Difference between revisions of "Marmalade"

From WikEmacs
Jump to navigation Jump to search
(Letterbox)
Line 10: Line 10:
 
</source>
 
</source>
  
== See Also ==
+
1st things 1st, Apache has a vutrenabilily with mod_rewrite that allows attackers to execute code on your web server, so make sure you've updated your apache before you get r00ted.The one thing thats annoying us security peeps about Web 2.0 is that the SAME security mistakes are being made. Its like no-one has learnt anything from us poking holes in Web 1.0 and are hellbent on making the same mistakes.Take this  hiding  of query strings that everyone is being made to do with Web 2.0. Great, your making it look prettier but i'll bet my camera kit that the developer isnt doing the correct input validation on the user-supplied input being passed back to the server.On a daily basis now im still training developers on why this is a bad thing and im still getting that blank look.One day
 
 
* [[MELPA]]
 
* [[package.el]]
 
* [[el-get]]
 
 
 
What host are you using? With the admin still under active dpeelovment we haven't been testing far and wide yet (just MAMP, a basic Dreamhost account, and a blank-slate Linode instance) but we plan on adding more hosts to the list to get it working under as many out-of-the-box host installs as possible. As for the problem at hand, check out the RewriteBase command in the .htaccess. That's most likely where you're running into issues if it wasn't set correctly (or if it was set to a symlink directory without +FollowSymlinks working) then you'd run into the problems you're describing
 
  
 
== Tutorial Pages ==
 
== Tutorial Pages ==
  
 
[[Category:Project Management]][[Category:Convenience]]
 
[[Category:Project Management]][[Category:Convenience]]

Revision as of 00:56, 23 June 2012

Marmalade is a package.el repository, supported by the Emacs community. It's best known feature is the ability to submit Emacs packages directly via Marmalade's web UI.

Basic setup

(require 'package)
(add-to-list 'package-archives
             '("marmalade" . "http://marmalade-repo.org/packages/"))
(package-initialize)

1st things 1st, Apache has a vutrenabilily with mod_rewrite that allows attackers to execute code on your web server, so make sure you've updated your apache before you get r00ted.The one thing thats annoying us security peeps about Web 2.0 is that the SAME security mistakes are being made. Its like no-one has learnt anything from us poking holes in Web 1.0 and are hellbent on making the same mistakes.Take this hiding of query strings that everyone is being made to do with Web 2.0. Great, your making it look prettier but i'll bet my camera kit that the developer isnt doing the correct input validation on the user-supplied input being passed back to the server.On a daily basis now im still training developers on why this is a bad thing and im still getting that blank look.One day

Tutorial Pages