload the data, our web app reads the password from a text file and creates the header with payloads and submits via https. This password in plain text on the file system is the issue. Is there any way to store the password more securely? Thanks!

    Read the article

  • MVC Serve audio files while preventing direct linking using HttpResponseBase

    - by VinceGeek
    I need to be able to serve audio files to an mvc app while preventing direct access. Ideally the page would render with a player control so the user can start/stop the audio linked to the database record (audio files are in a folder not the db). I have a controller action like this: Response.Clear(); Response.ContentType = "audio/wav"; Response.TransmitFile(audioFilename); Response.End(); return Response; and the view uses the RenderAction method <% Html.RenderAction("ServeAudioFile"); %> this works but it won't display inline on the existing view, it opens a new page with just the media control. Am I totally barking up the wrong tree or is there a way to embed the response in the existing view? works exactly as I would like but I can't control access to the file.

    Read the article

  • FileSystemWatcher surpassing Active Directory restrictions

    - by DevexPP
    While experimenting with FileSystemWatcher, I've found out that it somehow surpasses Active Directory's restrictions to files and folders, and will raise change events with information about what has changed in files and folders that you don't even have access to. I have two questions about that: 1) Why does this happen ? 2) Is this a problem in the AD configuration ? how do I fix it ? 3) Is there any way to gather these files, or even create a FileSystemInfo of them to get more info about the files (not only the changes made on them) ? As far as I've tried, only the FileSystemWatcher immune to the restrictions, I can't run any other thing over it, here's a list of what I've tried: File.Exists Directory.Exists FileInfo instance on found files DirectoryInfo instance on found files File.Copy File.Delete

    Read the article

  • Backdoor Strategy- opinion needed.

    - by the Hampster
    I'm creating an application to track publications and grants for a university. Professors will need to put they CV into the system when it is up and running. Yeah, right. The person in charge is planning on hiring someone to input all of the information, but my questions is how? The strategy I'm thinking of is to install a backdoor. The lucky undergrad can log in as any professor using the backdoor. Once all the data is removed, the backdoor can be removed. Doing so would probably be as simple as editing out a comment in the config file. The IT guys would still have access, but since they control the machines, they would have access anyway. Are there any flaws to this strategy?

    Read the article

  • How to control access to third party HTML pages

    - by Wylie
    Hello, We have a Learning Management System (LMS) that runs on its own server (IIS/Server 2003). Students must login with Forms authentication to gain access to the content. We want to offer access to third party flash and audio that is embedded in HTML pages hosted on the third party server (IIS/Server 2003). Currently we use a frame in a pop-up window that is populated via a simple URL to the third party HTML pages. How can the third party control access to their content, so that only students who launch the pop-up windows from our site can access their content? Since the content is mostly video and flash, we would prefer not to stream all of their content through our server to the Student. We have a programming staff, so we could maybe... - either post or get for our HTTP request to the third party server - we could use SSL - we could programmatically assign a global NT user account to all of our users and then do some kind of Active Directory login from the LMS server to the third party server - could the third party content be hosted at Amazon S3? Would this allow for secure access/download? These are just ideas. We really have no idea. Any suggestions would be greatly appreciated. TIA, Wylie

    Read the article

  • how to structure code that uses std::rel_ops

    - by R Samuel Klatchko
    I was working on some code and wanted to make use of std::rel_ops. From what I can tell, you need to do using std::rel_ops to your source code to make use of them. But I'm not sure where the best place to put that is. Let's say I have a header file with a class that only defines the minimal operator== and operator<: // foo.h class foo { public: bool operator==(const foo &other) const; bool operator<(const foo &other) const; }; I'm not sure where to put using std::rel_ops. If I leave it out of the foo.h, then every user of foo.h needs to know the implementation detail that foo is not defining all the operators itself. But putting using std::rel_ops inside foo.h breaks the rule of thumb about not having a using in a header file. How do other people resolve this issue?

    Read the article

  • Failed to execute stored procedure from the JDBC code using mysql connection

    - by Purushotham
    Hi, I have one database. I executed a stored procedure on it. I wrote some JDBC code to connect to this database. When I am calling this stored procedure from my JDBC code it is throwing SQLException. One interesting thing I found is that I have one user other than root user. This user has all the privileges to this database where the stored procedure is present. When I use the root user I am able to call the stored procedure successfully. But with the other user I am getting SQLexception. I am not able to find why it happens like this. For sure I want this user(other than root) has to call this stored procedure successfully. Thanks in advance.

    Read the article

  • How can this code be made more Pythonic?

    - by usethedeathstar
    This next part of code does exactly what I want it to do. dem_rows and dem_cols contain float values for a number of things i can identify in an image, but i need to get the nearest pixel for each of them, and than to make sure I only get the unique points, and no duplicates. The problem is that this code is ugly and as far as I get it, as unpythonic as it gets. If there would be a pure-numpy-solution (without for-loops) that would be even better. # next part is to make sure that we get the rounding done correctly, and than to get the integer part out of it # without the annoying floatingpoint-error, and without duplicates fielddic={} for i in range(len(dem_rows)): # here comes the ugly part: abusing the fact that i overwrite dictionary keys if I get duplicates fielddic[int(round(dem_rows[i]) + 0.1), int(round(dem_cols[i]) + 0.1)] = None # also very ugly: to make two arrays of integers out of the first and second part of the keys field_rows = numpy.zeros((len(fielddic.keys())), int) field_cols = numpy.zeros((len(fielddic.keys())), int) for i, (r, c) in enumerate(fielddic.keys()): field_rows[i] = r field_cols[i] = c

    Read the article

  • Session Fixation in ASP.NET

    - by AJM
    I'm wondering how to prevent Session fixation in ASP.NET My approach would to this would normally be to generate and issue a new session id whenever someone logs in. But is this level of control possible in ASP.NET land?

    Read the article

  • Persisting sensitve data in asp.net, odd implementation

    - by rawsonstreet
    For reasons not in scope of this question I have implemented a .net project in an iframe which runs from a classic asp page. The classic asp site persisted a few sensitive values by hitting the db on each page. I have passed there variables as xml to the aspx page, now I need to make these values available on any page of this .net site. I've looked into the cache object but we are on a web farm so I am not sure it would work. Is there a way I can can instantiate an object in a base page class and have other pages inherit from the base page to access these values? What is the best way to persist these values? A few more points to consider the site runs in https mode and I cannot use session variables, and I would like to avoid cookies if possible..

    Read the article

  • Cookieless Django for government site

    - by phoebebright
    As I'm writing a django site from government bodies I'm not going to be able to use cookies. I found this snippet http://djangosnippets.org/snippets/1540/ but it's currently not allowing users to login. Before I start debugging I wondered if anyone else has solved this problem with this snippet or in any other way?

    Read the article

  • String encryption only with numbers?

    - by HH
    Suppose your bank clerk gives you an arbitrary password such as hel34/hjal0@# and you cannot remember it without writing it to a paper. Dilemma: you never write passwords to paper. So you try to invent an encryption, one-to-one map, where you write only a key to a paper, only numbers, and leave the rest junk to your server. Of course, the password can consist of arbitrary things. Implemention should work like hel34/hjal0#@ ---- magic ----> 3442 and to other way: 3442 ---- server magic ---> hel34/hjal0#@ [Update] mvds has the correct idea, to change the base, how would you implement it?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 317 318 319 320 321 322 323 324 325 326 327 328  | Next Page >