Search Results

Search found 15914 results on 637 pages for 'physical security'.

Page 506/637 | < Previous Page | 502 503 504 505 506 507 508 509 510 511 512 513  | Next Page >

• How to run a command on a remote Windows system as a non-admin user with WMI?

  - by John

  I have a script written in Visual Basic that starts a process (given to the script as an argument) on a remote system (again, given as an argument) using WMI. This script works fine when using an Administrator account on the remote system, but when using a non-administrator account, I get the following error: ConnectServer Failed w/ (-2147024891) Access is denied. I'd like to be able to run processes on remote systems as a non-administrator user with this script, and I'm pretty sure the problem is due to security settings on the remote system, but I've not been able to reset the right ones.

  Read the article

• PhpMyAdmin; Should I disable root login?

  - by Camran

  I have this setup in Phpmyadmin: USER HOST PASSW PRIVILEGES GRANT debian-sys-maint localhost Yes ALL PRIVILEGES YES phpmyadmin localhost Yes USAGE NO root 127.0.0.1 Yes ALL PRIVILEGES YES root localhost Yes ALL PRIVILEGES YES root my_hostname Yes ALL PRIVILEGES YES username localhost Yes ALL PRIVILEGES YES Where "username" is my username and "my_hostname" is my hostname. I am currently only logging in as the last one (username, localhost). Also, I have php which also uses the last ones login details. Should I disable the other ones? And, what other security measures should I take? BTW: My server is Linux and I have root access. Thanks

  Read the article

• Referencing invalid memory locations with C++ Iterators

  - by themoondothshine

  I am a big fan of GCC, but recently I noticed a vague anomaly. Using __gnu_cxx::__normal_iterator (ie, the most common iterator type used in libstdc++, the C++ STL) it is possible to refer to an arbitrary memory location and even change its value without causing an exception! Is this expected behavior? If so, isn't a security loophole? Here's an example: #include <iostream> using namespace std; int main() { basic_string<char> str("Hello world!"); basic_string<char>::iterator iter = str.end(); iter += str.capacity() + 99999; *iter = 'x'; cout << "Value: " << *iter << endl; }

  Read the article

• Getting content of a Facebook page in Adobe Flex

  - by cuneyt

  Hi guys, I wrote a Flex application that sends a UrlRequest to Facebook and gets the content of page as a string. The application user clicks a button, and the application connects to Facebook. And no I do not mean using Facebook API. It is like a screen scraper. This application worked locally, but when deployed to server it gives a sandbox security error. I have my crossdomain.xml on the root, but I think the problem is not that. Not only Facebook, but I cannot get any web site when the application is deployed on server. What should I do to get the content of a remote web page?

  Read the article

• A PHP Function that verify code language

  - by tymc

  Hi, I have a form with 2 textareas; the first one allows user to send HTML Code, the second allows to send CSS Code. I have to verify with a PHP function, if the language is correct. If the language is correct, for security, i have to check that there is not PHP code or SQL Injection or whatever. What do you think ? Is there a way to do that ? Where can I find this kind of function ? Is "HTML Purifier" http://htmlpurifier.org/ a good solution ?

  Read the article

• java version 1.6 applet requistes

  - by gautam

  Hi, I upgraded my java version 1.5 to 1.6. My applet is not working what are prequesties ? i have changed classid and MIME type to 1.6. Its giving exception: load: class com.timer.AppletGenerator.class not found. java.lang.ClassNotFoundException: com.timer.AppletGenerator.class at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source) at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source) at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.io.IOException: open HTTP connection failed:http://localhost:8080/Perfmonitoringgui-000.004.000/com/timer/AppletGenerator/class.class at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) ... 7 more Exception: java.lang.ClassNotFoundException: com.timer.AppletGenerator.class Thanks

  Read the article

• [php + mysql] Save IP in database

  - by Knarf

  When a user logs inn I want to save their IP in the database. How would I do that? What type is best to use for the MySQL field? How would the PHP code to get IP look like? I'm thinking of using it as an extra security feature for the login/session stuff. I'm thinking of checking the IP the user logged in with from the DB with the IP the user have now as addition to checking the session. So that it first check the session, and then check if you have a valid IP. Is that an allright extra feature? And what other things can I do to make it more secure?

  Read the article

• can we assign object value to the label?

  - by user334294

  I have a label for that i have to assign object value which is returned by stored procedure.my code as following object returnvalue; SqlConnection con = new SqlConnection("Data Source=vela21; Initial Catalog=MilkDb;Integrated Security=True"); con.Open(); string sa; sa = textBox1.Text; SqlCommand cmd = new SqlCommand("custname", con); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add("Cid", SqlDbType.Int).Value = sa; cmd.Parameters.Add("cname", SqlDbType.NVarChar, 20); cmd.Parameters["cname"].Direction = ParameterDirection.Output; returnvalue = cmd.ExecuteNonQuery(); label3.Text = Convert.ToString(returnvalue); con.Close(); can anyone help me? plz........

  Read the article

• php most memory efficient way to return files

  - by bumperbox

  so i have a bunch of files, some can be up to 30-40mb and i want to use php to handle security of the files, so i can control who has access to them that means i have a script sort of like this rough example $has_permission = check_database_for_permission($user, filename); if ($has_permission) { header('Content-Type: image/jpeg'); readfile ($filename); exit; } else { // return 401 error } i would hate for every request to load the full file into memory, as it would soon chew up all the memory on my server with a few simultaneous requests so a couple of questions is readfile the most memory efficient way of doing this? is there some better method of achieving the same outcome, that i am overlooking? server: apache/php5 thanks

  Read the article

• Runtime Error in asp.net?(online )

  - by Surya sasidhar

  hi, I develop a web application it is working fine in local. When i upload the site in online through CuteFTP it is showing the error like this... Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine. Details: To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. This tag should then have its "mode" attribute set to "Off". Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's configuration tag to point to a custom error page URL. please help me i place the but even though it is not working it is giving same error. Thank you

  Read the article

• Windows XP: Have my program run in kernel mode?

  - by Kalamari

  I'm currently learning about the different modes the Windows operating system runs in (kernel mode vs. user mode), device drivers, their respective advantages and disadvantages and computer security in general. I would like to create a practical example of what a faulty device driver that runs in kernel mode can do to the system, by for example corrupting memory used for critical OS-processes. How can I execute my code in kernel mode instead of user mode, directly? Do I have to write a dummy device driver and install it to do this? Where can I read more about kernel and user mode in Windows? I know the dangers of this and will do all of the experiments on a virtual machine running Windows XP only

  Read the article

• How does lock(syncRoot) make sense on a static method?

  - by Rising Star

  The following code is excerpted from the (Windows Identity Foundation SDK) template that MS uses to create a new Security Token Service Web Site. public static CustomSecurityTokenServiceConfiguration Current { get { HttpApplicationState httpAppState = HttpContext.Current.Application; CustomSecurityTokenServiceConfiguration customConfiguration = httpAppState.Get( CustomSecurityTokenServiceConfigurationKey ) as CustomSecurityTokenServiceConfiguration; if ( customConfiguration == null ) { lock ( syncRoot ) { customConfiguration = httpAppState.Get( CustomSecurityTokenServiceConfigurationKey ) as CustomSecurityTokenServiceConfiguration; if ( customConfiguration == null ) { customConfiguration = new CustomSecurityTokenServiceConfiguration(); httpAppState.Add( CustomSecurityTokenServiceConfigurationKey, customConfiguration ); } } } return customConfiguration; } } I'm relatively new to multi-threaded programming. I assume that the reason for the lock statement is to make this code thread-safe in the event that two web requests arrive at the web site at the same time. However, I would have thought that using lock (syncRoot) would not make sense because syncRoot refers to the current instance that this method is operating on... but this is a static method? How does this make sense?

  Read the article

• Xampp error on windows

  - by Deepak Kumar

  My problem is when i use xampp i see many error and when i use my web it has no error Notice: Undefined index: action in C:\xampp\htdocs\xyz\index.php on line 3 Notice: Undefined index: usNick in C:\xampp\htdocs\xyz\config.php on line 11 Notice: Use of undefined constant setname - assumed 'setname' in C:\xampp\htdocs\xyz\config.php on line 31 Notice: Use of undefined constant setname - assumed 'setname' in C:\xampp\htdocs\xyz\config.php on line 31 Notice: Undefined index: usNick in C:\xampp\htdocs\xyz\config.php on line 34 Notice: A session had already been started - ignoring session_start() in C:\xampp\htdocs\xyz\data.php on line 2 Notice: Undefined index: r in C:\xampp\htdocs\xyz\data.php on line 4 Notice: Undefined index: ucNick in C:\xampp\htdocs\xyz\data.php on line 8 I have tried many time changing things in Setting, Security, Privileges etc but nothing changed, I want to know if im missing something out Thanks

  Read the article

• How can I play a flv file that is hosted on a remote website?

  - by pennstatephil

  I'm looking to play a flash video hosted on a remote website. I've tried the following (and profuse google-ing): In source of page on http://fakesite1.com/player.jsp: <embed src = "FlashPlayer.swf?file=http://fakesite2.net/video.flv" /> I can browse to http://fakesite2.net/video.flv and ensure it's there, but the player comes back "movie not loaded" (on right-click) on fakesite1. My initial guess is that this might be some sort of security feature... is it possible to play a video hosted on a remote site?

  Read the article

• Hash passwords before transmitting? (web)

  - by wag2639

  I was reading this Ars article on password security and it mentioned there are sites that "hash the password before transmitting"? Now, assuming this isn't using an SSL connection (HTTPS), a. is this actually secure and b. if it is how would you do this in a secure manor? Edit 1: (some thoughts based on first few answers) c. If you do hash the password before transmission, how do you use that if you only store a salted hash version of the password in your user credentials databas? d. Just to check, if you are using a HTTPS secured connection, is any of this necessary?

  Read the article

• Is it better to store user text (such as a blog entry or private messages) in the database or as flat files?

  - by Fredashay

  I'm building a social networking type site that will be storing large chunks of text that's entered by users, such as blog entries and private messages. As such, these will be entered once, with minimal revisions, but many reads by multiple users over time. I'm using MySQL, by the way. My concerns are: Storing large blocks of text on the database will fill the database to capacity eventually. I read somewhere that storing user text in flat files is a security risk? (The filenames will be generated dynamically by the PHP, not by the user.) Storing them as text files may cause them to become out of sync if I ever have to reinitialize the database and restore it from backups. What are all your thoughts and advice, pros and cons?

  Read the article

• jQuery model-view-controller vs Spring MVC

  - by user1515968

  my question is what potential problems or difficulties would be with implementing usual web app with somewhat reach user interface (multiple dynamic tabs, accordians and so on) using jQuery MVC approach with Spring REST vs using Spring MVC. Problems what I can think of could be: I will not be able to use Spring security fully, JavaScript coding could become hard to manage, any form verification becomes not easy to manage... what else? and does jQuery MVC with REST make sense at all? On other side jQuery with MVC and REST move all GUI concerns to JavaScript side (whether it is bad or not) and leave all data manipulation to server side.

  Read the article

• Should we develop code on a local machine in a VLAN?

  - by red tiger

  Because of security reasons, we will not be able to use IIS on our local machines. I'm sure that many of you have faced the same problem, so how did you solve it? Here are the options that we're looking at: Create a VLAN that is isolated from the network for development. This will allow us to use any software, including IIS, that we want. A disadvantage is testing Web services with external organizations, which can be overcome by using stubs. Not use a VLAN and use only the ASP.NET Development Server that comes with Visual Studio, and then deploying that code to the development server. This has the disadvantage of not being able to replicate the production environment during local development. In addition, at least one developer needs IIS for GIS development, so he couldn't develop locally. Thank you for comments or suggestions that you may have!

  Read the article

• SQL Compact 2008 Connection String Problem

  - by Seth

  I have the following code to connect to a sql server compact edition 2008: private SqlConnection sqlConn; public void createConnection() { String connectionString = @"Data Source=C:\Projects\somefile.sdf;Persist Security Info=False"; sqlConn = new SqlConnection(connectionString); sqlConn.Open(); } However, I keep getting the following error when sqlConn.Open() is executed: "A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)" Does anyone have any ideas what the problem might be? I can create a connection to the db in the database explorer but it doesn't seem to work in code.

  Read the article

• Keystore and Aliases - is there a use to multiple aliases?

  - by Steve H

  When exporting a signed Android application using Eclipse, is there a purpose to using multiple aliases? According to the official guide about signing, it's recommended that you sign all applications with the same certificate to allow your applications to share data, code and be updated in modular fashion. Assuming that "alias", "key" and "certificate" are essentially interchangeable in this context, is there a reason why someone would want to use different aliases for all their applications? The only reason I can think of is that it adds more security to your applications, in the sense that a compromised key/password doesn't compromise everything. Are there other reasons? Also, is the generated key dependent on the name of the alias? In other words, if you change the name of the alias but not the password, would the generated certificate be different? Thanks.

  Read the article

• Access is denied trying to access a sMetabasePath on a SMTP Server from a different Web Server

  - by RJ

  I have written a C# dot net application that updates the SMTP relay restriction list in IIS 6. Running the application locally works great and I can add/remove IPs/DNS from the relay restriction list without any problem. Now I need to do the same for a SMTP server that is not running on the same webserver that I have the application running. So I have the web application on webserver A and the SMTP server on webserver/smtp server B. My app pool is running under a domain user and I have given the same user rights to the SMTP server under the security tab in the SMTP Virtual Server property window. I thought I could simply change the sMetabasePath from "IIS://localhost/smtpsvc/1" to "IIS://10.171.243.134/smtpsvc/1" and everything would just work but I get an "Access is denied" error. So I must have to do something else to get this to work. I even gave the domain user full admin rights on the SMTP server to no avail. Any ideas

  Read the article

• .Net SQL Server Connection String - hide password from other developers

  - by Chris Klepeis

  We're migrating one of our sites to ASP.Net. We do not want to use integrated security, which uses the windows account to connect to sql server (not going to get into why, its just out of the question). We created a username and password to connect to SQL Server, and would like to use that username and password, however, we also do not want other developers to see this information (easily read from the web.config).... I know it can be encrypted, but it can just as easily be decrypted by the developers - plus encryption has a performance hit. Is there any solution to this problem?

  Read the article

• Using an ActiveX object from an Outlook hosted webpage - possible?

  - by Nic Wise

  I'm trying to do the following: We have an outlook plugin, written in .NET (and C++). It does various things, and is manually installed on the end users machines (usually via AD deployment or similar) We are changing our search to use a webpage-based search, but from within outlook. That part is ok, however we want to communicate from the webpage to the surrounding outlook application. We can call into outlook by exposing an ActiveX object from our plugin, however we get security warnings, even if it's signed and marked as safe for scripting. Is this even possible? Has anyone done it? Anyone have a better way of doing it? We only need to pass in a small amount of data (a message id), and only from the webpage to outlook [update]: This is the error: automation server can't create object. We can get around it a bit by turning things off in IE, but thats not a good way to do it! Thanks

  Read the article

• Upload Image to Facebook Objective-C

  - by boopyman

  I'm currently trying to upload an image from my Mac application to Facebook. To do this, I'd like for the user to simply input his username and password, and to click a button. The only issue is, Facebook doesn't actually have an API for the Mac, it only has one for iOS. This shouldn't be a problem, except for the fact that to login, you must use a web view, something I'm not to keen on doing, since I'd like the interface to be two simple text fields. I've also looked into PHFacebook, a class I found online, but it also seems to utilize an NSWebView. I'm wondering if there's a security issue when you use text fields; indeed, it's slightly strange no available API offers this function ! So, to conclude, is it possible, or is there an API, that lets you upload an image and lets you provide the user's credentials through simple NSStrings?

  Read the article

• PHP cors validation

  - by Brian Putt

  I have an endpoint that takes GET requests to collect data from any source that wants to send data. Is there a way to run some validation that the data is in fact coming from the sources we allowed? They enter the website url that they will be sending the data from and we generate an api key. The data is sent via a javascript file that they install onto their website. I have the Access-Control-Allow-Origin set to * as it doesn't necessarily scale to add in hundreds or more websites to that header and that in itself is a security risk as it shows anyone who wants to look at the headers who uses the script. Currently I am thinking of using the http_origin / origin referrer, but obviously that doesn't do too much

  Read the article

< Previous Page | 502 503 504 505 506 507 508 509 510 511 512 513  | Next Page >