Search Results

Search found 12541 results on 502 pages for 'secure the world'.

Page 23/502 | < Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >

  • Whew.... what a week!

    - by [email protected]
    Last week was a busy week for the UPK and Tutor teams at Oracle. It started with the the Collaborate Conference in Las Vegas and ended with our first UPK and Tutor Customer Advisory Board (CAB) meeting at Oracle HQ. The Collaborate Conference is a yearly event sponsored by three of the largest Oracle User Groups. • Oracle Applications User Group (OAUG) • Independent Oracle User Group (IOUG) • Quest - International User Group The User Groups are completely user run organizations with Oracle participation. If you've never attended a conference, time to start planning for the 2011 event in Orlando! If that's out of your reach, there are many regional and industry user groups that meet on a regular basis. They offer a great way to get involved, network with other users, and increase your knowledge around the Oracle applications. For a list of groups near you, check out the Oracle User Group Center. I'll add that the biggest meeting of Oracle users is at the Oracle Open World Conference in San Francisco in September, where we will have many UPK & Tutor focused development and customer sessions. More information on Oracle Open World will be forthcoming over the next few months. We hope to see many of you there! The CAB was a first for the UPK and Tutor team. Although we speak with customers regularly, this gave us an opportunity to meet in a more formal setting to discuss industry trends, business issues, and the direction of the products. Members serve a 2 year term and are required to attend 2 meetings per year, one in person, one via phone. We have some tweaking to do to our meeting format (most members wanted it to be longer!), but the overwhelming consensus was that it was a great success. There were many experiences and ideas shared and the wheels of the UPK and Tutor Development teams have been turning ever since. I'm sure you will see some of these discussions result in new product features over time. What a great week!

    Read the article

  • PulseAudio on Cygwin: Failed to create secure directory: Unknown error 13

    - by Nithin
    I am unable to run PulseAudio on Cygwin. Operating System: Windows 8 Pro 64 bit Cygwin Setup.exe Version: 2.831 (64 bit) PulseAudio Version: 2.1-1 When I run: pulseaudio -vv this is the output: D: [(null)] core-util.c: setpriority() worked. I: [(null)] core-util.c: Successfully gained nice level -11. I: [(null)] main.c: This is PulseAudio 2.1 D: [(null)] main.c: Compilation host: x86_64-unknown-cygwin D: [(null)] main.c: Compilation CFLAGS: -ggdb -O2 -pipe -fdebug-prefix-map=/usr/src/ports/pulseaudio/pulseaudio-2.1-1/build=/usr/src/debug/pulseaudio-2.1-1 -fdebug-prefix-map=/usr/src/ports/pulseaudio/pulseaudio-2.1-1/src/pulseaudio-2.1=/usr/src/debug/pulseaudio-2.1-1 -Wall -W -Wextra -Wno-long-long -Wvla -Wno-overlength-strings -Wunsafe-loop-optimizations -Wundef -Wformat=2 -Wlogical-op -Wsign-compare -Wformat-security -Wmissing-include-dirs -Wformat-nonliteral -Wpointer-arith -Winit-self -Wdeclaration-after-statement -Wfloat-equal -Wmissing-prototypes -Wredundant-decls -Wmissing-declarations -Wmissing-noreturn -Wshadow -Wendif-labels -Wcast-align -Wstrict-aliasing -Wwrite-strings -Wno-unused-parameter -ffast-math -Wp,-D_FORTIFY_SOURCE=2 -fno-common -fdiagnostics-show-option D: [(null)] main.c: Running on host: CYGWIN_NT-6.2 x86_64 1.7.25(0.270/5/3) 2013-08-31 20:37 D: [(null)] main.c: Found 4 CPUs. I: [(null)] main.c: Page size is 65536 bytes D: [(null)] main.c: Compiled with Valgrind support: no D: [(null)] main.c: Running in valgrind mode: no D: [(null)] main.c: Running in VM: no D: [(null)] main.c: Optimized build: yes D: [(null)] main.c: FASTPATH defined, only fast path asserts disabled. I: [(null)] main.c: Machine ID is 5d8bd07cb924c67197184e42527f2603. E: [(null)] core-util.c: Failed to create secure directory: Unknown error 13 When I instead run pulseaudio -vv --start the output is this: E: [autospawn] core-util.c: Failed to create secure directory: Unknown error 13 W: [autospawn] lock-autospawn.c: Cannot access autospawn lock. E: [(null)] main.c: Failed to acquire autospawn lock When I ran strace pulseaudio -vv, the red-colored lines in the output were: 28 1637050 [main] pulseaudio 5104 fhandler_pty_slave::write: (669): pty output_mutex(0xBC) released 26 1637076 [main] pulseaudio 5104 write: 7 = write(2, 0x3FE171079, 7) 42 1637118 [main] pulseaudio 5104 fhandler_pty_slave::write: pty0, write(0x60003BB40, 51) 27 1637145 [main] pulseaudio 5104 fhandler_pty_slave::write: (654): pty output_mutex (0xBC): waiting -1 ms 23 1637168 [main] pulseaudio 5104 fhandler_pty_slave::write: (654): pty output_mutex: acquired Failed to create secure directory: Unknown error 13 21 1637189 [main] pulseaudio 5104 fhandler_pty_slave::write: (669): pty output_mutex(0xBC) released 29 1637218 [main] pulseaudio 5104 write: 51 = write(2, 0x60003BB40, 51) 46 1637264 [main] pulseaudio 5104 fhandler_pty_slave::write: pty0, write(0x3FE17106F, 4) 24 1637288 [main] pulseaudio 5104 fhandler_pty_slave::write: (654): pty output_mutex (0xBC): waiting -1 ms 24 1637312 [main] pulseaudio 5104 fhandler_pty_slave::write: (654): pty output_mutex: acquired Please can someone help me?

    Read the article

  • Is it Secure to Grant Apachie User Ownership of Directories & Files for Wordpress

    - by Oudin
    I'm currently setting up WordPress on an Ubuntu server 12 everything runs fine but there is an issue when it comes to automatically updating and uploading media via WP as Apache "www-data" user does not have permissions to write to the directories. "user1" has full permission All my directories have permissions of 0755 and files 644 my directories setup is as follows: /home/user1/public_html All WP files and directories are in "public_html" In order to work around the auto updating and uploading media I've granted Apache user ownership to the following directories sudo chown www-data:www-data wp-content -R sudo chown www-data:www-data wp-includes -R sudo chown www-data:www-data wp-admin -R I would like to know security wise how secure this is and if it is not secure what would be the best solution? That will allow me to keep all files and directories owned by user1 and still allow wp to be able to automatically update and uploading media

    Read the article

  • How to setup Secure SemiPublic Revision Control System

    - by user24912
    I have a windows server with a project configured with a revision control system. Suppose it's GIT or SVN or .... Suppose there are 10 people around the globe working on this project. The first thing that comes in to mind is to secure the connection between these programmer and the server with SSH. but my problem is that the a hacker can destroy the server if he gets the SSH username and password user account (tell me if i'm wrong). So I need a secure way to let thoes programmers push their revision to the server. Any ideas would be lovely

    Read the article

  • Good, secure video chat program

    - by wag2639
    I'm looking for something similar to skype but basically just for me to video chat with my girlfriend. Skype has been kind of buggy lately with its recent iterations and doesn't seem to be progressing as much as when it was with its previous backers. Are there any good, secure video chat programs? Something that customizable and lets you choose framerate vs pixelation and is generally secure (I don't care if the NSA can tap it but no one else, especially over unencrypted wifi's). Open source is preferred but not required. Free or really really cheap is practically required. Also, since this is point to point, an i am a power user (and my gf as well), it can involve some manual setup to establish a point-to-point link. Any suggestions, Thanks.

    Read the article

  • How do I make webmin secure?

    - by Josiah
    I want to install webmin to make server administration tasks on my Ubuntu 10.4 server easier. However I'm very nervious about having that kind of power accessable over the web. So I want to know how to secure webmin so that it can't be used to comprimise my server. So far here are my ideas, but I still don't feel comfortable: Make webmin accessable from only the localhost (how?) Use SSH tunneling to access the webmin server whenever I need to administrate it Can anyone help me with instructions on making webmin accessable only from the localhost? What other ways can I make webmin secure?

    Read the article

  • Setup secure shared hosting (Apache, PHP, MySQL)

    - by Apaz
    So I'm setting up a shared hosting with Apache, PHP, MySQL and the biggest question mark is how to do with PHP, since there is a million options out there how to configure it securely. The plan is: Chroot for MySQL (built in support for chroot) Chroot for Apache (mod_security) Each user executing their PHP-scripts as their own user (see below) Set open_basedir Disable all "evil" php-functions (allow_url_fopen, system, exec, and so on) Ive looked at suexec and suphp but they seems very slow; http://blog.stuartherbert.com/php/2007/12/18/using-suexec-to-secure-a-shared-server/ http://blog.stuartherbert.com/php/2008/01/18/using-suphp-to-secure-a-shared-server/ So I've looked some more and found some other solutions: apache2-mpm-itk + mod_php(?) mod_fcgid + php-fpm mod_fastcgi + php-fpm Ive tried a simple setup with mod_fastcgi + php-fpm and it seems to work, runs as correct user and so on, but the protection against directory traveling is still open_basedir(?) One solution for that could be to use php-fpm's chroot option, but that causes a lot of other issues like domain name resolver does not work sending mail does not work Tips?

    Read the article

  • How secure is Microsoft 2007's encryption?

    - by ericl42
    I've read some various articles about Microsoft's encryption, and from what I gather, 2007 is secure using all default options due to it using AES, and 2000 and 2003 can be configured secure by changing the default algorithm to AES. I was wondering if anyone else has read any other articles or know of any specific vulnerabilities involved with how they implement the encryption. I would like to be able to tell users that they can use this to send semi sensitive documents as long as they use AES and a strong password. Thanks for the information.

    Read the article

  • Portable and Secure Document Repository

    - by Sivakanesh
    I'm trying to find a document manager/repository (WinXP) that can be used from a USB disk. I would like a tool that will allow you to add all documents into a single repository (or a secure file system). Ideally you would login to this portable application to add or retrieve a document and document shouldn't be accessible outside of the application. I have found an application called Benubird Pro (app is portable) that allows you to add files to a single repository, but downsides are that it is not secure and the repository is always stored on the PC and not on the USB disk. Are you able to recommend any other applications? Thanks

    Read the article

  • Is it Secure to Grant Apache User Ownership of Directories & Files for Wordpress

    - by Oudin
    I'm currently setting up WordPress on an Ubuntu server 12 everything runs fine but there is an issue when it comes to automatically updating and uploading media via WP as Apache "www-data" user does not have permissions to write to the directories. "user1" has full permission All my directories have permissions of 0755 and files 644 my directories setup is as follows: /home/user1/public_html All WP files and directories are in "public_html" In order to work around the auto updating and uploading media I've granted Apache user ownership to the following directories sudo chown www-data:www-data wp-content -R sudo chown www-data:www-data wp-includes -R sudo chown www-data:www-data wp-admin -R I would like to know security wise how secure this is and if it is not secure what would be the best solution? That will allow me to keep all files and directories owned by user1 and still allow wp to be able to automatically update and uploading media

    Read the article

  • How to specify Multiple Secure Webpages with .htaccess RewriteCond

    - by Patrick Ndille
    I have 3 pages that I want to make secure on my website using .htaccess -login.php -checkout.php -account.php I know how to make just one work page at a time using .htaccess RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} /login.php RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L] I and trying to figure out how to include the other 2 specific pages to make them also secure and used the expression below but it didn't work RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} /login.php RewriteCond %{REQUEST_URI} /checkout.php RewriteCond %{REQUEST_URI} /account.php RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L] Can someone help me the right expression that will work with multiple pages? The second part of the code is that, if https is already on and a user move to a page that Is not any of the pages i specified about, I want that it should get back to http. how should I write the statement for it to redirect back to http if its not any of the pages above? I have my statement like this but its not working RewriteCond %{HTTPS} on RewriteRule !(checkout|login|account|payment)\.php http://%{HTTP_HOST}%{REQUEST_URI} [L,R] Any thoughts?

    Read the article

  • Healthcare and Distributed Data Don't Mix

    - by [email protected]
    How many times have you heard the story?  Hard disk goes missing, USB thumb drive goes missing, laptop goes missing...Not a week goes by that we don't hear about our data going missing...  Healthcare data is a big one, but we hear about credit card data, pricing info, corporate intellectual property...  When I have spoken at Security and IT conferences part of my message is "Why do you give your users data to lose in the first place?"  I don't suggest they can't have access to it...in fact I work for the company that provides the premiere data security and desktop solutions that DO provide access.  Access isn't the issue.  'Keeping the data' is the issue.We are all human - we all make mistakes... I fault no one for having their car stolen or that they dropped a USB thumb drive. (well, except the thieves - I can certainly find some fault there)  Where I find fault is in policy (or lack thereof sometimes) that allows users to carry around private, and important, data with them.  Mr. Director of IT - It is your fault, not theirs.  Ms. CSO - Look in the mirror.It isn't like one can't find a network to access the data from.  You are on a network right now.  How many Wireless ones (wifi, mifi, cellular...) are there around you, right now?  Allowing employees to remove data from the confines of (wait for it... ) THE DATA CENTER is just plain indefensible when it isn't required.  The argument that the laptop had a password and the hard disk was encrypted is ridiculous.  An encrypted drive tells thieves that before they sell the stolen unit for $75, they should crack the encryption and ascertain what the REAL value of the laptop is... credit card info, Identity info, pricing lists, banking transactions... a veritable treasure trove of info people give away on an 'encrypted disk'.What started this latest rant on lack of data control was an article in Government Health IT that was forwarded to me by Denny Olson, an Oracle Principal Sales Consultant in Minnesota.  The full article is here, but the point was that a couple laptops went missing in a couple different cases, and.. well... no one knows where the data is, and yes - they were loaded with patient info.  What were you thinking?Obviously you can't steal data form a Sun Ray appliance... since it has no data, nor any storage to keep the data on, and Secure Global Desktop allows access from Macs, Linux and Windows client devices...  but in all cases, there is no keeping the data unless you explicitly allow for it in your policy.   Since you can get at the data securely from any network, why would you want to take personal responsibility for it?  Both Sun Rays and Secure Global Desktop are widely used in Healthcare... but clearly not widely enough.We need to do a better job of getting the message out -  Healthcare (or insert your business type here) and distributed data don't mix. Then add Hot Desking and 'follow me printing' and you have something that Clinicians (and CSOs) love.Thanks for putting up my blood pressure, Denny.

    Read the article

  • Leaks on Wikis: "Corporations...You're Next!" Oracle Desktop Virtualization Can Help.

    - by adam.hawley
    Between all the press coverage on the unauthorized release of 251,287 diplomatic documents and on previous extensive releases of classified documents on the events in Iraq and Afghanistan, one could be forgiven for thinking massive leaks are really an issue for governments, but it is not: It is an issue for corporations as well. In fact, corporations are apparently set to be the next big target for things like Wikileaks. Just the threat of such a release against one corporation recently caused the price of their stock to drop 3% after the leak organization claimed to have 5GB of information from inside the company, with the implication that it might be damaging or embarrassing information. At the moment of this blog anyway, we don't know yet if that is true or how they got the information but how did the diplomatic cable leak happen? For the diplomatic cables, according to press reports, a private in the military, with some appropriate level of security clearance (that is, he apparently had the correct level of security clearance to be accessing the information...he reportedly didn't "hack" his way through anything to get to the documents which might have raised some red flags...), is accused of accessing the material and copying it onto a writeable CD labeled "Lady Gaga" and walking out the door with it. Upload and... Done. In the same article, the accused is quoted as saying "Information should be free. It belongs in the public domain." Now think about all the confidential information in your company or non-profit... from credit card information, to phone records, to customer or donor lists, to corporate strategy documents, product cost information, etc, etc.... And then think about that last quote above from what was a very junior level person in the organization...still feeling comfortable with your ability to control all your information? So what can you do to guard against these types of breaches where there is no outsider (or even insider) intrusion to detect per se, but rather someone with malicious intent is physically walking out the door with data that they are otherwise allowed to access in their daily work? A major first step it to make it physically, logistically much harder to walk away with the information. If the user with malicious intent has no way to copy to removable or moble media (USB sticks, thumb drives, CDs, DVDs, memory cards, or even laptop disk drives) then, as a practical matter it is much more difficult to physically move the information outside the firewall. But how can you control access tightly and reliably and still keep your hundreds or even thousands of users productive in their daily job? Oracle Desktop Virtualization products can help.Oracle's comprehensive suite of desktop virtualization and access products allow your applications and, most importantly, the related data, to stay in the (highly secured) data center while still allowing secure access from just about anywhere your users need to be to be productive.  Users can securely access all the data they need to do their job, whether from work, from home, or on the road and in the field, but fully configurable policies set up centrally by privileged administrators allow you to control whether, for instance, they are allowed to print documents or use USB devices or other removable media.  Centrally set policies can also control not only whether they can download to removable devices, but also whether they can upload information (see StuxNet for why that is important...)In fact, by using Sun Ray Client desktop hardware, which does not contain any disk drives, or removable media drives, even theft of the desktop device itself would not make you vulnerable to data loss, unlike a laptop that can be stolen with hundreds of gigabytes of information on its disk drive.  And for extreme security situations, Sun Ray Clients even come standard with the ability to use fibre optic ethernet networking to each client to prevent the possibility of unauthorized monitoring of network traffic.But even without Sun Ray Client hardware, users can leverage Oracle's Secure Global Desktop software or the Oracle Virtual Desktop Client to securely access server-resident applications, desktop sessions, or full desktop virtual machines without persisting any application data on the desktop or laptop being used to access the information.  And, again, even in this context, the Oracle products allow you to control what gets uploaded, downloaded, or printed for example.Another benefit of Oracle's Desktop Virtualization and access products is the ability to rapidly and easily shut off user access centrally through administrative polices if, for example, an employee changes roles or leaves the company and should no longer have access to the information.Oracle's Desktop Virtualization suite of products can help reduce operating expense and increase user productivity, and those are good reasons alone to consider their use.  But the dynamics of today's world dictate that security is one of the top reasons for implementing a virtual desktop architecture in enterprises.For more information on these products, view the webpages on www.oracle.com and the Oracle Technology Network website.

    Read the article

  • Installing Ubuntu 12.10 on new computer with Windows 8

    - by rft183
    I recently purchased a new HP computer (P6-2330) with Windows 8. I have tried unsuccessfully to install Ubuntu 12.10 64bit alongside Windows 8. The computer is UEFI with Secure Boot enabled. I've tried following the instruction at https://help.ubuntu.com/community/UEFI. I am able to get the GRUB menu to show up. However, as soon as I press Enter on either Try Ubuntu or Install Ubuntu, the screen goes blank. Nothing works at all, not even the Num Lock or Caps Lock keys on the keyboard. I have to use the power button to restart the computer. Does anyone have any suggestions on how to get Ubuntu installed? To clarify, I have actually tried installing using both a USB stick and a DVD. The USB stick gave a blank screen, while the DVD gave the error message "Empty Security Header" after pressing Enter at the GRUB screen.

    Read the article

  • 12.04 cannot boot from USB

    - by GhostRider
    The HP Pavilion g6 notebook is unable to boot from bootable USB stick created with Linux Live USB Creator. I was able to boot other systems using the same pendrive. I have changed the boot priority using F10. When I restarted, it didn't ask for any message like Press any key to boot from When I press F19, and selected the pendrive from the available options to boot from, while restarting it gives me a message: error while trying to boot selected boot image Though I looked into the possible suggestions here, none of them worked. Looking for any help? EDIT: I was able to fix the first issue, i'e ubuntu could be installed as secure boot option in the bios was not allowing the pendrive or cd/dvd to be detected. Now once i have successfully installed ubuntu 12.04, after the restart i was unable to find it in the os menu for selection and windows8 loaded by default Ubuntu version: 12.04

    Read the article

  • Using secure proxies with Google Chrome

    - by cYrus
    Whenever I use a secure proxy with Google Chrome I get ERR_PROXY_CERTIFICATE_INVALID, I tried a lot of different scenarios and versions. The certificate I'm using a self-signed certificate: openssl genrsa -out key.pem 1024 openssl req -new -key key.pem -out request.pem openssl x509 -req -days 30 -in request.pem -signkey key.pem -out certificate.pem Note: this certificate works (with a warning since it's self-signed) when I try to setup a simple HTTPS server. The proxy Then I start a secure proxy on localhost:8080. There are a several ways to accomplish this, I tried: a custom Node.js script; stunnel; node-spdyproxy (OK, this involves SPDY too, but later... the problem is the same); [...] The browser Then I run Google Chrome with: google-chrome --proxy-server=https://localhost:8080 http://superuser.com to load, say, http://superuser.com. The issue All I get is: Error 136 (net::ERR_PROXY_CERTIFICATE_INVALID): Unknown error. in the window, and something like: [13633:13639:1017/182333:ERROR:cert_verify_proc_nss.cc(790)] CERT_PKIXVerifyCert for localhost failed err=-8179 in the console. Note: this is not the big red warning that complains about insecure certificates. Now, I have to admit that I'm quite n00b for what concerns certificates and such, if I'm missing some fundamental points, please let me know.

    Read the article

  • Creating a tiled world with OpenGL

    - by Tamir
    Hello, I'm planning to create a tiled world with OpenGL, with slightly rotated tiles and houses and building in the world will be made of models. Can anybody suggest me what projection(Orthogonal, Perspective) should I use, and how to setup the View matrix(using OpenGL)? If you can't figure what style of world I'm planning to create, look at this game: http://www.youtube.com/watch?v=i6eYtLjFu-Y&feature=PlayList&p=00E63EDCF757EADF&index=2

    Read the article

  • Debian - Secure system from current administrator

    - by netadmin
    Hello, I am the Network and Systems Administrator in an organization of just under 500 users. We have a number of Windows Servers, and that is certainly my area of expertise. We also have a very small handful of Debian servers. We are about to terminate the sysadmin of these Debian systems. Short of powering down the systems, I would like to know how I can ensure that the previous admin does not have control of these systems in the future, at least until we hire a replacement linux sysadmin. I have physical/virtual-console access to each of the systems, so I can reboot them in various user-modes. I just don't know what to do. Please assume that I do not currently have root access to all of these systems (an oversight on my part that I now recognize.) I have some experience in Linux, and use it on my desktop on a daily basis, but I must admit that I am a competent user of linux, not a systems admin. I have no fear of the command line however.... Is there a list of steps that one should take to "secure" a system from somebody else? Again, I assure you that this is legit, I am re-taking control of my employer's systems, at the request of my employer. I hope to not have to shut the systems down permanently and still be reasonably certain that they are secure. Thanks for your time.

    Read the article

  • The Story of secure user-authentication in squid

    - by Isaac
    once upon a time, there was a beautiful warm virtual-jungle in south america, and a squid server lived there. here is an perceptual image of the network: <the Internet> | | A | B Users <---------> [squid-Server] <---> [LDAP-Server] When the Users request access to the Internet, squid ask their name and passport, authenticate them by LDAP and if ldap approved them, then he granted them. Everyone was happy until some sniffers stole passport in path between users and squid [path A]. This disaster happened because squid used Basic-Authentication method. The people of jungle gathered to solve the problem. Some bunnies offered using NTLM of method. Snakes prefered Digest-Authentication while Kerberos recommended by trees. After all, many solution offered by people of jungle and all was confused! The Lion decided to end the situation. He shouted the rules for solutions: Shall the solution be secure! Shall the solution work for most of browsers and softwares (e.g. download softwares) Shall the solution be simple and do not need other huge subsystem (like Samba server) Shall not the method depend on special domain. (e.g. Active Directory) Then, a very resonable-comprehensive-clever solution offered by a monkey, making him the new king of the jungle! can you guess what was the solution? Tip: The path between squid and LDAP is protected by the lion, so the solution have not to secure it. Note: sorry if the story is boring and messy, but most of it is real! =) /~\/~\/~\ /\~/~\/~\/~\/~\ ((/~\/~\/~\/~\/~\)) (/~\/~\/~\/~\/~\/~\/~\) (//// ~ ~ \\\\) (\\\\( (0) (0) )////) (\\\\( __\-/__ )////) (\\\( /-\ )///) (\\\( (""""") )///) (\\\( \^^^/ )///) (\\\( )///) (\/~\/~\/~\/) ** (\/~\/~\/) *####* | | **** /| | | |\ \\ _/ | | | | \_ _________// Thanks! (,,)(,,)_(,,)(,,)--------'

    Read the article

  • Storing secure keys on Ubuntu web server

    - by Sencha
    I'm running Ubuntu 12.04 Precise with a DUNG (Django, Unix, Nginx & Gunicorn) environment and my app (as well as various config files) is stored in a python virtual environment inside /srv, which the www-data user has access to. The nginx & gunicorn processes are all run as www-data. My web app requires secure credentials which I am storing in an environment.sh file. This file contains various exports and is run using source before the gunicorn processes execute. My concern is the location of the environment.sh file and it's permissions. Will it be okay storing this file inside the /srv folder where the www-data has access to it? Or should it be stored and owned by root somewhere else such as /var/myapp/environment.sh? Also, regarding the www-data user, if any of my web processes (which are run as www-data) are compromised and someone gains access to them, does that mean that the user could potentially read any file on the system, even if they can't write? Including my secure keys?

    Read the article

  • secure user-authentication in squid

    - by Isaac
    once upon a time, there was a beautiful warm virtual-jungle in south america, and a squid server lived there. here is an perceptual image of the network: <the Internet> | | A | B Users <---------> [squid-Server] <---> [LDAP-Server] When the Users request access to the Internet, squid ask their name and passport, authenticate them by LDAP and if ldap approved them, then he granted them. Everyone was happy until some sniffers stole passport in path between users and squid [path A]. This disaster happened because squid used Basic-Authentication method. The people of jungle gathered to solve the problem. Some bunnies offered using NTLM of method. Snakes prefered Digest-Authentication while Kerberos recommended by trees. After all, many solution offered by people of jungle and all was confused! The Lion decided to end the situation. He shouted the rules for solutions: Shall the solution be secure! Shall the solution work for most of browsers and softwares (e.g. download softwares) Shall the solution be simple and do not need other huge subsystem (like Samba server) Shall not the method depend on special domain. (e.g. Active Directory) Then, a very resonable-comprehensive-clever solution offered by a monkey, making him the new king of the jungle! can you guess what was the solution? Tip: The path between squid and LDAP is protected by the lion, so the solution have not to secure it. Note: sorry for this boring and messy story! /~\/~\/~\ /\~/~\/~\/~\/~\ ((/~\/~\/~\/~\/~\)) (/~\/~\/~\/~\/~\/~\/~\) (//// ~ ~ \\\\) (\\\\( (0) (0) )////) (\\\\( __\-/__ )////) (\\\( /-\ )///) (\\\( (""""") )///) (\\\( \^^^/ )///) (\\\( )///) (\/~\/~\/~\/) ** (\/~\/~\/) *####* | | **** /| | | |\ \\ _/ | | | | \_ _________// Thanks! (,,)(,,)_(,,)(,,)--------'

    Read the article

  • secure user-authentication in squid: The Story

    - by Isaac
    once upon a time, there was a beautiful warm virtual-jungle in south america, and a squid server lived there. here is an perceptual image of the network: <the Internet> | | A | B Users <---------> [squid-Server] <---> [LDAP-Server] When the Users request access to the Internet, squid ask their name and passport, authenticate them by LDAP and if ldap approved them, then he granted them. Everyone was happy until some sniffers stole passport in path between users and squid [path A]. This disaster happened because squid used Basic-Authentication method. The people of jungle gathered to solve the problem. Some bunnies offered using NTLM of method. Snakes prefered Digest-Authentication while Kerberos recommended by trees. After all, many solution offered by people of jungle and all was confused! The Lion decided to end the situation. He shouted the rules for solutions: Shall the solution be secure! Shall the solution work for most of browsers and softwares (e.g. download softwares) Shall the solution be simple and do not need other huge subsystem (like Samba server) Shall not the method depend on special domain. (e.g. Active Directory) Then, a very resonable-comprehensive-clever solution offered by a monkey, making him the new king of the jungle! can you guess what was the solution? Tip: The path between squid and LDAP is protected by the lion, so the solution have not to secure it. Note: sorry for this boring and messy story! /~\/~\/~\ /\~/~\/~\/~\/~\ ((/~\/~\/~\/~\/~\)) (/~\/~\/~\/~\/~\/~\/~\) (//// ~ ~ \\\\) (\\\\( (0) (0) )////) (\\\\( __\-/__ )////) (\\\( /-\ )///) (\\\( (""""") )///) (\\\( \^^^/ )///) (\\\( )///) (\/~\/~\/~\/) ** (\/~\/~\/) *####* | | **** /| | | |\ \\ _/ | | | | \_ _________// Thanks! (,,)(,,)_(,,)(,,)--------'

    Read the article

  • Reading email from Emacs VM using a secure server (Gmail)

    - by Alan Wehmann
    This is a question (see below) originally entered at https://answers.launchpad.net/vm/+question/108267 and upon the recommendation of Uday Reddy the question and answers are being moved here. The date of the original question was May 4, 2010. One subject of the question is use of the program stunnel with program View Mail (run within Emacs) on a PC running Microsoft Windows, in order to read email from a server that requires use of TSL/SSL (Gmail). See the related question, How to configure Emacs smtp for secure server for using a secure server, for sending email. The programs discussed are Emacs, VM (ViewMail) and stunnel. The platform under discussion is MS Windows. The original question was asked by usr345 on 2010-04-24: I tried to install vm on Windows, but when I tried to get the mail from gmail using ssl, an error emerges, emacs hanges-up. Here is the code from .emacs: (add-to-list 'load-path (expand-file-name "~/vm/lisp")) (add-to-list 'Info-default-directory-list (expand-file-name "~/vm/info")) (require 'vm-autoloads) (setq vm-primary-inbox "~/mail/inbox.mbox") (setq vm-crash-box "~/mail/inbox.crash.mbox") (setq vm-spool-files `((,vm-primary-inbox "pop-ssl:pop.gmail.com:995:pass:usr345:PASSWORD" ,vm-crash-box))) (setq vm-stunnel-program "g:/program files/stunnel/stunnel.exe") So, the question: How to configure pop-ssl on Windows?

    Read the article

  • JBox2D Polygon Collisions Acting Strange

    - by andy
    I have been playing around with JBox2D and Slick2D and made a little demo with a ground object, a box object, and two different polygons. The problem I am facing is that the collision-detection for the polygons seems to be off (see picture below), but the box's collision works fine. My Code: Main Class package main; import org.jbox2d.common.Vec2; import org.jbox2d.dynamics.BodyType; import org.jbox2d.dynamics.World; import org.newdawn.slick.GameContainer; import org.newdawn.slick.Graphics; import org.newdawn.slick.SlickException; import org.newdawn.slick.state.BasicGameState; import org.newdawn.slick.state.StateBasedGame; import shapes.Box; import shapes.Polygon; public class State1 extends BasicGameState{ World world; int velocityIterations; int positionIterations; float pixelsPerMeter; int state; Box ground; Box box1; Polygon poly1; Polygon poly2; Renderer renderer; public State1(int state) { this.state = state; } @Override public void init(GameContainer gc, StateBasedGame game) throws SlickException { velocityIterations = 10; positionIterations = 10; pixelsPerMeter = 1f; world = new World(new Vec2(0.f, -9.8f)); renderer = new Renderer(gc, gc.getGraphics(), pixelsPerMeter, world); box1 = new Box(-100f, 200f, 40, 50, BodyType.DYNAMIC, world); ground = new Box(-14, -275, 50, 900, BodyType.STATIC, world); poly1 = new Polygon(50f, 10f, new Vec2[] { new Vec2(-6f, -14f), new Vec2(0f, -20f), new Vec2(6f, -14f), new Vec2(10f, 10f), new Vec2(-10f, 10f) }, BodyType.DYNAMIC, world); poly2 = new Polygon(0f, 10f, new Vec2[] { new Vec2(10f, 0f), new Vec2(20f, 0f), new Vec2(30f, 10f), new Vec2(30f, 20f), new Vec2(20f, 30f), new Vec2(10f, 30f), new Vec2(0f, 20f), new Vec2(0f, 10f) }, BodyType.DYNAMIC, world); } @Override public void update(GameContainer gc, StateBasedGame game, int delta) throws SlickException { world.step((float)delta / 180f, velocityIterations, positionIterations); } @Override public void render(GameContainer gc, StateBasedGame game, Graphics g) throws SlickException { renderer.render(); } @Override public int getID() { return this.state; } } Polygon Class package shapes; import org.jbox2d.collision.shapes.PolygonShape; import org.jbox2d.common.Vec2; import org.jbox2d.dynamics.Body; import org.jbox2d.dynamics.BodyDef; import org.jbox2d.dynamics.BodyType; import org.jbox2d.dynamics.FixtureDef; import org.jbox2d.dynamics.World; import org.newdawn.slick.Color; public class Polygon { public float x, y; public Color color; public BodyType bodyType; org.newdawn.slick.geom.Polygon poly; BodyDef def; PolygonShape ps; FixtureDef fd; Body body; World world; Vec2[] verts; public Polygon(float x, float y, Vec2[] verts, BodyType bodyType, World world) { this.verts = verts; this.x = x; this.y = y; this.bodyType = bodyType; this.world = world; init(); } public void init() { def = new BodyDef(); def.type = bodyType; def.position.set(x, y); ps = new PolygonShape(); ps.set(verts, verts.length); fd = new FixtureDef(); fd.shape = ps; fd.density = 2.0f; fd.friction = 0.7f; fd.restitution = 0.5f; body = world.createBody(def); body.createFixture(fd); } } Rendering Class package main; import org.jbox2d.collision.shapes.PolygonShape; import org.jbox2d.collision.shapes.ShapeType; import org.jbox2d.common.MathUtils; import org.jbox2d.common.Vec2; import org.jbox2d.dynamics.Body; import org.jbox2d.dynamics.Fixture; import org.jbox2d.dynamics.World; import org.newdawn.slick.Color; import org.newdawn.slick.GameContainer; import org.newdawn.slick.Graphics; import org.newdawn.slick.geom.Polygon; import org.newdawn.slick.geom.Transform; public class Renderer { World world; float pixelsPerMeter; GameContainer gc; Graphics g; public Renderer(GameContainer gc, Graphics g, float ppm, World world) { this.world = world; this.pixelsPerMeter = ppm; this.g = g; this.gc = gc; } public void render() { Body current = world.getBodyList(); Vec2 center = current.getLocalCenter(); while(current != null) { Vec2 pos = current.getPosition(); g.pushTransform(); g.translate(pos.x * pixelsPerMeter + (0.5f * gc.getWidth()), -pos.y * pixelsPerMeter + (0.5f * gc.getHeight())); Fixture f = current.getFixtureList(); while(f != null) { ShapeType type = f.getType(); g.setColor(getColor(current)); switch(type) { case POLYGON: { PolygonShape shape = (PolygonShape)f.getShape(); Vec2[] verts = shape.getVertices(); int count = shape.getVertexCount(); Polygon p = new Polygon(); for(int i = 0; i < count; i++) { p.addPoint(verts[i].x, verts[i].y); } p.setCenterX(center.x); p.setCenterY(center.y); p = (Polygon)p.transform(Transform.createRotateTransform(current.getAngle() + MathUtils.PI, center.x, center.y)); p = (Polygon)p.transform(Transform.createScaleTransform(pixelsPerMeter, pixelsPerMeter)); g.draw(p); break; } case CIRCLE: { f.getShape(); } default: } f = f.getNext(); } g.popTransform(); current = current.getNext(); } } public Color getColor(Body b) { Color c = new Color(1f, 1f, 1f); switch(b.m_type) { case DYNAMIC: if(b.isActive()) { c = new Color(255, 123, 0); } else { c = new Color(99, 99, 99); } break; case KINEMATIC: break; case STATIC: c = new Color(111, 111, 111); break; default: break; } return c; } } Any help with fixing the collisions would be greatly appreciated, and if you need any other code snippets I would be happy to provide them.

    Read the article

  • How to create a reasonably sized urban area manually but efficiently

    - by Overv
    I have a game concept that only really works in an urban area that is of reasonable scale and diversity. In terms of what it should look like, think GTA, in terms of the size think more like a small neighbourhood with residents and a few local shops, perhaps a supermarket. I'm mostly experienced in programming and not at all with modelling, texturing or drawing, but I've found that SketchUp allows me to design interesting looking buildings that I model after real world buildings in my own neighbourhood. Designing these buildings and other objects can take from a few tens of minutes to a few hours. My question is: what is the best approach for a one man army like me who does manage to model buildings to create an interesting city environment in a reasonable amount of time? My game will not be based on procedural generation, the environment will actually be modelled like GTA cities.

    Read the article

< Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >