Blog
Understanding XSS to prevent it
There was recently a completely stupid XSS story covered on Slashdot whose main argument is quoted below.
Fortunately this is completely bullshit. We will later discuss what kind of countermeasures can be taken, but first of all make sure you know what XSS is for that purpose i would suggest reading the XSS FAQ.
brain-dump.org finally goes online
After some time on my personal webserver which is only accessible
from dyndns, brain-dump.org finally goes online. For those of you wondering about the name, brain-dump.org i would suggest reading the about page.
Hope you enjoy the stay and find some useful information.
Marc
Developing Java Macros for OpenOffice.org and debuging them with Eclipse
I recently had the pleasure to develop a OpenOffice.org Java Macro and from that expirience i can tell you that it is a
pain in the ass.
No really, to start with the API is well not that simple and easy to work with. I understand that it is a complex task to create a cross plattform cross language, network aware component framework but the whole UNO
thing is probably a bit over designed (see the Developer Guide with 1100+ pages).
Maybe i yust don't grasp it yet, so to let you judge yourself here is a junk of code. It's a simple helper class which demonstrates some basic functions like filling out form fields.
Combine Winpooch and ClamWin to protect your Windows Clients with 100% free software
You probably know clamav the popular opensource antivirus scanner which is widely used
on mailservers etc. There is also a Windows Port, ClamWin available which
can be used to scan files on the Windows platform. Unfortunately ClamWin currently lacks an on-access scanner,
which is a must have for a modern desktop virus scanner.
This is where winpooch comes in. Winpooch is a API-Hooker that is it catches
System calls checks them against a filter list and then proceed according to the configured action.
Therefore it can be used to pass executed files over to ClamWin which checks them for viruses, resulting in an
on-access scanner. If you are extra paranoid and don't care about potential performance issues you can even
configure winpooch to call ClamWin on every opened file.
To configure Winpooch you have to go to the configuration tab and there select ClamWin as antivirus solution.
If this is done, you should test your setup with a test virus.
Download eicar.com and run it, ClamWin should now detect the virus and Winpooch should ask whether you want proceed.
Winpooch also detects when a programm want's to place itself in a auto startup positon, for example via
the registry or a startup folder, and asks if you want to allow or deny the action.
So you get a 100% opensource and free software antivirus/spyware solution for your Windows client computers.
Marc
Using Debootstrap, Pbuilder and Co to build Debian Packages
Building debian packages within your normal system can be
quite dangerous because care has to be taken that the resulting
binary won't link against wrong libraries etc. To simplify this
process there are a few useful tools available. These can not
only be used to build packages, other use cases include building
a chroot environment from a given distribution or install a base
system.
Creating a chroot environment
Debootstrap builds a chroot environment of a given distribution. First take a look at what will be installed.
debootstrap --print-debs sid .if it looks ok then download the packages i prefer to keep them in a tarball for further use
debootstrap --make-tarball sid-chroot.tgz sid .later you can use that tarball to actually extract the debs an install them into a given directory.
mkdir ~/sid-chroot && cd ~/sid-chroot
debootstrap --unpack-tarball sid-chroot.tgz sid .so if everything worked so far you should now have a complete root filesystem which is ready to chroot into.
chroot . /bin/shAnother package which can do nearly the same is cdebootstrap, it is mostly a reimplementation for debootstrap written in the c programming language for use in the debian-installer.
cdbootstrap -f minimal sid .
Compiling packages in a clean room environment
If you wan't to compile debian packages in a clean room environment then take a look at pbuilder. First you will need to create a build environment, as a side note pbuilder uses debootstrap to accomplish this.
pbuilder create --distribution sidThis will create a base.tgz file in /var/cache/pbuilder. By default changes to the pbuilder environment will be lost after logout. To prevent this you have to login as follows
pbuilder login --save-after-loginNow we are able to build actuall packages for example do something like
apt-get source gcc-4.1-source
pbuilder build *.dsc
Further information
For further information consult the manpages of the corresponding programs. In addition the following sites could be quite interesting.
