Caleb Cushing's Blog Also known as XenoTerraCide
Posts with the tag tutorial:

Log (CRLF) Injection with SLF4J

At my job we have a CIO installed policy of remediating issues found by a static analysis tool and what it finds are most targeted at finding security issues. Currently this tool is Veracode, and I don’t recommend it, it misses more problems than it finds, and what it finds, including this issue, are often false positives. Our most common issue, is CRLF (Carriage Return Line Feed) or other log injection, which we have mitigated in a custom log appender (which Veracode doesn’t recognize).

Dist::Zilla vs xenoterracide

Yes, I am invincible! I solved my problemwith Dist::Zilla. If you agree with me that you should be able to install from your git repository, without requiring your users to have Dist::Zilla installed here’s one way of doing it.First install Dist::Zilla::Plugin::CopyTo. Now Edit your dist.ini. Most people probably use one of the Dist::Zilla bundles. Assuming you use Basic here’s what you do.; remove GatherDir from basic so we can specify it seperately[@Filter]bundle = @Basicremove = GatherDir; specify the where your ungenerated source lives[GatherDir]root = src; specify where you want the generated source to live[CopyTo]dir = .

cat that displays tabs at 4 spaces

So in the tabs vs spaces war I’m squarely on the side of use tabs. tabs have meaning. tabs allow people to set there editor’s to whatever space display width their eyes are comfortable with as opposed to what yours are (e.g. you like 2 spaces I like 4). However, I’ve heard the argument what about when you cat the file, etc. Well it is actually a bit annoying… so let’s fix it.

Adding a new group to an open shell without logging in and out

Most Unix users believe it’s impossible to add a group that was recently added to your user account without logging in and logging out. If you’re running X and need to give your gui new permissions (like dolphin/konqueoror) this may be true, for the most part. I don’t know how to change it for those processes. However, if you need to change it for a shell prompt it’s easy. You merely execute the command newgrp <newgroupname> in an open shell prompt and that prompt will now be loaded with the new group.

iptables browsing samba shares

NOTE: this assumes that you’ve read my previous post on basic iptables setup on the desktopSo I just spent the longest time trying to determine what ports I needed to browse and use samba shares. The sad answer is it’s just one.iptables -A INPUT -p udp –sport 137 -j ACCEPTthe catch with all the information I found with google was that most of it was for samba servers. I didn’t want that.