Search Results

Search found 30819 results on 1233 pages for 'software security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 331/1233 | < Previous Page | 327 328 329 330 331 332 333 334 335 336 337 338  | Next Page >

  • Restricting access to records. Is claim-based permissions a good idea.

    - by Vitalik
    in .net Claim-based identity framework If i wanted to restrict users to do an operation (view or edit) on let's say an account, a particular account #123456.(i am talking about business entity, like a bank account.) Is it a good idea to create a claim for each account they can view or edit? Any disadvantages of having a lot of claims in a set? a system admin might have access to all accounts in the system thus creating hundreds of claims (maybe more than one for each account)

    Read the article

  • How to do i18n and create Windows Installer of Haskell programs?

    - by Aufheben
    I'm considering using Haskell to develop for a little commercial project. The program must be internationalized (to Simplified Chinese, to be specific), and my customer requests that it should be delivered in a one-click Windows Installer form. So basically these are the two problems I'm facing now: I18n of Haskell programs: the method described in Internationalization of Haskell programs did work (partially) if I change the command of executing the program from LOCALE=zh_CN.UTF-8 ./Main to LANG=zh_CN.UTF-8 ./Main (I'm working on Ubuntu 10.10), however, the Chinese output is garbled, and I've no idea why is that. Distribution on Windows: I'm used to work under Linux and build & package my Haskell programs using Cabal, but what is the most natural way to create a one-click Windows Installer from a cabalized Haskell package? Is the package bamse the right way to go? ------ Details for the first problem ------ What I did was: $ hgettext -k __ -o messages.pot Main.hs $ msginit --input=messages.pot --locale=zh_CN.UTF-8 (Edit the zh_CN.po file, adding Chinese translation) $ mkdir -p zh_CN/LC_MESSAGES $ msgfmt --output-file=zh_CN/LC_MESSAGES/hello.mo zh_CN.po $ ghc --make Main.hs $ LANG=zh_CN.UTF-8 ./Main And the output was like: This indicates gettext is actually working, but for some reason the generated zh_CN.mo file is broken (my guess). I'm pretty sure my zh_CN.po file is encoded in UTF-8. Plus, aside from using System.IO.putStrLn, I also tried System.IO.UTF8.putStrLn to output the string, which didn't work either.

    Read the article

  • Determining when or when not to escape output

    - by Ygam
    I have a page, where I have approximately 90 items I need to output. Most of them are object properties (I am using ORM so these objects map to my database tables). But the question is, do I have to escape each of those 90 outputs by applying functions to each (in my case, the htmlspecialchars)? Wouldn't that add a bit of an overhead (calling a single function 90 times)?

    Read the article

  • Script to sell php script?

    - by DR.GEWA
    Hi ppl. I am to finish my social network web-script which should be sold license based. I wonder such thing. There is a lot of shopping carts there. Is there a one, which is specialized on selling scripts and supportings them? Or should I part by part put a forum, make an order system, wiki, and so on?

    Read the article

  • ideas: per-file authentication in order to download

    - by suIIIha
    i would love to use mod_xsendfile but i live in a shared environment which does not provide such a module. processing large files such as videos through a server-side script and sending it to the browser that way seems to be unacceptable in my case, so i am looking for a way to enable per-file authentication in such a way that is not going to consume resources much. nobody shall know what the actual path is to the file they are downloading. please suggest how to do that.

    Read the article

  • MS Access: Permission problems with views

    - by Keith Williams
    "I'll use an Access ADP" I said, "it's only a tiny project and I've got better things to do", I said, "I can build an interface really quickly in Access" I said. </sarcasm> Sorry for the rant, but it's Friday, I have a date in just under two hours, and I'm here late because this just isn't working - so, in despair, I turn to SO for help. Access ADP front-end, linked to a SQL Server 2008 database Using a SQL Server account to log into the database (for testing); this account is a member of the role, "Api"; this role has SELECT, EXECUTE, INSERT, UPDATE, DELETE access to the "Api" schema The "Api" schema is owned by "dbo" All tables have a corresponding view in the Api schema: e.g. dbo.Customer -- Api.Customers The rationale is that users don't have direct table access, but can deal with views as if they were tables I can log into SQL using my test login, and it works fine: no access to the tables, but I can select, insert, update and delete from the Api views. In Access, I see the views, I can open them, but whenever I try to insert or update, I get the following error: The SELECT permission was denied on the object '[Table name which the view is using]', database '[database name]', schema 'dbo' Crazy as it sounds, Access seems to be trying to access the underlying table rather than the view. Any ideas?

    Read the article

  • Is it safe to display user input as input values without sanitation?

    - by Svish
    Say we have a form where the user types in various info. We validate the info, and find that something is wrong. A field is missing, invalid email, et cetera. When displaying the form to the user again I of course don't want him to have to type in everything again so I want to populate the input fields. Is it safe to do this without sanitation? If not, what is the minimum sanitation that should be done first? And to clearify: It would of course be sanitized before being for example added to a database or displayed elsewhere on the site.

    Read the article

  • Can I use encrypt web.config with a custom protection provider who's assembly is not in the GAC?

    - by James
    I have written a custom protected configuration provider for my web.config. When I try to encrypt my web.config with it I get the following error from aspnet_iisreg aspnet_regiis.exe -pef appSettings . -prov CustomProvider (This is running in my MSBuild) Could not load file or assembly 'MyCustomProviderNamespace' or one of its dependencies. The system cannot find the file specified. After checking with the Fusion log, I confirm it is checking both the GAC, and 'C:/WINNT/Microsoft.NET/Framework/v2.0.50727/' (the location of aspnet_iisreg). But it cannot find the provider. I do not want to move my component into the GAC, I want to leave the custom assembly in my ApplicationBase to copy around to various servers without having to pull/push from the GAC. Here is my provider configuration in the web.config. <configProtectedData> <providers> <add name="CustomProvider" type="MyCustomProviderNamespace.MyCustomProviderClass, MyCustomProviderNamespace" /> </providers> </configProtectedData> Has anyone got any ideas?

    Read the article

  • how to deal with political differences that lead to dysfunctional development environment

    - by Pierreten
    We have a few liberal programmers on our team who don't use source control, don't manage time effectively and always want to use our budget on useless tools/components that are expensive and things we can build ourselves. They are also loud and disrespectful. Our group of conservatives always have to clean up after them and show them the correct way of doing things. How do we address this discrepancy? Please advise.

    Read the article

  • How to save the world from your computer?

    - by Francisco Garcia
    Sometimes I miss the "help other people" factor within computer related careers. Sure that out there I could find many great projects improving society, but that is not common. However there are little things that we all can do to make this a better place beyond trying to erradicate annoynig stuff such as Visual Basic. You could join a cloud computing network such as World Community Grid to fight cancer. Write a charityware application such as Vim, improve an office IT infrastructure to support telecommuting and reduce CO2 emissions, use an ebook reader for saving paper... what else would you? which projects do you think can have an impact?

    Read the article

  • Does HttpWebRequest automatically take care of certificate validation?

    - by Kevin Pang
    I'm using an HttpWebRequest object to access a web service via an HTTP POST. Part of the requirement is that I: Verify that the URL in the certificate matches the URL I'm posting to Verify that the certificate is valid and trusted Verify that the certificate has not expired Does HttpWebRequest automatically handle that for me? I'd assume that if any of these conditions came up, I'd get the standard "could not establish trust relationship for the SSL/TLS secure channel" exception.

    Read the article

  • What are the standard/practical steps required before moving to implementation of any Project/Task?

    - by jkm
    What are the standard/practical steps required before moving to implementation of any Project/Task? Hi everyone, I liked stackoverflow very much and just got registered. As I am a beginner in programming, most of the time i just implement/code my tasks directly not even thinking of creating any dfd's, flowcharts or other tools for my new classes and methods. In some interviews i was asked what process you follow and i was confused as i am not very used to follow any standards. So If some experts can help me that what steps and in what order are the best practices for solving/approaching any task in programming. And how important these are? Thanks in advance! and sorry if this question is trivial one/already asked.

    Read the article

  • How to limit setAccessible to only "legitimate" uses?

    - by polygenelubricants
    The more I learned about the power of setAccessible, the more astonished I am at what it can do. This is adapted from my answer to the question (Using reflection to change static final File.separatorChar for unit testing). import java.lang.reflect.*; public class EverythingIsTrue { static void setFinalStatic(Field field, Object newValue) throws Exception { field.setAccessible(true); Field modifiersField = Field.class.getDeclaredField("modifiers"); modifiersField.setAccessible(true); modifiersField.setInt(field, field.getModifiers() & ~Modifier.FINAL); field.set(null, newValue); } public static void main(String args[]) throws Exception { setFinalStatic(Boolean.class.getField("FALSE"), true); System.out.format("Everything is %s", false); // "Everything is true" } } You can do truly outrageous stuff: public class UltimateAnswerToEverything { static Integer[] ultimateAnswer() { Integer[] ret = new Integer[256]; java.util.Arrays.fill(ret, 42); return ret; } public static void main(String args[]) throws Exception { EverythingIsTrue.setFinalStatic( Class.forName("java.lang.Integer$IntegerCache") .getDeclaredField("cache"), ultimateAnswer() ); System.out.format("6 * 9 = %d", 6 * 9); // "6 * 9 = 42" } } Presumably the API designers realize how abusable setAccessible can be, but must have conceded that it has legitimate uses to provide it. So my questions are: What are the truly legitimate uses for setAccessible? Could Java has been designed as to NOT have this need in the first place? What would the negative consequences (if any) of such design be? Can you restrict setAccessible to legitimate uses only? Is it only through SecurityManager? How does it work? Whitelist/blacklist, granularity, etc? Is it common to have to configure it in your applications?

    Read the article

  • RewriteRule help

    - by Camran
    I have successfully setup htaccess to do this: domain.com/ad.php?ad_id=bmw_m3_2498224 INTO: domain.com/ads/bmw_m3_2498224 However, I have a link on the page which makes the page submit to itself... The link saves the ad inside a cookie: domain.com/ad.php?ad_id=bmw_m3_2498224&save=1 // Note the 'save' variable I need to make this work on the rewritten rule also, so this link: domain.com/ads/bmw_m3_2498224/save will save the cookie... I have this so far which DOES NOT work for the save part: RewriteRule ^annons/([a-zA-Z0-9_]+)$ ad.php?ad_id=$1 [NC,L] How can I include another rule to accomplish what I want? Thanks

    Read the article

  • App store for the PC?

    - by Chris
    So I've spent a lot of time making an iPhone game and have recently realized that I don't have to limit myself to just Apple - I know there are app stores for Palm and Android, but does anybody know of a good "app store" for the plain old PC? I would like to have one where individual developers can publish an app and not have to worry about all the billing and piracy issues!

    Read the article

  • block write access to table from an application in mysql

    - by hoberion
    Hello, We have a CMS plugin that writes statistics to 1 table, this creates performance issues on the entire platform. We decided to use another statistics plugin which can connect to a different database server (the first plugin couldn't!) however we need parts of the first plugin. I want to lock the statistics table to prevent misusage (not allowed to drop it by the developer) So I was wondering if a lock table could do this or if I can implement some sort of read only table

    Read the article

  • Constantly changing frameworks/APIs - how do we keep up?

    - by Jamie Chapman
    This question isn't really for any specific technology but more of general developer question. We all know from experience that things change. Frameworks evolve, new features are added and stuff gets removed. For example, how might a product using version 1.0 of the "ABC" framework adapt when version 2.0 comes along (ABC could be .NET, Java, Cocoa, or whatever you want)? One solution might be to make the frameworks backward compatible; so that code written for 1.0 will still work in version 2.0 of the framework. Another might be to selectively target only version 1.0 of the framework, but this might leave many fancy new features unused (many .NET 2.0 apps seem to do this) Any thoughts on what we as developers should do as best practice to keep our technologies up to date, whilst not breaking our applications?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 327 328 329 330 331 332 333 334 335 336 337 338  | Next Page >