Computers

I just got to ask you this: Is security bugs just normal bugs? Or should they be treated special?

The reason I ask, is because of a statement made by Linus Torvalds in a discussion on the Linux kernel mailinglist just a few days ago.

So I personally consider security bugs to be just "normal bugs". I don't
cover them up, but I also don't have any reason what-so-ever to think it's
a good idea to track them and announce them as something special.

Drupal is a finalist for the SourceForge 2008 Community awards in not less than 5 categories.

• Best project
• Best project for Enterprise
• Best project for Educators
• Best Tool or Utility for Developers
• Most Likely to Change the World

Sweet!

Today, I released version 0.8-dev of Munin, my PHP application firewall.

Munin 0.8-dev is available for downlod here.

I just posted this to Bugtraq, so I'll post it here to.

------------------------------------------------------------------------
Cross-Site Scripting (XSS) in phpWebSite 1.4.0 search
------------------------------------------------------------------------

Author: Audun Larsen (larsen at xqus dot com)
Date: Dec 29, 2007

--AFFECTED SOFTWARE--------------------------

Name: phpWebSite
Version: 1.4.0
Release date: Dec 11, 2007

Developed by the Web Technology Group at Appalachian State University,
phpWebSite provides a complete web site content management system ( CMS ).

This is mostly a note for myself, but sharing is caring.

To clear the content of a file:

$ echo "" > filename

To fill a file with junk:

$ cat /dev/urandom > filename

OK, here's the deal. I have some Pownce invites and they are no use just sitting there, not used by anyone.

So, If you want an invite, just add a comment or send me an e-mail and I'll send out the ones I've got.

The second release candidate for phpSysInfo 3.0 was released today.

Wow, I really don't know what hit me (yet) but I was fiddling with my server today and suddenly realized that it was under enormous pressure.

By the time I managed to get a screen shot it was all over, and things has returned to normal. Only left my swap partition almost full.

You can see that the load average the last five minutes is above 7, and that's seriously high.
While we are talking about load average check out this article about the mysterious load average.

After much work on the new phpSysInfo interface, I decided to test it in IE.

Since 99% of the code is pure jQuery code (we are talking about 400 lines of JavaScript) I had no reason to believe that it would fail. But off course, it did.

Creating XML files with PHP using SimpleXML is really easy, and elegant.

To create a SimpleXML object from a string, I use the following code.

$xml = simplexml_load_string("<?xml version='1.0'?>\n<phpsysinfo></phpsysinfo>");


From there it's really easy to expand.


$xml = simplexml_load_string("<?xml version='1.0'?>\n<phpsysinfo></phpsysinfo>");
$generation = $xml->addChild('Generation');
$generation->addAttribute('version', PSI_VERSION);
$generation->addAttribute('timestamp', time());