Suhosin is disbled by default in Debian, and soon Ubuntu - i hope

I think is the right aproach 

I don't believe in security by obscurity (this random patch it will secure your php ... riiight)

suhosin shouldn't be a patch it should be inside of php core or as module (think like the selinux situation) , So debian guys are right use the upstream unpatched version , let the core php devels decide if suhosin is right or wrong for them :less bugs , less patches , life is better = more security and fast updates in debian

Did i told you that upstream doesn't test suhosin patch when they run the tests ?
And with that patch php core is not the same , there are some bugs that i found related to it  (in debian/ubuntu) and it happens only when that invasive patch is applied

updating passenger in rails and ubuntu 10.3 lts

I had one issue with an old instalation of passenger and nginx (kernel 2.6.32 doesn't quite deliver signals to the nginx 0.8.x)

I download the current dark passenger

wget http://rubyforge.org/frs/download.php/75548/passenger-3.0.11.tar.gz
tar -zxvf passenger-3.0.11.tar.gz
cd passenger-3.0.11/
rake package
sudo su # and make me a sandwitch

cd pkg
gem install passenger-3.0.11.gem

start the nginx wizzard

/var/lib/gems/1.8/gems/passenger-3.0.11/bin/passenger-install-nginx-module

choose (1),(1)
enter enter enter
and all is installed

Read what is needed to add to nginx config if you do an upgrade

mainly the new passenger path

Please edit your Nginx configuration file (probably /opt/nginx/conf/nginx.conf),
and set the passenger_root and passenger_ruby configuration options in the
'http' block, like this:

  http {
      ...
      passenger_root /var/lib/gems/1.8/gems/passenger-3.0.11;
      passenger_ruby /usr/bin/ruby1.8;
      ...
  }

After you (re)start Nginx, you are ready to deploy any number of Ruby on Rails
applications on Nginx.

Press ENTER to continue.

The END

encoding decoding strings in python3.x

I like to think of  encoding of strings in python3 to the analogy of encrypting your plain text into a random stream of bytes

string (plain text) -> encode (encrypt) -> bytes (stream)
bytes (stream) -> decode (decrypt) -> string (plain text)

and the codec you choose is your key (utf-8 ...)

Typing so many times the password in sudo is good or bad ?

Well if you watch National treasure  you will see how easy is to spot the common keys that you press with a special fluorescent/UV light , also the fingerprints on a keyboard are more visible on thouse keys (that would be the keys for sudo for example , or the login window) also some social engineering helps (knowing the person)


- I'm here.
- Give me the letters for her password.
What do you got for me?
Hit me with it.
A-E-F-G...L-O-R-V-Y.
Anagrams being listed.OK.
Top results: "A glove fry."...
...
- It's "Valley Forge"."Valley For..."
I don't have that on my computer.It's "Valley Forge" -she pressed the E and L twice.
Valley Forge was a turning pointin the American Revolution.C
an I marry your brain?
We're in.


That is why is better to use the ssh-agent , password-less sudo
and spread your password keys over your keyboard , and one more hint
it shouldn't be any reference to anything known about you in public/private life (eg if you love history:historical references with years dates , places)

Welcome to the U-nderland

All you want is here , minus start menu and the close menus and minus the menus ,
Oh i told you that you shouldn't use menus , It's a paradigm shift , everything is search and google

Via doctormo who will be removed from the ubuntu holly planet
But dude where is my menu and close button
In the hud , in the hud  a small voice creeps into the ethereal space

 

Ubuntu Romania and Libre Software Romania (software liber) are against ACTA

Between revolutions we have to fight ACTA too , I will copy paste the message from Stas

Apparently, while most of the Romanians were busy with „Băsescu” crisis and snow, ourgovernment decided to sign ACTA.

To be honest, I’m not sure who’s job was to inform European population about this upcoming decision, but they did it in the worst possible way. Anyway, if you feel the need of blaming your regional/representative politician, you can get his address from here:agenda.grep.ro.

For those who just woke up in this world, and have no clue what’s this all about, take a look at this video.

About the picture above is from doctormo

Configuring pydev for django

I love some of the pydev features and here is my usual django/python setup

Install eclipse classic

Configure updates and add pydev

Configure updates and add eclipse themes

Install ipython
sudo easy_install ipython

Create or import pydev/django project

Configure java script editor (WTP webtools) in updates (in my case for indigo , choose from the repository manager in updates)

Learn and configure howto do remote debugging for django

The eclipse git plugin it crashed on me , aka it failed when i tried to do a push
It's slower than the c based implementation (eclpise plugin for git is written in pure java )
Did i told you that doesn't work , ok So you need to use command line for git , it's faster and better

Why Zope fails and Django is better

I quote a thread from reddit and if you still use zope/plone you fail , there is nothing pythonic in the zope

I did a beginner mistake once to think that zope is somehow python and i could handle all the complexity and zope core ugliness but now I know the complexity monsters can't be tamed (include there XML , JAVA2EE, zope ... )

As a Python programmer, hardly anything you knew was useful when trying to do stuff in Zope. It was its own universe, with its own physical laws. You could do some simple things via the web interfaces, but as soon as you want to do stuff in Zope's odd variant of Python, you had to start from scratch.

And as a result, we lost a whole generation of Python web programmers.

In that respect, Django is more of an anti-Zope -- it's plain old Python pretty much all the time, you don't have to unlearn or relearn anything, and it has done more to get new programmers to pick up Python than any single Python library or application ever released before it. Heck, the Django mailing lists are almost as crowded as the Python mailing lists these days.

Illegal parameter: -WG while switching project from free pascal 2.4 to 2.6

While switching compiler from 2.4 to 2.6 under debian sid i had this error whilile
compiling an project created under ubuntu with lazarus 0.9.30.x and fpc 2.4

Illegal parameter: -WG




Solution is to remove : Target OS specific options (Win32 gui application -WG) from Project Compiler Options

Debugging tips for #perl tfmail.pl on a shared host with no logs , and windows on it ...

Well the story is that the tfmail.pl shows only this
Application Error An error has occurred in the program so no debug errors or anything else
I had to add debug mode for the script and saw this tip how to do it :

With Perl there is something you can try that will attempt to redirect error messages to the browser so you can attempt to diagnose the problem. Open the script in your text editor, and under the path to Perl on the first line, place this:

use CGI::Carp qw(fatalsToBrowser);

Only then I saw that LOGFILE_ROOT was set to '.' and that made the script die I have fixed the line

use constant LOGFILE_ROOT   => '';

and reuploaded and all was ok after that

Fibonacci procedure for #firebird

I had to do  (recursive function example) Fibonacci stored procedure for Relational Databases exam
so here it is
To run it and test the numbers type in flamerobin

SELECT N_FIBONACCI
FROM FIBONACCI ('6')
=8