Search Results

Search found 18808 results on 753 pages for 'security updates'.

Page 531/753 | < Previous Page | 527 528 529 530 531 532 533 534 535 536 537 538 | Next Page >

Effective file permissions tool's api in windows

- by apoorv020

Starting from Windows Server 2003, Windows included a new tool which calculates the effective permissions for a user (basically it resolves all groups access and takes care of all "deny" permissions as well). An example in point is that a user A belongs to groups B and C. B has been denied read permissions on a file F, while C has been allowed read and write permissions on the file and I want to calculate the effective permissions user A has on file F. This tool is available on Windows Server 2003,Vista,7 and Server 2008 by right clicking on a file and going to properties - security - advanced - effective permissions. What I need is an API in C# which does the same job. The most common FILE API returns access rules (class FileAccessRules), but there seems to be no direct way to calculate effective permissions from these set of access rules. Note: I do not want to process effective permissions in the code if at all possible, but am ready to do so as a last resort.

Read the article
Caching videos but of 0 Size

- by Ahsan

Hi everyone, i have recently install cachevideos on linux with squid, its working but when it caches the video the video is just of 0 bytes in size, in the videocache.log file something like this appears 2011-02-08 19:46:37,235 INFO 192.168.1.5 - REQUEST - http://www.youtube.com/get_video?tmi=1&noflv=1&video_id=HfgZnBaHbt8&t=vjVQa1PpcFN0gQqMeI0xmahi0fFgDO5n59r4VrXgQmM=&el=detailpage&asv=3&fmt=34 2011-02-08 19:46:38,529 INFO 192.168.1.5 HfgZnBaHbt8 DOWNLOAD YOUTUBE 0 Video was downloaded and cached. on my localhost/videocache/youtube , i can see the file but its of 0 bytes and when i access the file from browser , in the videocache directory it tells me that video has been served from cache, but how come i can be assure that a 0 byte video is cached! Whats the problem please help me i am atlost!! the help at cachevideo.com is not working because their security captcha cant be displayed and thus i am unable to contact anywhere!! Please help me out!!

Read the article
Permission denial to read from emailprovider in android

- by Ambika

Hello Everyone, I've the problem when I want to read "com.android.email.provider" to get email accounts. Here is my code to retrieve the account : Cursor c = null; Uri CONTENT_URI = Uri.parse("content://com.android.email.provider/account"); String RECORD_ID = "_id"; String[] ID_PROJECTION = new String[] {RECORD_ID }; c = getContentResolver().query(CONTENT_URI,ID_PROJECTION,null, null, null); I get a security exception: java.lang.SecurityException: Permission Denial: reading com.android.email.provider.EmailProvider uri content://com.android.email.provider/account from pid=278, uid=10003 requires com.android.email.permission.ACCESS_PROVIDER I want to know the account is created or not in some other app. Is there any other way to resolve this so that I can read from the provider. I have also tried by adding the permission in manifest: That dint not help. Any solution would be greatly appreciated. Thanks in advance

Read the article
How to mark posts as edited?

- by user156814

I would like to have questions marked as "Edited", but I dont know what the best way to do this would be. Users post a question, people answer/comment on the question, and if necessary the user edits/updates the question (just like SO). I would like to note that the user edited the question, but I'm not sure of the best way to do this. I was going to add a last_edited column in the table (because thats all thats really important to me), but I'm not sure if I should just split the edit times (and whatever else) into another table and record everytime the question gets edited.

Read the article
How to execute with /bin/false shell

- by Amar

I am trying to setup per-user fastcgi scripts that will run each on a different port and with a different user. Here is example of my script: #!/bin/bash BIND=127.0.0.1:9001 USER=user PHP_FCGI_CHILDREN=2 PHP_FCGI_MAX_REQUESTS=10000 etc... However, if I add user with /bin/false (which I want, since this is about to be something like shared hosting and I don't want users to have shell access), the script is run under 1001, 1002 'user' which, as my Google searches showed, might be a security hole. My question is: Is it possible to allow user(s) to execute shell scripts but disable them so they cannot log in via SSH?

Read the article
Are Cross Domain Flash Local Shared Objects (LSO aka Flash Cookie) possible

- by user85155

Hi, I found several solutions for creating Flash LSOs from JavaScript (for example: http://www.nuff-respec.com/technology/cross-browser-cookies-with-flash ) If Page (www.hostA.com/index.html) and the .swf file are from the same site, everything works fine. No I'm trying to load the page form www.hostA.com/index.html, which includes www.hostB.com/flashcookie.swf (different sites). But then I cannot read or store the LSO. I have tried several configurations (crossdomain.xml, Security.allowDomain("...") ), but nothing works. Is this kind of cross domain access to a LSO possible? Thanks -stephan

Read the article
How to calculate bandwidth consumption for a Hosting Account using C# in ASP.Net Application?

- by Steve Johnson

HI all, I am working on SaaS Hosting Software. a large number of sites are hosted on the server. I am trying to calculate bandwidth consumption, (bytes transferred in and out) using C#, described Here using the MS Log Parser. In the above case, if the log files are deleted by the user or any administrator even, the bandwidth calculation will not be possible. Q1: *What is the standard way to measure the Bandwidth for various Hosting accounts (of websites) on a single server?* Q2: *If Log parser mechanism (as described above) is used, then how to take care of the security issue? Is there some system directory or event viewer logs or something which cannot be deleted except by the System account and contains bandwidth data?* Please point me in the right direction. Thanks

Read the article
Adobe Flash player Secuirty Pop-Up question

- by kapildalwani

I am building a Audio Recording tool using Flash and Wowza. I dont want to start the recording until the use clicks the Allow Button is the Security Pop-up question represented here http://www.macromedia.com/support/documentation/en/flashplayer/help/help05.html In Audio I dont get this until I attach the stream to it. In Video can get thsi question when I attach the camera to Video. I want to avoid making a connection until the user clicks Accept and this doesn't happen until I make the connection request in Audio. I am able to display the http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html pop-up using SecurityManager Is there a way I can call the pop-up from my code. http://www.macromedia.com/support/documentation/en/flashplayer/help/help05.html

Read the article
How can I programmatically obtain the company info used to digitally sign an assembly in .NET?

- by chaiguy

As a means of simple security, I was previously checking the digital signature of a downloaded update package for my program against its public key to ensure that it originated from me. However, as I'm using cheap code signing certs (Tucows), I am unable to renew an existing cert and therefore the keys change every time I need to renew. Therefore, a more reliable means would be to verify the organization information embedded in the signed assembly (which is displayed in the UAC dialog) against my well-known organization string, as this will continue to be the same. Does anyone know how to obtain this information from a digitally-signed assembly?

Read the article
access denied trying extracting an archive on the windows user temp folder

- by Hanan

I'm trying to run a command-line process (which is extraction of a .7z archive) on a file that lies in a temporary folder on the windows user temp directory (C:\Documents and Settings\User\Local Settings\Temp), using Process in my c# app. I think the process return error that happens because of "access denied" because I can see a win32Exception with error code 5 when I dig in the prcoess object of .NET. doing the same on some other location worked fine before, so I guess maybe it's something I'm not supposed to do ? (running a process to use a file on the the %TEMP%) perhaps I need to pass security somehow?

Read the article
Creating a Stack Overflow notifier

- by Trey

I could not find a Stack Overflow notifier Android app so I am planning on making one. I hope that my app will serve a similar purpose as the Stack Overflow Notifier Chrome extension. This will be my first Android app so I am still unfamiliar with the platform. My main concern when creating this app is, what is the proper way to access the user's Recent Activity page? I thought of two different approaches but I'm not sure how to implement either one: Make the user login to Stack Overflow through the Browser application or an embedded browser and scrape their recent activity page occasionally for updates. Ask the user for their username and password and forward this information to Stack Overflow for authentication, storing cookies somehow to keep the session active. I think Astrid uses something similar to the first approach, but I haven't been able to figure it out yet from skimming their code. What is the correct way to handle a notification application like this that requires session management?

Read the article
WCF via Windows Service - Authinticating Clients

- by Sean

I am a WCF / Security Newb. I have created a WCF service which is hosted via a windows service. The WCF service grabs data from a 3rd party data source that is secured via windows authentication. I need to either: Pass the client's priveleges through the windows service, through the WCF service and into the 3rd party data source, or... Limit who can call the windows service / wcf service to members of a particular AD group. Any suggestions on how I can do either of these tasks?

Read the article
Visual Studio Performance when editing XAML/Silverlight files

- by driAn

When I work on Silverlight projects within Visual Studio 2008, I regularly notice that the XAML editor hangs for up to 10 seconds. This because Visual Studio consumes 100% CPU during that timeframe. Any ideas how I could fix that? I assume this is some kind of background compiling for itellisense or something similiar. It happens during editing, multiple times an hour, without me doing any special actions. System: Server 2008 Std Visual Studio 2008 SP1 latest updates... I wonder if anyone else experienced this issue. Any help would be appreciated.

Read the article
How to Implement Loose Coupling with a SOA Architecture

- by Brian

I've been doing a lot of research lately about SOA and ESB's etc. I'm working on redesigning some legacy systems at work now and would like to build it with more of a SOA architecture than it currently has. We use these services in about 5 of our websites and one of the biggest problems we have right now with our legacy system is that almost all the time when we make bug fixes or updates we need to re-deploy our 5 websites which can be a quite time consuming process. My goal is to make the interfaces between services loosely coupled so that changes can be made without having to re-deploy all the dependent services and websites. I need the ability to extend an already existing service interface without breaking or updating any of its dependencies. Have any of you encountered this problem before? How did you solve it?

Read the article
Jquery.form plugin and jquery.validation and it's submitHandler not working correctly... please help

- by Matthew

Hello guys, I was hoping someone can shed some light on what might be occurring on my page. Okay what I currently have on my page is a simple form that collects first name, last name, city, state and email. Once submitted it will hit a PHP page that updates our DB and echo's back to the designted div with a class of .response. I am using jquery.validation and placing that dynamic function within the submitHandler like so: submitHandler: function(form) { $(form).ajaxSubmit({ target: '.response', // target element(s) to be updated with server response resetForm: true, success: function() { $('#commentform').hide(); $('.response').show(); } }); So what I am getting is a div that is not being populated with the echo from my php file in FF and in IE I am getting the message of thank you but the page is taking me to the update.php script in which I have the form action pointing to. I am not sure what I am missing... Thanks, Matt

Read the article
PHP Session when using desktop app

- by Jonathan

In this question I asked how to POST to a php file form a vb.net app: http://stackoverflow.com/questions/2615335/post-to-webpage-in-vb-net-win-forms-desktop-not-asp-net So now I've logged in the user user by posting their username and password to the php file, the php file then does security/checks they exist/etc and if both username and password are correct is stores the user ID in a session variable. Now if the vb.net app tries to download data off a page which needs the user to logged in, it checks this by doing: if (!isset($_SESSION['uid'])) { header("Location: index.php"); } However after having logged correctly in the app the session variable is not set. How does session work with a vb.net app like this? When the user logs in successfully should I download the user id and keep it in the vb.net app and then post it to each page that requires authentication?

Read the article
Restful authentication between two GAE apps.

- by user259349

Hello everyone, i am trying to write a restful google app engine application (python) that accepts requests only from another GAE that i wrote. I dont like any of the ways that i thought of to get this done, please advice if you know of something better than: Get SSL setup, and simply add the credentials on the request that my consuming app will send. I dont like it cause SSL will slow things down. Security by obsecurity. Add a random number in my request that is in Xmod0, where X is a secret number that both applications know. I just,,,, dont like this. Check the HTTP header to see where is the request coming from. This option is the one that i hate the least, not alot of processing, and spoofing an HTTP request is not really worth it, for my application's data. Is there any other clean solution for this?

Read the article
2 way synchronization of in-house gitosis repositories server with Github repositories

- by Robert J Berger

We use gitosis as our local in-house shared repository and also have a private Github account that mirrors our local repository. If one does a git push to the in-house repository the post-update hook updates the Github repository. How can I make this two way without causing "loops"? I.e. if someone pushes to the Github repository, I would like it to also update the in-house gitosis repository. A pointer to an example of how to do it would be greatly appreciated. Or if there are recommendations of alternatives to gitosis that would make this kind of thing easy, I would consider migrating to that.

Read the article
Javascript Bookmarklet fails in IE8

- by songdogtech

Anyone want to take a stab at why this bookmarklet fails in IE8? It turns all text uppercase in Friefox and Safari. But in IE8, it simply stalls with "loading..." I've enabled scriplets and the security settings in IE8. Update 3/13/10: I've discovered that IE limits the data length of Favorites, so I need to find a work around to prevent IE from truncating the bookmarklet. javascript: (function(){ var i,t,D=document; for(i=0;t=D.getElementsByTagName('textarea')[i];++i) t.value=t.value.toUpperCase(); var newSS,styles='*{text-transform:uppercase}input,textarea{text-transform:none}'; if(D.createStyleSheet){ D.createStyleSheet("javascript:'"+styles+"'"); } else{ newSS=D.createElement('link'); newSS.rel='stylesheet'; newSS.href='data:text/css,'+escape(styles); D.documentElement.childNodes[0].appendChild(newSS); } } )()

Read the article
good documentation about "avoid catching throwable", in context of weblogic server

- by Marcel

hi all, i am currently refactoring an existing codebase (EJBs...) to rip out all blocks where a Throwable is catched inside of the EJB. try { ... do some business logic } catch(Throwable t){ ... log and swallow ... :-( } i want/need to convince the people around me with proper documentation that "catching throwable" is a no-go for an EJB (we have lots of discussions around this :-(( ). weblogic will handle all the "Error" conditions and maybe invalidate EJBs and put fresh(working) EJBs into the pool. catching Throwable would undermine all these security nets provided by weblogic. and catching throwable is bad practice anyway (but people here are reluctant and use the "throwable" hammer everywhere). is anyone able to point me to some online docs where this behaviour is explained (for weblogic or jboss or...). i searched via google and had a look at the weblogic docs but wasn't able to find anything, just generic java doc. any help highly appreciated cheers marcel

Read the article
jQuery and Canvas.toDataURL

- by Jeff

I'm working on a script, and a small part of that involves taking a canvas and converting it to a downloadable image. To do this, I do: var thumb_jpeg = thumbnail.toDataURL("image/jpeg"); $("#" + options.dest).attr('src',thumb_jpeg); ...where thumbnail is a canvas tag and options.dest is the name of an img id. This code works perfectly in Chrome, but when I try it in Firefox, Firebug throws up this error: Security error" code: "1000 var thumb_jpeg = thumbnail.toDataURL("image/jpeg"); I would link to the whole script, but everything is hosted on my computer. Does anyone have any idea what this might mean? Thanks! Jeff

Read the article
Who is a web developer? What does he do

- by Sinan

I am wrting an article on web developers. It seems to me there are some problems on the definition of "what is a web developer". It looks like a web developer title is a bit misunderstood. And people with this title doesnt get the recognition they deserve. While most people at IT have some well defined job defitinitions. A web developer requires multiple skills. Like knowing a programming language, web security, etc. I was wondering what do you think about this issue? What skills does a web developer need? Where does his responsibilities start and end? etc.

Read the article
Global.asax PostAuthenticateRequest binding

- by Tux

How can I use the PostAuthenticateRequest event of Global.asax? I'm following this tutorial and it mentions that to use the PostAuthenticateRequest. When I added the Global.asax event it created two files, the markup and the code-behind file. Here is the content of the code-behind file using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Security; using System.Web.SessionState; namespace authentication { public class Global : System.Web.HttpApplication { protected void Application_Start(object sender, EventArgs e) { } protected void Session_Start(object sender, EventArgs e) { } protected void Application_BeginRequest(object sender, EventArgs e) { } protected void Application_AuthenticateRequest(object sender, EventArgs e) { } protected void Application_Error(object sender, EventArgs e) { } protected void Session_End(object sender, EventArgs e) { } protected void Application_End(object sender, EventArgs e) { } } } Now when I type the protected void Application_OnPostAuthenticateRequest(object sender, EventArgs e) It is successfully called. Now I want to know how is the PostAuthenticateRequest binded to this Application_OnPostAuthenticateRequest method?

Read the article
Use a web service with https and client certificate on WindowsForm

- by Xstahef

Hi, I need to connect to a provider's web service. He give me a certificate to access it but I have a security problem. I have done these following steps : Add certificate to personal store (on IE & Firefox) Generate a proxy with the remote wsdl (no problem) Use this code to call a method : `using (service1.MessagesService m = new service1.MessagesService()) { X509Certificate crt = new X509Certificate(@"C:\OpenSSL\bin\thecert.p12",string.Empty); m.ClientCertificates.Add(crt); var result = m.AuthoriseTransaction(aut); this.textBox1.AppendText(result.id.ToString()); }` I have the following error : The underlying connection was closed: Could not establish trust relationship for the channel SSL / TLS. Thanks for your help

Read the article
Running your own GAE server

- by h2g2java

The question http://stackoverflow.com/questions/2505265/how-difficult-is-it-to-migrate-away-from-google-app-engine triggered me to think about this issue again. I have read of someone running, production-wise, Google app engine development version on their own server. My questions are: Are there any security issues running GAE development on your own server in production mode and exposing it to the www? If so how to mitigate them? Can GAE dev be run on Amazon? Is it possible to port my GAE apps running on Google servers to a GAE running on Amazon, without code changes, but without changing any reference in using other gdata services such as google docs, youtube, gmail, etc. How to configure GAE dev server to use my own hadoop? Or to use Amazon's hadoop?

Read the article

< Previous Page | 527 528 529 530 531 532 533 534 535 536 537 538 | Next Page >