Security patching WordPress themes against Cross-Script Attacks (XSS)

A nice article explaining the vulnerability in Worpdress themes (in fact anything using php :-) was published some days ago. Now, there’s even a vulnerability scanner available (done in Perl). I ran it on several of the blogs I manage, and all of them were vulnerable to XSS (wp-scanner also tests other vulnerabilities) :-( I […]

HOWTO Installation of OpenWRT on a WGT634U usb router

Before the 7.06 stable version of OpenWRT there were many problems for making USB audio working on this exceptional router (the only one I know with a USB port). Problems with kernel version 2.4/2.6, problems with alsa, problems with USB not working (usb2), etc. Take a look at the forums, and see all horrible, painful […]

Journées Python Francophone 2007 Conference at La Villette, France

I went today to the JournÃ©e Python 2007 Conference in France. I managed to see half of the Twisted intro, some lightning talks, and most of the afternoon presentations (thanks to Ido’s mid-day nap). Most of the talks were introductory type, but they were finely presented (alas most of the audience already knew python). I […]

Change in syntax and functionality in Asterisk AstDB functions

Since Asterisk 1.2+, the methods to access the AstDB database (a berkeley local database) were changed from DBGet,DBPut,DBDel to the merged “simpler” one named Set (except for DbDel which seems to still exist). There was a functionnality that when a key was not found in AstDB, a jump would be done to n+101. So the […]

Nice introduction article on Pylons

Pylons is a cool web framework (one more, besides TurboGears, Django, Zope, etc.). Someone posted on the mailing list a reference to a nice introduction.

Troll of the day: Why Ruby sucks and why Python rocks!

I found a nicely written article about the problems with Ruby, written by a Ruby user, and why he found Python to be really good. There’s even a quote about Twisted! And, there are a bunch of things available to a Python guy that Ruby just canâ€™t compete with that are of particular interest to […]

New Apache module for integrating WSGI apps

Finally, after such painful setups, I really never could find a really suitable configuration that could satisfy me. Here are the different methods I tried to implement TurboGears/Pylons or similar WSGI/Python projects (MoinMoin for example): FastCGI: So complex to setup, crashes on its own so often, and leaves running processes in memory so have to […]

PyPy 1.0 has been announced!

PyPy version 1.0 is now available. That’s really a great news, and a milestone for the Python community (and the rest of the programming world). It’s not yet recommended to use it in production, but we’re not that far from that. Please read the announcement and go in the different links referenced there to learn […]

How to understand the ARP queries and replies fields with pypcap

I had a hard time understanding the function of each field in an ARP packet. The problem is that the fields change of meaning, depending on the opcode field. The two useful ones are for ARP queries (what is the ethernet address of the ip address I’m giving now) and ARP replies (that ip address […]

How to recover from Cyrus when you have some DB errors

I’ll try to explain some methods and tips on how to recover from a mix in db libraries, or from messages like: DBERROR: reading /var/lib/cyrus/db/skipstamp, assuming the worst: No such file or directory DBERROR db4: PANIC: fatal region error detected; run recovery DBERROR: critical database situation