Perl Objects References & Modules Book Review

Perl gives a complete solution to the object oriented programming methodology, it is not easy for the beginner and may be intimidating, it is recommended for the advanced programmer that wants to use Objects in Perl, create and maintain existing Object Oriented programms.

It is very recommended to read this book from beginning to end without jumping chapters because every chapter presents better ways to do previously explained code.

Ch 1 – Introduction
It is recommended to read before “Learning Perl” or the Llama book.

Ch 2 – Building Larger Programs
Here are explained the packages, method to include them and how to divide the program in parts using “do”.

Ch. 3 – Introduction to References
References clarified, explained with many examples are References to Array and Hashes.

Ch. 4 – References and scoping

More examples on how to use references and how to manage anonymous data structures.

Ch. 5. Manipulating Complex Data Structures

Teaches how to use the debugger to examine complex data structures using Data::Dumper and how to read the output of the debugger into a program with Storable module.

Ch. 6 – Subroutine References

All is well organized, after explaining an introduction to references it is explained References to Subroutines (coderef). Like with anonymous data structures, you can create anonymous subroutines with Perl and returning subroutines from other subroutines.

Ch. 7 – Practical Reference Tricks
At this point you will learn about the sorting efficiently strategies and how to optimize the task with the “sort” operator.

Cap 8 – Introduction to Objects
It begins from the most basic classes, describing advanced use of classes and difference between -> and :: in method invocation.

The use of @ISA variable and SUPER (for Super Classes) word for inheritance, methods overriding in classes.

Very good explained how to reuse code, step by step.

Cap 9 – Objects with Data
Explains the “bless” operator, creates objects, instance of classes and how they work in simple examples with many member variables. You understand object constructors, differences between using Classes or Objects and how you implement encapsulation.

Cap 10 – Object Destruction
It is important to know when an object gets destroyed because you would need to take cleanup actions, for that exists the DESTROY method that is automatically called when the Object dies.

It begins with simple examples and goes to Nested Object Destruction, the %REGISTRY variable and instructive examples to analyze.

Cap 11 – Some Advanced Object Topics

Use of UNIVERSAL class, the class from which all objects are derived, its “isa” method (test if the class is a member of a given class) and “can” methods (test if the class has a specified method) available in all the objects:

$object->isa(“Animal”)
$object->can(“printname”)

This chapter also presents the AUTOLOAD method, explains the use of Class::MethodMaker CPAN module, Multiple Inheritance.

Ch. 12 – Using Modules
This chapter explains how to use and write our own modules.

Ch. 13 – Writing a Distribution
Creating a distribution is what you need if you want to incorporate in your module installation information, documentation, know if there are missing files needed by the module, testing features and verify the correct operation of the module (make test) and c language interfaces.

Ch. 14 – Essential Testing
What to test ? How to test ? Randal gives an introduction to testing the perl modules we create and how to use Test::Simple or Test::More modules.

Ch. 15 – Contributing to CPAN
If you create a new module and do want to share it with the world to help others with your creation, what you need is CPAN, the Comprehensive Perl Archive Network. You will learn how to prepare your distribution, upload, announce and get it tested by other developers in all kind of platforms.

Secure php Server and programming practices

In one of my works, the company wanted to have their webpage and they contracted a freelance programmer.
Keep up reading !

He coded this in PHP:
if(!$top)
$top="top_home.php";
include($top)

This code works this way, you call the webpage with this url:
www.server.com/index.php?top=page.php

For this to work we need in php.ini this variable in ON
register_globals = On

This is very insecure, so we asked him to do this change:

if(!$_GET[top])
$_GET[top]="top_home.php";
include($_GET[top])

This is a little more secure, but it is a trap, you can still compromise the security of the server with a query like this:

www.server.com/index.php?top=/etc/passwd

I recommend:

1) To hardcode the filenames you want to open.
2) Use fopen() to open the filename, store it in a variable and then print it.
3) Do not use include()
4) Check the input variables with regular expressions ! Like this:

if (ereg("^[a-z]+\.html$", $_GET[cen])) {
echo "Good!";
} else {
die("Try hacking somebody else's site.");
}

5) Be preventive, save into logs or send you an email when somebody is trying strange things in your server, you will probably not be able to send the hacker to prison but detect the attack and take preventive measures if neccesary, with new politics.

I hope it helped somebody, this is very common.

What is required to be safe when you program a website and worry about Security is...

In httpd.conf configure
php_admin_value open_basedir "/home/webpagedirectory/"

In php.ini configure
allow_url_fopen = Off
enable_dl = Off
expose_php = Off
error_log = /var/log/error_php.log

Security is a process.
If this was usefull please leave me a message with feedback !!! Thanks.

Binaries changing size in Fedora Core 4

I think that it is probably this cause, the yum.cron running daily at 4:03. This "yum" program that updates the system files automaticaly. It is strange that the updated rpm's do not appear as the new rpm version, that it just updates the binaries and not the rpm package... That is how it looks like, so i will investigate further, for this night, i will check if the binaries change without the "yum". Just in case, the machine was scanned with F-PROT for Linux and all is fine with it.

12/11/05 I chmod -x /etc/cron.daily/yum.conf and the problem continues, today i will try out if it is a cron.daily job or something else.

12/11/05 18:00: The cause was found. The "prelink" binary and cron.daily script is the cause. The prelink program in Linux modifies the ELF shared libraries and ELF dynamicaly linked binaries to run faster.

Strange binaries changing size in Linux

Last week i noticed a problem in one of my machines in two of our Redhat Fedora Linux machines. I realized about this problem when i executed the bash command "umask" instead of receiving 0755 or whathever the mode of files creation is, i received "Linux". So i checked the rpm packages installed from bash, procps, lsof, made a copy from the installed binaries in a directory and reinstalled the original packages from CD, the same version that was installed already.

rpm -i --force

Then i compared the previous binaries and the new ones (installed from the rpm package) and the size was different, so something changed the files, but not the package, so it was not an up2date from Redhat.

I looked at my co-worker machine and there was happening the same, he has FC4 and me FC2. So i decided to investigate and coded a daemon in c to check when the files change and send me an email with information about processes and who is connected to the machine.

In my machine with Fedora Core 2 the files just changed once, and next night no more... strange, i dont know what happened there. In my co-workers machine, the files are changing every night at 4:02, nobody connected to the machine and these processes running:

root 19090 2184 0 04:02 ? 00:00:00 crond
root 19091 19090 0 04:02 ? 00:00:00 /bin/bash /usr/bin/run-parts /etc/cron.daily
smmsp 19464 19090 0 04:02 ? 00:00:00 /usr/sbin/sendmail -FCronDaemon -i -odi -oem -oi -t
root 20037 19091 0 04:02 ? 00:00:00 /bin/sh /etc/cron.daily/rpm
root 20038 20037 28 04:02 ? 00:00:02 /usr/lib/rpm/rpmq -q --all --qf %{name}-%{version}-%{release}.%{arch}.rpm\n
root 20039 20037 0 04:02 ? 00:00:00 sort
root 20040 19091 0 04:02 ? 00:00:00 awk -v progname=/etc/cron.daily/rpm progname {????? print progname ":\n"????? progname="";???? }???? { print; }
root 20042 15186 0 04:03 ? 00:00:00 /tmp/.backup/ps -ef

So may be the cron.daily is involved. I will continue investigating.

I hope i can post news about this problem that may be is related and automatic update in Fedora Core 4.

Installing IMAP on Linux FC3

I want to install IMAP on Linux because:

• The webmail programms able to create folders with IMAP and not with POP3.

• IMAP is better.

• I think it is better idea to install IMAP than adding code to an existing webmail solution.

I tryed to install Cyrus imap that comes with Fedora, but i had many problems.
master[12190]: retrying with 1024 (current max)
master[12190]: can't open pidfile: Bad file descriptor
master[12192]: setrlimit: Unable to set file descriptors limit to -1: Operation not permitted
master[12192]: retrying with 1024 (current max)
master[12192]: can't open pidfile: Bad file descriptor

• And imapd do not working with xinetd, and db4 with errors in lastlog:

lmtpunix[23898]: DBERROR: opening /var/lib/imap/deliver.db: cyrusdb error
lmtpunix[23898]: FATAL: lmtpd: unable to init duplicate delivery database
master[17437]: process 23898 exited, status 75
master[17437]: service lmtpunix pid 23898 in READY state: terminated abnormally

lmtpunix[23898]: DBERROR: opening /var/lib/imap/deliver.db: cyrusdb error
lmtpunix[23898]: FATAL: lmtpd: unable to init duplicate delivery database
master[17437]: process 23898 exited, status 75
master[17437]: service lmtpunix pid 23898 in READY state: terminated abnormally

There are no solutions in Internet for these problems, so i decided to install Washington IMAP.
http://www.washington.edu/imap/

These where the steps in Linux:

$ mkdir /tmp/imap
$ cd /tmp/imap
$ lynx ftp://ftp.cac.washington.edu/mail/imap.tar.Z
$ tar zxvf imap.tar.Z
$ cd imap-2004g/

(Look inside Makefile and see what argument you need to give to the make command, i use "rhl" because it is Redhat or Later)

$ make rhl
$ install -s -m 755 -o root -g mail imapd/imapd /usr/sbin

Create an /etc/xinetd.d/imap file:

service imap
{
disable = no
socket_type = stream
server = /usr/sbin/imapd
protocol = tcp
user = root
wait = no
}

$ killall -HUP inetd

[root@monitor1 imap-2004g]# telnet localhost imap
Trying 127.0.0.1...
Connected to xxx.walterlamagna.com.ar (127.0.0.1).
Escape character is '^]'.
* OK [CAPABILITY IMAP4REV1 LITERAL+ SASL-IR LOGIN-
REFERRALS STARTTLS LOGINDISABLED] localhost IMAP4
rev1 2004.357 at Sat, 5 Nov 2005 23:07:15 -0300 (ART)

Excelent, IMAP is working !!

Now you would probably get this error in /etc/messages when you try to login:
imapd[14370]: Login disabled user=pepito auth=pepito host=localhost [127.0.0.1]

And when you: telnet localhost imap, you will probably see LOGINDISABLED.
This is because you compiled imap with the option:
SSLTYPE=nopwd

If you do not want to use SSL, just plain passwords, you have
to change the Makefile and change SSLTYPE=nopwd for SSLTYPE=none.
And recompile.
Restart xinetd

And now i should work :)

Movie about Linux, OS Revolution

REVOLUTION OS tells the inside story of the hackers who rebelled against the proprietary software model and Microsoft to create GNU/Linux and the Open Source movement.

On June 1, 2001, Microsoft CEO Steve Ballmer said "Linux is a cancer that attaches itself in an intellectual property sense to everything it touches."

Microsoft fears GNU/Linux, and rightly so. GNU/Linux and the Open Source & Free Software movements arguably represent the greatest threat to Microsoft's way of life. Shot in cinemascope on 35mm film in Silicon Valley, REVOLUTION OS tracks down the key movers and shakers behind Linux, and finds out how and why Linux became such a potent threat.

REVOLUTION OS features interviews with Linus Torvalds, Richard Stallman, Bruce Perens, Eric Raymond, Brian Behlendorf, Michael Tiemann, Larry Augustin, Frank Hecker, and Rob Malda.

Change from Half to Full duplex in Linux

I had to change a network card from Half to Full duplex to test our Internet link.

This is performed with the mii-tool.

# mii-tool --force=100baseTx-HD eth1 (half duplex 100 base T)
# mii-tool --force=100baseTx-FD eth1 (Full duplex 100 base T)
# mii-tool --force=10baseT-FD eth1 (Full duplex 10 base T)
# mii-tool --force=10baseT-HD (Half duplex 10 base T)

I hope it helps :) Please, leave a comment if it was helpfull !!!

Walter

Advantages of Linux over its commercial competitors

Linux is free.
You can install a complete Unix system at no expense other than the hardware.

Linux is fully customizable in all its components.

Thanks to the General Public License (GPL), you are allowed to freely read and modify the source code of the kernel and of all system programs.

Linux runs on low-end, cheap hardware platforms.

You can even build a network server using an old Intel 80386 system with 4 MB of RAM.

Linux is powerful.

Linux systems are very fast, since they fully exploit the features of the hardware components. The main Linux goal is efficiency, and indeed many design choices of commercial variants, like the STREAMS I/O subsystem, have been rejected by Linus because of their implied performance penalty.

Linux has a high standard for source code quality.
Linux systems are usually very stable; they have a very low failure rate and system maintenance time.

The Linux kernel can be very small and compact.

It is possible to fit both a kernel image and full root filesystem, including all fundamental system programs, on just one 1.4 MB floppy disk. As far as we know, none of the commercial Unix variants is able to boot from a single floppy disk.

Linux is highly compatible with many common operating systems.

It lets you directly mount filesystems for all versions of MS-DOS and MS Windows, SVR4, OS/2, Mac OS, Solaris, SunOS, NeXTSTEP, many BSD variants, and so on. Linux is also able to operate with many network layers, such as Ethernet (as well as Fast Ethernet and Gigabit Ethernet), Fiber Distributed Data Interface (FDDI), High Performance Parallel Interface (HIPPI), IBM's Token Ring, AT&T WaveLAN, and DEC RoamAbout DS. By using suitable libraries, Linux systems are even able to directly run programs written for other operating systems. For example, Linux is able to execute applications written for MS-DOS, MS Windows, SVR3 and R4, 4.4BSD, SCO Unix, XENIX, and others on the 80 x 86 platform.

Linux is well supported.

Believe it or not, it may be a lot easier to get patches and updates for Linux than for any other proprietary operating system. The answer to a problem often comes back within a few hours after sending a message to some newsgroup or mailing list. Moreover, drivers for Linux are usually available a few weeks after new hardware products have been introduced on the market. By contrast, hardware manufacturers release device drivers for only a few commercial operating systems — usually Microsoft's. Therefore, all commercial Unix variants run on a restricted subset of hardware components.

With an estimated installed base of several tens of millions, people who are used to certain features that are standard under other operating systems are starting to expect the same from Linux. In that regard, the demand on Linux developers is also increasing. Luckily, though, Linux has evolved under the close direction of Linus to accommodate the needs of the masses.

I hope it was usefull, leave me a "hello" if it is so!
Thanks.