Search Results

Search found 13222 results on 529 pages for 'security gate'.

Page 413/529 | < Previous Page | 409 410 411 412 413 414 415 416 417 418 419 420 | Next Page >

How can I use the Scala program schema2src?

- by pr1001

This perhaps more a Server Fault question... I installed schema2src via sbaz and now I would like to convert a DTD (Apple's plist schema) to Scala source. $ schema2src usage: schema2src [flags] --module mname arg* or schema2src dtd arg* or (experimental) schema2src xsd arg* (this doesn't work at all yet) where supported [flags] may be: --verbose prints some debugging information However, if I try give any argument, it appears it can't find Scala: $ schema2src --verbose Exception in thread "main" java.lang.NoClassDefFoundError: scala/runtime/BoxesUtility at schema2src.Main$.processArgs(Main.scala:56) at schema2src.Main$.main(Main.scala:25) at schema2src.Main.main(Main.scala) Caused by: java.lang.ClassNotFoundException: scala.runtime.BoxesUtility at java.net.URLClassLoader$1.run(URLClassLoader.java:200) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:315) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:330) at java.lang.ClassLoader.loadClass(ClassLoader.java:250) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:398) ... 3 more I have scala in my PATH... Any suggestions? Assuming that problem can be fixed, is this the correct syntax? $ schema2src PropertyList-1.0.dtd

Read the article
Hooking a synchronous event handler on a form submit button in JS

- by Xzhsh

Hi, I'm working on a security project in javascript (something I honestly have not used), and I'm having some trouble with EventListeners. My code looks something like this: function prevclick(evt) { evt.preventDefault(); document.loginform.submitbtn.removeEventListener('click',prevclick,false); var req = new XMLHttpRequest(); req.open("GET","testlog.php?submission=complete",false); req.send(); document.loginform.submitbtn.click(); //tried this and loginform.submit() } document.loginform.submitbtn.addEventListener('click',prevclick,false); But the problem is, the submit button doesn't submit the form on the first click (it does, however, send the http request on the first click), and on the second click of the submit button, it works as normal. I think there is a problem with the synchronization, but I do need to have the request processed before forwarding the user to the next page. Any ideas on this would be great. Thanks in advance.

Read the article
How can I receive messages using over http without MSMQ

- by pduncan

I need a reliable messaging framework that runs over http/https (due to client security requirements) and that doesn't use MSMQ (because some clients will use Windows XP Home). The clients only need to be able to receive messages, not send them. We already have a message queue on the server for each user, and the receivers have been getting messages by connecting to an HttpHandler on the server and getting a Stream from WebResponse.GetResponseStream() We keep this stream open, and pull messages off of it using Stream.Read(). This MOSTLY works, but Stream.Read() is a blocking call, and we can't reliably interrupt it. We need to be able to stop and start the receiver without losing messages, but the old stream often hangs around, even after we call Thread.Abort on its thread. Any suggestions?

Read the article
Should I make sure arguments aren't null before using them in a function.

- by Nathan W

The title may not really explain what I'm really trying to get at, couldn't really think of a way to describe what I mean. I was wondering if it is good practice to check the arguments that a function accepts for nulls or empty before using them. I have this function which just wraps some hash creation like so. Public Shared Function GenerateHash(ByVal FilePath As IO.FileInfo) As String If (FilePath Is Nothing) Then Throw New ArgumentNullException("FilePath") End If Dim _sha As New Security.Cryptography.MD5CryptoServiceProvider Dim _Hash = Convert.ToBase64String(_sha.ComputeHash(New IO.FileStream(FilePath.FullName, IO.FileMode.Open, IO.FileAccess.Read))) Return _Hash End Function As you can see I just takes a IO.Fileinfo as an argument, at the start of the function I am checking to make sure that it is not nothing. I'm wondering is this good practice or should I just let it get to the actual hasher and then throw the exception because it is null.? Thanks.

Read the article
Parsing NTFS Partition in C

- by DooriBar

Hello all, I'm just a beginner and I have a need to parse a NTFS partition for the purpose of extracting Security Descriptors. (I been trying to use the native functions of the Windows API, but my conclusion is that something is seriously wrong with the functions' behavior, or their documentation.) I was wondering if anybody here experienced with such requirement, and could give me few hints, references, guidance... where to begin? (I've found www.ntfs.com, seems to have NTFS structure information, but I'm afraid I'll need something more to get started...) My intention is to use it under Windows XP. Thanks in advanced, Doori Bar

Read the article
fast on-demand c++ compilation [closed]

- by Amit Prakash

I'm looking at the possibility of building a system where when a query hits the server, we turn the query into c++ code, compile it as shared object and the run the code. The time for compilation itself needs to be small for it to be worthwhile. My code can generate the corresponding c++ code but if I have to write it out on disk and then invoke gcc to get a .so file and then run it, it does not seem to be worth it. Are there ways in which I can get a small snippet of code to compile and be ready as a share object fast (can have a significant start up time before the queries arrive). If such a tool has a permissive license thats a further plus. Edit: I have a very restrictive query language that the users can use so the security threat is not relevant. My own code translates the query into c++ code. The answer mentioning clang is perfect.

Read the article
CryptGenRandom to generate asp.net session id

- by DoDo

Hi! does anyone have working example of CryptGenrRandom class to generate session id (need to use in my iis module). HCRYPTPROV hCryptProv; BYTE pbData[16]; if(CryptAcquireContext( &hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { if(CryptGenRandom(hCryptProv, 8, pbData)) { std::string s(( const char *) pbData); printf(s.c_str()); } else { MyHandleError("Error during CryptGenRandom."); } } else { MyHandleError("Error during CryptAcquireContext!\n"); } i tried this code but, its not working quite well (i get it from msdn) and this example don't work for me ( http://www.codeproject.com/KB/security/plaintextsessionkey.aspx ) so if anyone know how to generate sessionid using this class plz let me know tnx anyway!

Read the article
yum update fails

- by user1670818

i have RHEL 6.3 [root@RHEL6 yum.repos.d]# uname -a Linux RHEL6.3-64-BuildMac 2.6.32-279.el6.x86_64 #1 SMP Wed Jun 13 18:24:36 EDT 2012 x86_64 x86_64 x86_64 GNU/Linux My /etc/yum.conf looks like [main] cachedir=/var/cache/yum/$basearch/$releasever keepcache=0 debuglevel=2 logfile=/var/log/yum.log exactarch=1 obsoletes=1 gpgcheck=1 plugins=1 installonly_limit=3 reposdir=/etc/yum.repos.d/rhel.repo The contents of my /etc.yum.repo.d/rhel.repo looks like [rhelrepo] name=my rhel repo baseurl=http://mirror.centos.org/centos/6.3/os/x86_64/ #gpgkey=http://mirror.centos.org/centos/6.3/os/x86_64/RPM-GPG-KEY-CentOS-6 enabled=1 gpgcheck=0 But my yum update fails with the following error [root@RHEL6 yum.repos.d]# yum update Loaded plugins: product-id, security, subscription-manager Updating certificate-based repositories. Unable to read consumer identity Setting up Update Process No Packages marked for Update please could somebody help

Read the article
How can I know if a file has been changed in .NET C#?

- by Anthony D

I have an application that requires a secure way to store its configuration. There are users that can change the configuration. I need some sort of signature scheme where I can verify that the config file has not changed with out a valid user. I had thought about using RSA, where the private key is encrypted with the users password, and the public key is used to sign the config. However there is nothing to prevent someone from changing the user file and adding their own public key, thus circumventing my security. Any ideas?

Read the article
PHP require/include only works once in script then fails

- by Colin

Hi everybody, this isn't a problem as such but it's bugging me and I would appreciate any help. It might be totally obvious but I can't see it. $root_path = $_SERVER['DOCUMENT_ROOT'] require($root_path .'template/header.php') require($root_path .'template/footer.php') The script will include one or the other but not both. It will run and include the header but not the footer, if I swap them round it will load the footer first but not the header. I've tried using include instead of require but get the same result. It gives the error allow_url_include = 0. I know turning this on will solve it but my question is why is it happening? Why will it include one file but not the other? Is there any way to get them to both run without turning allow_url_include on (I'm trying to be security conscious). I have PHP 5.3 and am running WAMP. Thanks in advance for your help!

Read the article
How do I gain permissions to a Sql Compact Database?

- by Quenton Jones

I have an Sql Compact Database v3.5 that I'm bundling with my application. When the application is installed, the database is copied into the application's Program Files directory. Because of Vista and Win7's security settings, the installed application can't access the database file. It is merely a problem of having the database file reside in the Program Files. The solution I have thought of is to copy the file into Program Data, but does anyone have another solution? I am sure others have come across a similar problem. Thanks in advance for your input.

Read the article
How long until programming becomes a professionally certified (and respected as such) skill such as

- by Michael Campbell

Given Toyota's recent issues and the ENORMOUS amount of safety that is being relegated to computers, how long do you think it will be before programming, or perhaps programming certain things (embedded transportation software, (air) traffic control, electrical grid, hospital equipment, nuclear plant security, planes, etc.) becomes regulated? And/or, how long before there will be certain regulated certifications before you can call yourself a "software developer", like Architects and Engineers have now? (NB: I'm from the US, so I don't know how it works in other countries; please forgive my ignornace.)

Read the article
Execute VBA Macro via C# Interop?

- by Jon Artus

Hi all, just wondering if anyone could suggest why I might be getting an error? I'm currently trying to execute a macro in a workbook by calling the Application.Run method that the interop exposes. It's currently throwing the following COM Exception: {System.Runtime.InteropServices.COMException (0x800A03EC): Cannot run the macro Macro1'. The macro may not be available in this workbook or all macros may be disabled. I've put the containing workbook in a trusted location, set all of the security settings to their minimum values, and trusted programmatic access to my object model. I'm entirely out of ideas and Google's failed me so far! Has anyone done this, or can you suggest anything which I could try? Many thanks!

Read the article
server.sh gives me following error Exception"main" java.lang.NoClassDefFoundError:

- by NickNaik

i am trying to start the "Program D" from the terminal, command in terminal "sh server.sh" gives me following error Starting Alicebot Program D. Exception in thread "main" java.lang.NoClassDefFoundError: org/alicebot/server/net/AliceServer Caused by: java.lang.ClassNotFoundException: org.alicebot.server.net.AliceServer at java.net.URLClassLoader$1.run(URLClassLoader.java:202) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:247) My Server.sh file ALICE_HOME=.SERVLET_LIB=lib/servlet.jar ALICE_LIB=lib/aliceserver.jar JS_LIB=lib/js.jar # Set SQL_LIB to the location of your database driver. SQL_LIB=lib/mysql_comp.jar # These are for Jetty; you will want to change these if you are using a different http server. HTTP_SERVER_LIBS=lib/org.mortbay.jetty.jar:lib/javax.xml.jaxp.jar:lib/org.apache.crimson.jar PROGRAMD_CLASSPATH=$SERVLET_LIB:$ALICE_LIB:$JS_LIB:$SQL_LIB:$HTTP_SERVER_LIBS java -classpath $PROGRAMD_CLASSPATH -Xms64m -Xmx64m org.alicebot.server.net.AliceServer $1

Read the article
How to protect against GHC7 compiled programs taking all memory?

- by Petr Pudlák

When playing with various algorithms in Haskell it often happens to me that I create a program with a memory leak, as it often happens with lazy evaluation. The program taking all the memory isn't really fun, I often have difficulty killing it if I realize it too late. When using GHC6 I simply had export GHCRTS='-M384m' in my .bashrc. But in GHC7 they added a security measure that unless a program is compiled with -rtsopts, it simply fails when it is given any RTS option either on a command line argument or in GHCRTS. Unfortunately, almost no Haskell programs are compiled with this flag, so setting this variable makes everything to fail (as I discovered in After upgrading to GHC7, all programs suddenly fail saying "Most RTS options are disabled. Link with -rtsopts to enable them."). Any ideas how to make any use of GHCRTS with GHC7, or another convenient way how to prevent my programs taking all memory?

Read the article
NoSQL for concurrent reads/writes

- by Mickael Marrache

After getting some performance issues for an application using a MySQL database, I'm thinking of using NoSQL solutions. My architecture is as follows: One application receives messages from the network at a high throughput (i.e. 50000 messages/sec). Each message is stored in the DB, so it's important for the write rate to be as fast as the arrival rate. Then, I also have some PHP pages that accesses the DB to get the data stored by the other application. It's important for me that the retrieved data is as relevant as possible (i.e. not old data, let's say not more than 5 seconds old). Also, the data is not critical, so I don't need any security mechanism to avoid losing the data. I see there are a lot of NoSQL solutions, but I don't know if they are all relevant. Could you please provide me some directions. Thanks

Read the article
NHibernate Criteria Transform Result

- by isuruceanu

Hi I have an SecurityGroup entity witch has Memebers and Application properties. Application is a lookup. So securityGroups is in many-to-many relationship with User table and one-to-many with LookupApplciation (FK) Now I want to select all application linked to a specific user. I have follow criteria: public IList<LookupApplication> GetApplicationByUser(User user) { return this.Session.CreateCriteria(typeof(SecurityGroup), "sg") .CreateAlias("Members", "u") .CreateAlias("Application", "al") .Add(Restrictions.Eq("u.Id", user.Id)) .List<LookupApplication>(); } It trows an exception The value "Edi.Advance.Core.Model.Security.SecurityGroup" is not of type "Edi.Advance.Core.Model.Lookups.LookupApplication" and cannot be used in this generic collection. Parameter name: value and it is right. How can I transform the result to IList<LookupApplication>? Thanks

Read the article
Data Warehouse: One Database or many?

- by drrollins

At my new company, they keep all data associated with the data warehouse, including import, staging, audit, dimension and fact tables, together in the same physical database. I've been a database developer for a number of years now and this consolidation of function and form seems counter to everything I know. It seems to make security, backup/restore and performance management issues more manually intensive. Is this something that is done in the industry? Are there substantial reasons for doing or not doing it? The platform is Netezza. The size is in terabytes, hundreds of millions of rows. What I'm looking to get from answers to this question is a solid understanding of how right or wrong this path is. From your experience, what are the issues I should be focused on arguing if this is a path that will cause trouble for us down the road. If it is no big deal, then I'd like to know that as well.

Read the article
why can't I call .update on a MessageDigest instance

- by Arthur Ulfeldt

when i run this from the repl: (def md (MessageDigest/getInstance "SHA-1")) (. md update (into-array [(byte 1) (byte 2) (byte 3)])) I get: No matching method found: update for class java.security.MessageDigest$Delegate the Java 6 docs for MessageDigest show: update(byte[] input) Updates the digest using the specified array of bytes. and the class of (class (into-array [(byte 1) (byte 2) (byte 3)])) is [Ljava.lang.Byte; Am I missing something in the definition of update? Not creating the class I think I am? Not passing it the type I think I am?

Read the article
What are the main reasons against the Windows Registry?

- by dbemerlin

If i want to develop a registry-like System for Linux, which Windows Registry design failures should i avoid? Which features would be absolutely necessary? What are the main concerns (security, ease-of-configuration, ...)? I think the Windows Registry was not a bad idea, just the implementation didn't fullfill the promises. A common place for configurations including for example apache config, database config or mail server config wouldn't be a bad idea and might improve maintainability, especially if it has options for (protected) remote access. I once worked on a kernel based solution but stopped because others said that registries are useless (because the windows registry is)... what do you think?

Read the article
how do you get the response back into the instance of the object?

- by randomdev

If you've written a class in JavaScript that calls a remote service's API, and that remote API offers a callback, how do you get the response back into the instance of the object that made the request? I'll try to give you a very basic example FOO for making cross domain calls to BAR service which offers a callback. Please ignore the usual security concerns, (I own both servers). function FOO() { this.response = null; this.execute = function(url) { var script = document.createElement('script'); script.src = url; document.getElementsByTagName('head')[0].appendChild(script); } this.catch = function(response) { this.response = response; } } var sample = new FOO(); sample.execute('http://barservices.com/sample/?callback={ plshelphere: this.catch}'); I have a way to make this work, but I'm curious if there is an "accepted approach" here. Anyone have thoughts for me?

Read the article
Microsoft AntiXSS in Medium Trust :Error

- by aramugam

I want to include Microsoft AntiXss V1.5 library on my live site running in a medium trust setting.However, I got an error something like: Required permissions cannot be acquired. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Security.Policy.PolicyException: Required permissions cannot be acquired. I tried this in full trust setting on my development machine and everything works good.Looks like this will run only in full trust configuration......Does anybody knows a solution or workaround for this?

Read the article
Care to be taken when serving static content (JS, CSS, Media) from different domain?

- by Aahan Krish

Let me try to explain by example. Say website is hosted at example.com (NOT www.example.com). In order to serve static content cookie-free, I've chosen to use a different domain example-static.com. Now, lets consider that my static content is currently served like this: http://example.com/js/script.js http://example.com/css/style.css http://example.com/media/image.jpg ** Now I create a CNAME record aliasing example-static.com to my main domain i.e. example.com so that the static content is served as such: http://example-static.com/js/script.js http://example-static.com/css/style.css http://example-static.com/media/image.jpg ** Is that all I have to do? Will all browsers execute JavaScript files and load web fonts without any security concerns? OR should I be using some .htaccess rules to modify header information and the like? PS: It would be great if you can provide what rules should be added, if need be.

Read the article
Should I use "id" or "unique username"?

- by roa3

I am using PHP, AS3 and mysql. I have a website. A flash(as3) website. The flash website store the members' information in mysql database through php. In "members" table, i have "id" as the primary key and "username" as a unique field. Now my situation is: When flash want to display a member's profile. My questions: Should Flash pass the member "ID" or "username" to php to process the mysql query? Is there any different passing the "id" or "username"? Which one is more secure? Which one you recommend? I would like to optimize my website in terms of security and performance.

Read the article
How to escape/strip special characters in the LaTeX document?

- by Igor

We implemented the online service where it is possible to generate PDF with predefined structure. User can choose a LaTeX template and then compile it with an appropriate inputs. The question we worry about is the security, that the malicious user was not able to gain shell access through the injection of special instruction into latex document. We need some workaround for this or at least a list of special characters that we should strip from the input data. Preferred language would be PHP, but any suggestions, constructions and links are very welcomed. PS. in few word we're looking form mysql_real_escape_string for LaTeX

Read the article

< Previous Page | 409 410 411 412 413 414 415 416 417 418 419 420 | Next Page >