Letters to the Editor
Thank you for the article by Reuven Lerner. I have been using file uploads for some months to allow students to upload assignments to my site for marking. Since they already have accounts, I use their UNIX password to check who they are.
File upload is part of HTML 3.2 and should be available from every browser. However, the standard says this is a slightly obscure part and may not always be supported. Internet Explorer 3 is one browser that does not support it, for example. Instead of a file selection box, the user sees a text entry area, and only the file name is uploaded, not the contents of the file. You need to guard against such browsers both at the HTML end (“You should see a file selection box here”) and by checking the output at the server end.
Hmm, I have been using attached files for months with a variety of clients, and no one ever mentioned this. (I thought I had tried it with Internet Explorer. I know some of my clients use IE, but I guess they used Netscape or something when they uploaded files.) Thanks for teaching me something new.
I regularly buy LJ here in Switzerland, and while in the USA recently I took the opportunity of buying Issue 46 a few days early as one of my particular interests is database design. While in general I found issue 46 was up to your usual excellent standards, it was unfortunately spoiled for me by the following throw-away remark made by Stu Green in his review of S.u.S.E. V5.0:
There are some minor errors in translation from the German, including the presence of some characters unique to that language being left as is, in particular in the names of individuals. These mistakes are easy to overlook.
Perhaps I have been living in Switzerland (a country with four national languages) too long, and I'm missing some ironic humour here. The alternative possibility, that Stu actually believes that people spelling their own names with characters from their mother tongue constitutes a mistake, is surely too insular even for Texas!
Given the international history of Linux (please note that most of the characters unique to German also exist in, for example, Finnish), it's a shame to see this Anglo-centric view of the world persist.
Perhaps the only crumb of comfort I can find in this situation is that software developers here in Europe and in Asia will continue to be able to market their products to several hundred million consumers with minimal competition from the English-speaking community.
In the February 1998 LJ's “From the Editor” under Databases, you said, “Sybase sells an official Linux version but refuses to support it.” I have spoken with several Sybase salespeople, and all of them told me that they do not sell any version of their SQL server for Linux.
I was wondering where you got this information, or better yet, who I might talk to in order to purchase a copy.
A system administrator, who was researching databases in order to buy one, made this statement to linux-list on-line. Since he was someone I know to be trustworthy, I believed it without checking. [Always a big mistake.] I have since learned that Sybase did have a client side freely available for a while, but work was stopped and the server side was not done. It is now being worked on once more. Our publisher Phil Hughes has been talking to the programmer doing the port. Sorry for the misinformation—Editor
I'm writing in reference to the “Best of Tech Support” item entitled “How Do I Remove This File?” (March 1998).
The information given in response to the question is absolutely correct. However, beyond the basic information about how to delete such files, a warning should be added: discovery of such files is a bright red flag that your system may have been compromised by hackers.
Hackers will very often use file names and directories with such names as “. ”, “.. ” and “...”. These names are easy to ignore in a directory listing and are commonly overlooked by novice (and even experienced) users. Also, hackers will use directory names of legitimate applications, such as “.elm”, “.data” and “.tin”, because these directories don't show up in a normal ls listing and because they appear normal. Naturally, there are many variations on this basic theme, but if you spot such directories in unexpected places (or even in legitimate user directories), further investigation is definitely warranted.
Another warning flag is the presence of IRC files. The IRC is a seething hotbed of hacker activity these days, because it's so easy to become anonymous and because of the total lack of security controls inherent in the entire IRC system. So called “warez” channels provide an easy and totally anonymous way for hackers to exchange pirated software and hacking tools. If you start seeing “eggbot” files on your system, it's possible at least one of your user IDs is being misused. It's been my experience that many of these people want only to quietly misuse a stolen account for purposes of running their IRC bots, but some of them have attempted some really nasty attacks. In general, it's wise to cast a suspicious eye on any sort of unexpected IRC activity on your system.
Finally, another trick currently in use by hackers is to use lynx to download hacking tools. By storing their files on a web host and then using lynx to retrieve them, they can bypass the logging that often occurs with an FTP server and may be able to blend in more easily as a legitimate user.
|Speed Up Your Web Site with Varnish||Jun 19, 2013|
|Non-Linux FOSS: libnotify, OS X Style||Jun 18, 2013|
|Containers—Not Virtual Machines—Are the Future Cloud||Jun 17, 2013|
|Lock-Free Multi-Producer Multi-Consumer Queue on Ring Buffer||Jun 12, 2013|
|Weechat, Irssi's Little Brother||Jun 11, 2013|
|One Tail Just Isn't Enough||Jun 07, 2013|
- Speed Up Your Web Site with Varnish
- Containers—Not Virtual Machines—Are the Future Cloud
- Linux Systems Administrator
- Lock-Free Multi-Producer Multi-Consumer Queue on Ring Buffer
- Non-Linux FOSS: libnotify, OS X Style
- Senior Perl Developer
- Technical Support Rep
- UX Designer
- RSS Feeds
- Reply to comment | Linux Journal
2 hours 31 min ago
- Yeah, user namespaces are
3 hours 47 min ago
- Cari Uang
7 hours 18 min ago
- user namespaces
10 hours 12 min ago
10 hours 37 min ago
- One advantage with VMs
13 hours 6 min ago
- about info
13 hours 39 min ago
13 hours 40 min ago
13 hours 41 min ago
13 hours 43 min ago
Free Webinar: Hadoop
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Some of key questions to be discussed are:
- What is the “typical” Hadoop cluster and what should be installed on the different machine types?
- Why should you consider the typical workload patterns when making your hardware decisions?
- Are all microservers created equal for Hadoop deployments?
- How do I plan for expansion if I require more compute, memory, storage or networking?