Das eez kaput! Sometime around 2002 I spaced the entire database table that mapped individual entries to categories. Such is life. What follows is a random sampling of entries that were associated with the category. Over time, the entries will be updated and then it will be even more confusing. Wander around, though, it's still a fun way to find stuff.
provide difficulties for readers to understand the information itself. Eh?
In its most literal sense, this means that the computer will draw me a map of every nation or street mentioned in this work ... and those of anyone else who wants to wade in, I'll be able to create maps like those of Moretti's automatically, showing the context of my own thoughts, my own ontologies connected with others, both present and historical, and they'll be able to do the same.
It would be curious to see what happened if you could ping, say,
the del.icio.us API
and return a list of
tags
for a given
URL
.
You can enable taint mode explicitly with the
-Tcommand-line switch. You should do this for daemons, servers, and any programs that run on behalf of someone else, such as CGI scripts. Programs that can be run remotely or anoymously by anyone on the Net are executing in the most hostile of environments. You should not be afraid to sayNo!occasionally. Contrary to popular belief, you can exercise a great deal of prudence without dehydrating into a wrinkled prude.On the more security-conscious sites, running all CGI scripts under the
-Tflag isn't just a good idea: it's the law. We're not claiming that running in taint mode is sufficient to make your script secure. It's not, and it would take a whole book just to mention everything that would. But if you aren't executing your CGI scripts under taint mode, you've needlessly abandoned the strongest protection Perl can give you.
Prompted by all the talk about using Movable Type as an open relay for spammers, I decided to poke at the actual code and see what was going on.
There really isn't anywhere that Movable Type should be disabling taint mode but if I had to list things in order of importance, the mt-send-entry.cgi script would be near the top.
The script is potentially handing off to the sendmail program whose entire existence has been marked by security exploits. There is nothing to suggest that more won't be found in the future. Relying on sendmail to test for Potential Badness being passed by a ne'er do well via the Internet is wishful thinking, at best, and just plain crazy, at worst.
In fairness, the Movable Type mail widget tries to load
Mail::Sendmail
which does some basic sanity checking and, drumroll, untainting on the stuff you pass it. On the other hand it is not part of the core libraries shipped with Perl, nor is it in Movable Type's extlib directory which is a mystery since two thirds of it's dependencies are part of
CORE
and the other third has no non-standard requirements itself.
Untainting email addresses can be brain-crushingly difficult and inaccurate and the last thing you want to do when you're selling a computer widget for non-techincal people is start spewing errors where there are none. But not only did the Movable Type kids disable the
-T
flag on the mt-send-entry.cgi script they don't appear to have ever done
any
kind of untainting on the
to
and
from
parameters. Hello? Is anyone home?
I find this especially discouraging because one of the first things I did when Movable Type was released was send Ben code to at least try and untaint email addresses .
Subject: [google] I'm not sure I understand what you're after...
From: Aaron Straup Cope
To: Derek Powazek
Date: Wed, 19 Nov 2003 13:29:32 -0500
...exactly. But in an MT setup, you could just use mod_rewrite and a
10-20 line Perl script :
# Stick this in a .htaccess file at the root
# of your website. Obviously, the USER_AGENT
# condition(s) would need to be adjusted
# accordingly
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/yer/mt-comments.cgi
RewriteCond %{USER_AGENT} GoogleBot
RewriteRule * - [forbidden]
# Or alternately, if you want to let
# Google archive the comments
RewriteRule ^/yer/mt-comments?id=(\d+) \
/mt-linkstripper.cgi?id=$1 [redirect]
I can't remember whether the comments are rendered as static files.
If they are then could also set up a 'special' template that loads
a plugin to do the same thing that the as-yet unwritten
"mt-linkstripper.cgi" does. At which point, the RewriteRule just
points to the new file (which makes your web server happier.)
see also:
The safesh utility automatically creates one DSA key (called an identity) for each host you connect to, and stores this in a separate agent for each host. It is also capable of adding keys for other hosts to this agent, so you can use it for restricted forwarding of authentication. Because each host uses its own ssh-agent(1), the hosts you forward authentication to can only get at the authentication for the hosts you specifically say it should be able to get at.
The Crimes of War Project is a collaboration of journalists, lawyers and scholars dedicated to raising public awareness of the laws of war and their application to situations of conflict. Our goal is to promote understanding of international humanitarian law among journalists, policymakers, and the general public, in the belief that a wider knowledge of the legal framework governing armed conflict will lead to greater pressure to prevent breaches of the law, and to punish those who commit them.
Mouth area where words come out.
ex. Shut your word-hole.
I have posted an XSL stylesheet for, more or less, converting XHTML 1.1 to the Atom syndication format.
I did this because as much I find the whole Atom thing extraordinarily tiresome I find all the hand-wringing from the RSS weenies even sillier. And given a chance to piss everyone off, I often jump.
I post this only as a . I have zero interest in maintaining this for anyone but myself. If you want to use it as fodder for a general purpose library, please be my guest.
I haven't bothered to remove private function calls and there is no documentation. However, there are comments enough for anyone with an understanding of XSLT to follow.
Update: this post generated much more interest than I anticipated so, for the curious, some background which has absolutely nothing to do with Atom (except maybe that Atom's content model maps better to my way of doing things than any of the various RSS efforts) :
The XHTML in question uses my which I wrote as a way to store all the data for a post in a static file. All the data but no form; foofy design stuff is added after the fact using, in my case, XSL . There are reasons why I didn't choose another, perhaps more expressive, XML application which will become clear below. I still use a database because it's faster for generating things like indexes but it is not considered authoritative. That is, the database from the flat files and not vice versa.
(It also lets me fob off the versioning on CVS and worry about other things.)
The single capital-R rule I've learned farting around with increasingly complex ways of generating this site is : the only thing you can count on is the web server being able to send plain vanilla HTML files — everything else will break. The only question you have ask yourself is how much pain will it cause and how much time you want to devote to fixing the problem.
Storing everything as XHTML and wasting a couple extra computrons on XML and XPath munging may not be pretty but when everything else fails at least the content is just there .
Meanwhile, this is sound of me adding a [meta] category to list all the damn acronyms used in any given post...