by James Turner | @ blackbearnh | Comments: 1 | 24 November 2010TweetIf you live in the United States, this is the week to the throat in Turkey. I wondered aloud last night my wife if the Thanksgiving is the day of the year when most people eat the same food. You can one of our readers overseas add to the conversation?There is a holiday in his country where everyone eats practically the same? de anyway, by American brains shut an overdose of fill, some developer news here can be used.
The Java language has continued to evolve over the years, adding features such as genéricos.Hay components an ambitious wishlist of things that developers would like to see in Java 7, but apparently there is not enough time to do everything and still leave the timely release. Of a result, the joint programme has decided to give up some of the up Java goodies 8, is not expected to grace the world until the end of 2012.
As a LISP-head, the deferred list item recovery that detects more than my eye is lambda expressions/cierres.Con even relatively "primitive: languages such as Objective-C, beginning to take these structures in the form of blocks, Java is already behind the curve in this regard." It is a shame to have to wait another year.
No word if Java Plan B require prescription from a doctor, or be made available to the developers of those under age 18 without a note from his parents.
As someone who has 10 framed shares of SCO hanging over your toilet, I was definitely among the many who rejoiced in thrashing sound SCO received at the hands of Novell, insofar as owner of Unix. Conventional wisdom was that Novell would be reasonable for the IP of Unix caregiver and would be unlikely to use against those who used Linux.
Life is definitely less clear now that is consumed by Attachmate Novell. On the one hand, part of the deal implies the transfer of a large piece of Novell intellectual property to a company front for Microsoft. It is hoped that it is only the normal collection of software that every large company seems to stop spam and not something that would provide a means of attack against Linux patents.
I am not sure what is teaching in the universities of new fangled these days, but for sure ain't security software.At least that is the course I do, given the number of attacks, SQL injection and shell that I hear about from each month.
My noise last week was about null pointer exceptions.They are sloppy, but normally inofensivos.Los attacks injection can take towards bottom system or disclose confidential information to the bad guys.In my wasted youth, I ran a chat system and added support for email, so people could send mail from within of programa.Cometí failed to attach to the email address at the end of a chain that runs as a shell command address.Not long before they need some "intelligent" uses the email address";""rm-fr"There was my entire source tree of (no support).
Open source software is particularly vulnerable to SQL injection attacks, due to the SQL schema is generally conocido.Si you're lazy and build queries that use string concats with data provided by the user, is trivial to enter data that is successful, but also inserts, or deletes data, tables completely diferentes.Debe always use parameterized tools to place data in queries or insertions and probably self-sanitize the data as well.
It must also execute queries with the credentials necessary minimum, for example, have a user database that can only be selected, and use it for any part of the system that does not require updates datos.Y base have a privileged of being the only one who can update or access to sensitive areas of the database user.
This is all for this semana.Sugerencias are always welcome, so please send suggestions or news here.
No comments:
Post a Comment