• Home

  • Custom Ecommerce
  • Application Development
  • Database Consulting
  • Cloud Hosting
  • Systems Integration
  • Legacy Business Systems
  • Security & Compliance
  • GIS

  • Expertise

  • About Us
  • Our Team
  • Clients
  • Blog
  • Careers

  • VisionPort

  • Contact
  • Our Blog

    Ongoing observations by End Point Dev people

    Moose roles

    Ethan Rowe

    By Ethan Rowe
    August 28, 2008

    Perl programmers,

    Moose roles give a really nice way of maximizing code reuse within an object system, while favoring composition over inheritance. This makes for shallower inheritance trees, reduced method dispatch spaghettification, and a more comprehensible, maintainable, extensible codebase overall. Revel in the glory.

    That is all.


    perl

    Acts As Xapian — It Just Works

    Sean Schofield

    By Sean Schofield
    August 26, 2008

    I just recently started listening to the podcast done by the guys at RailsEnvy. It’s an excellent resource for keeping up on what’s new in the Rails world and it’s how I found out about the new acts_as_xapian search plugin for Rails. The podcast mentioned this blog post which contains a very thorough rundown of all the different full-text search options currently available for rails. The timing of this article couldn’t have been better since I was in the market for a new solution.

    I was approaching a deadline on a client project here at End Point and I was having lots of trouble with my existing search solution which was acts_as_ferret. Setting up ferret was relatively easy and I was very impressed with the Lucene syntax that it supported. It seemed like a perfect a solution at first but then came “the troubles.”

    Ferret is extremely fragile. The slightest problem and your server will just crash. What was causing the crash? Unfortunately the server logs won’t give you much help there. You will receive some cryptic message coming from the C++ library if you’re lucky. Note that I skipped the suggested Drb server setup since this was a development box.

    After a while I would notice …


    rails search

    Review of The Book of IMAP

    Jon Jensen

    By Jon Jensen
    August 26, 2008

    Former End Point employee Ryan Masters had his book review of the No Starch Press published over at OSNews.com. Sounds like it was a decent book!


    books email

    On excellence

    Ethan Rowe

    By Ethan Rowe
    August 21, 2008

    The interwebular collective cup runneth over with blog articles addressing the subject of what makes good software engineers good. It is a topic about which many opinions are expressed. What is less commonly addressed, however, is the possibility that the very qualities that make for good software engineers may also make for good technical leaders, good managers, and just good coworkers, period.

    At End Point, we toss the term “ownership” around quite a lot, in a variety of contexts. When a particular task or responsibility goes from one person to another, we mention “ownership” when we need to communicate the significance and scope of the responsibility in question. The term may apply to a software engineering task, in which “owning” the problem means taking responsibility for all aspects of the engineering work, across the software stack, from prototyping to full development to deployment. It may also apply to a managerial or leadership role, for which “ownership” implies responsibility for all parties involved on a given project, task, or team, with the “soft” issues of human beings mattering at least as much—​and probably more—​as the “hard” issues of machines, software, etc. …


    culture

    Subversion or CVS metadata exposure

    Jon Jensen

    By Jon Jensen
    August 20, 2008

    At the talk “Rails Security” by Jonathan Weiss at LinuxTag 2008, he mentioned (among other things) a possible security problem for sites being run out of a Subversion (or CVS or even RCS) working copy, where the metadata inside the .svn/ or CVS/ directories may be exposed to the world. This post by someone else explains it nicely.

    Interchange appears not to be vulnerable to this by default as it will only serve files that end in .html, and all the .svn/ and CVS/ filenames have no suffix, or end with .svn-base, so are not served by Interchange.

    But if the docroot is served from a Subversion or CVS checkout, its metadata files are likely served to the world—​relatively harmless, but can reveal internal file paths, hostnames, and OS account names.

    For PHP or SSI, on the other hand, this could be a disaster, as the complete source to all files could be revealed, since the .svn-base suffix will cause Apache not to parse the code as PHP but pass through the source.

    If you use Subversion, CVS, or RCS on any project, I recommend you look into how your files are being served and see if there’s anything being exposed. Checkouts from Git, Mercurial, or Bazaar are not likely to be a problem, …


    security conference

    Some handy cryptography/networking tools

    Jon Jensen

    By Jon Jensen
    August 19, 2008

    Here’s a list of some nifty cryptography/networking tools Kiel’s pointed out lately:

    • socat — multipurpose relay; think netcat gone wild—​we used this recently to tunnel UDP DNS queries over ssh
    • cryptcat — netcat with twofish encryption (the Debian package adds a man page)
    • rsyncrypto — partial transfer-friendly encryption (modified CBC for smaller change windows similar to gzip; less secure than regular CBC)

    And a pretty unrelated but useful Red Hat Magazine article on the new yum-security plugin.


    networking

    Alaska Basin

    Jon Jensen

    By Jon Jensen
    August 18, 2008

    From Thursday to Saturday I backpacked with a friend and some of our kids into Alaska Basin (in the Tetons, in Wyoming), saw some beautiful scenery, and became reacquainted with the other kind of bugs for a while.

    The lake is Sunset Lake, where we went Friday night. I frolicked in the snowmelt water and lost my new glasses in the silt, but came back the next morning and found them after wading out 20 feet or so. It was a great trip.


    travel

    On “valid” Unix usernames and one’s sanity

    Jon Jensen

    By Jon Jensen
    August 13, 2008

    Today poor Kiel Christofferson ran into an agonizing bug. A few weeks ago, building a custom RPM of perl-5.10.0 (that is, the Perl distribution itself) wasn’t a problem. The unit tests passed with nary a care.

    But today it no longer worked. I’ll omit details of the many false paths Kiel had to go down in trying to figure out why an obscure test in the Module::Build package was failing. Eventually I took a look and noted that he’d tried all the logical troubleshooting. Time to look at the ridiculous. What if the test was failing because the last time he built it successfully it was under the user “rpmbuild”, while he was now trying with user “rpmbuild-local”?

    That was exactly the problem. Module::Build’s tilde directory (~username) parser was of the (false) opinion that usernames consist only of \w, that is, alphanumerics and underscores. The reality is that pretty much anything is valid in a username, though some characters will cause trouble in various contexts (think of / : . for example).

    I explained in more detail in CPAN bug #33492 which reports someone else’s experience with the test failing when the username had a backslash in it, such as the Active Directory name …


    perl
    Previous page • Page 214 of 220 • Next page