Solaris 10: Compiling Mod Security 2.5.9 on existing Apache 2.0.63

Similar Messages

• Problem with generating Forte library in compiled mode underHP-UX

  Hello all,
  I try to generate in compiled mode on HP-UX a Forte library starting from a
  plan "the_plan" which has some supplier plans.
  Everything works fine except at link time which fails.
  In fact, Forte is searching for a <supplier plan name> .sl file for each of
  the supplier plans (and also for the suppliers of the suppliers).
  For each supplier plan, Forte has included in the link command something
  like :
  /opt/forte/appdist/centrale/the_plan/cl0/codegen/one_supp/one_supp.sl
  which is not found obviously because these plans are not libraries.
  These supplier plans are not libraries (except one) but standard source
  plans.
  Same behaviour if I use "Make distribution" with auto-compile or if I run
  fcompile in the directory with the the_plan.lgf file.
  Thanks for your help.
  Charles Ab&eacute;cassis
  Sema Group
  To unsubscribe, email '[email protected]' with
  'unsubscribe forte-users' as the body of the message.
  Searchable thread archive <URL:http://pinehurst.sageit.com/listarchive/>

  rbglossip wrote:
  I'm not very familiar with HP-UX. With Linux I would just use cksum. Is there a cksum executable for HP-UX?You could find out with "man cksum"
  I have it on my HP-UX boxes. That's no guarantee you have them on yours, but if it is installed there should be a man page one it.

• In VC WEBDYNPRO compiler mode, how to set decimal places to 2

  The compiler mode is webdynpro,
  The ivew table column's data type is num type,
  The column show a curreny data.
  Now the problem is when the num data is like a number as "1000.00",the ".00" will not show,but when the value is "1000.01" ,it show "1000.01". I want it always show  the formatting like "X.XX".
  There is also no formatting property to set in the column like in flash compiler mode then i can set decimal places to 2.
  What should i do?

  Hi,
  You can use Decimal Format Class and declare something like:
  DecimalFormat df = new DecimalFormat("#,##0.00;(#,##0.00)");
  wdContext.currentContextElement().setSueldoTxt(df.format(wdContext.currentOutputSueldoElement().getPe_Betrg()));
  You'll have the two decimals...!!
  Good Luck and regards,
  Maria Margarita Monteverde

• IOS package crashes in any non-debug compile mode

  Hi,
  I am looking really for ideas on where to start looking!
  This is the situation:
  I am migrating a largish flex, web project to mobile. This is the third iteration and I have had the entire thing working at various times in various forms. It loads strings via resource bundle and content via external SWF content.
  I have recently reorganised to use a view architecture so that I load in the main app view after a selection workflow - this means that there is much faster startup and better performance in general. It works fine in the following compiles:
  1. Compile for Android (all kinds)
  2. Compile for iOS debug (fast)
  3. Compile for iOS debug (standard)
  BUT:
  If I compile for iOS ad hoc distribution, I see the following:
  1. Initial view loads, resource bundle strings are displaying
  2. When I go to main product view:
  - SWF fails to complete load process and hangs with no strings from resource bundle visible
  - crash occurs prior to addition of navigatorContent buttons that I've defined in the product's base state
  In other words, something that works in _all_ other settings and compile options, simply will not progress when packaged for release in iOS.
  I am at a bit of a loss. I am aware that iOS can't support bytecode and am working on eliminating that, but I have run it using this with the bytecode simply ignored, which is fine as I don't want it there either. I have also tried substituting for JPEG content, but the issue below still seems to be present. I have also tried eliminating loaded font files - again, these were not working, but the problem was simply ignored when I had the product as the main rather than a sub view.
  Does anyone have any idea at all what could be causing this?
  Thanks,
  G

  Got it.
  I was using the Swiz framework (which is brilliant, btw) and compiling the Swiz library rather than using the SWC as I needed a change to the underlying, I had omitted one of the metadata tags from the compiler args - for some reason, it recovered when run in any other compile mode, but crashed when run in release mode.
  G

• Server, Port details are revealed after enabling Mod Security

  Hi,
  I have applied the mod security on the OAS to remediate the cross site scripting. With this fix the cross site scripting is remediated and prevent XSS attacks (HTML/Javascript injection). However on the browser with Show friendly error message unchecked the error page displays with server & its port information, whereas with checkbox checked error page 406 is displayed.
  All i need is not to display the server and its port while showing the error page. Please suggest how i resolve this.
  Regards,
  R.Babu

  Hi,
  This is what i have added in the httpd.conf when there is an error which will direct to 406 error page.
  SecFilterDefaultAction "deny,log,status:406"
  I dont know how to create direct it to the one i define (can you help here). I believe even then with Show friendly HTTP error mesages unchecked i will not get my error page i defined.
  - Babu

• Transport + Message (Both mode) security in WCF ?

  Hello,
  In WCF, how transport + message security is implemented ?
  i.e. How X.509 certificates are used to encrypt transport + message (BOTH mode) security ?
  Thanks in advance

  Hi,
  >> how transport + message security is implemented ?
  It seem that you want to implement the both transport and message security mode in one wcf application, I will suggest you use the security mode
  TransportWithMessageCredential.
  When the TransportWithMessageCredential security mode is configured, the transport security is used to provide confidentiality and integrity for the transmitted messages and to perform the service authentication. However,
  the client authentication is performed by putting the client credential directly in the message. This allows you to use any credential type that is supported by the message security mode for the client authentication while keeping the performance
  benefit of transport security mode. In one word is that client authentication is provided at the message level, and message protection and service authentication are provided at the transport level.
  For more information, please try to refer to:
  #Message and Transport Security:
  http://msdn.microsoft.com/en-us/library/ff648863.aspx .
  >>How X.509 certificates are used to encrypt transport + message (BOTH mode) security
  In the service side, the X.509 certificates will use to provide the message protection and service authentication. If you used the certificate authentication, then in the client side, the X.509 certificates will use to
  identify itself to the server.
  For more information, please try to refer to:
  #How to: Secure a Service with an X.509 Certificate:
  http://msdn.microsoft.com/en-us/library/ms788968(v=vs.110).aspx .
  Best Regards,
  Amy Peng
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Mod Security on Apache

  Does anyone know how to disable uploads using mod security and then allow upload + (set limitation) only from one script. (Example - only allow 100kb for domain43.domain.com/script.cgi)

  Does anyone know how to disable uploads using mod security and then allow upload + (set limitation) only from one script. (Example - only allow 100kb for domain43.domain.com/script.cgi)

• Compilation error[ORA-02289: sequence does not exist] ,even if dbVersion '9.3.350',so strange!

  I know the reason is that PL/SQL is pre-compilation, so now dbVersion < '9.3.350', even if I don't need get REFDESIG_ID_SEQ.nextval ,
  it will also cause this compilation error. So my question is how should I code that?
  When dbVersion < '9.3.350' , no sequence REFDESIG_ID_SEQ, just print '1####';
  else get REFDESIG_ID_SEQ.nextval , then print '2####'
  But now even if dbVersion < '9.3.350', it will cause compilation error[ORA-02289: sequence does not exist] .
  How to resolve this? Thanks a lot.
  declare
      maxid   number;
      nextid number;
      agileid number;
      v_date  date;
      dbVersion varchar(8):=0;
  begin
    select substr(value,1,7) into dbVersion from propertytable where parentid = 5001 and propertyid=37;
          DBMS_OUTPUT.PUT_LINE(dbVersion);
          if (dbVersion < '9.3.350') then
                DBMS_OUTPUT.PUT_LINE('1####');
          else
                DBMS_OUTPUT.PUT_LINE('2####');
                select REFDESIG_ID_SEQ.nextval into agileid from dual;
          end if;
  end;

  In my DB, If dbVersion < '9.3.350' , no sequence REFDESIG_ID_SEQ
  When dbVersion >= '9.3.350' ,sequence REFDESIG_ID_SEQ will exist,
  Now my dbVersion < '9.3.350' , and this pl/sql also cause this error.
  SO how should I to resolve it ?
  Now I need a test case, if dbVersion < '9.3.350' , then print '1####';
  else , get REFDESIG_ID_SEQ.nextval   firstly , then print '2####'
  How should I code?Thanks  a lot.

• Solaris 8 compiled binaries on solaris 10 box

  Hi all,
  I have a plain C code which compiles and runs fine on my solaris 8 box. I have to deploy the compiled binaries (on soalris 8) on a different machine which has solaris 10 installed.
  My application uses libqt-ms.so.3, libqutil.so.1.0.0, libjpeg.so.6, libstdc++.so.2.10.0, posix threads and tcp/ip sockets.
  Will this cause any problems. or will i have to make a separate binary for solaris 10. If that is the case will i need new library files or the current one will work fine
  Best Regards,
  Faran

  well I have tried it actually. and the behavior is weird. On my solaris 8 box. Every thing works perfectly fine. But due to some reason on solaris 10 machine the values i transmit over the tcp socket totally change. i send a msgCode = 1 , 2, or 3 ... but on the other end, which is a windows machine i get strange values 210, 10, 35 49 etc etc ... is this due to version problem.

• Mac OS X Target Disk Mode Security Hole?

  I just put my iBook in Target disk mode (as in held down T while booting, so that it appears as an external disk on my PowerMac G5 via a firewire cable) and my G5 has root (well, unlimited) access to the iBook's hard disk! No passwords asked!
  I could just take anyone's computer and attach with a firewire cable.. and bob's your uncle, access to anyone's files! What's going on?!
  Both Macs are on 10.4.3

  If you are concerned about security, note what the second paragraph of the article: Macintosh: How to Use FireWire Target Disk Mode has to say:
  Important: The computer will not go into FireWire target disk mode if "Open Firmware Password" has been enabled.You can find out about Open Firmware here: Setting up Open Firmware Password Protection in Mac OS X 10.1 or later.

• Solaris 10 compile samba4 error

  Hi all
  First, sorry for my poor English.
  I am trying to compile Samba 4 on Solaris 10 ( Sunfire v250 machine)
  Here are list of things I did:
  +) got errors about option "-mt" of gcc so I wrote a short shell script to replace CC ( remove option "-mt")
  +) then I set environment varibles: YACC=binson, LEX=flex, MAKE=gmake
  +) I also set CFLAGS,LDFLAGS (LDFLAGS is set to get strsep function, not present in Solaris)
  +)Now I got errors:
  GCC: bin/subsystem/*.o : No such file or directory
  "*" means a lots of file.
  Have you ever compiled Samba4 on Solaris 10, please help me!
  Thank in advance.

  Did you try to compile with default options? ie., without env variables YACC, LEX, LDFLAGS, etc.,
  Also did you try to compile with Sun Studio compilers? In case if you do not have the suite installed, you can get it for free from: http://developers.sun.com/prodtech/cc/downloads/index.jsp.
  Sometimes Sun Studio provides more diagnostic error messages than GCC.

• Nagios in Solaris 10 - compiling problem

  Sheesh, I've been banging my head against the wall trying to get nagios-plugins to compile on Solaris 10. I've got studio installed, but I keep getting "undefined symbol: floor" errors...
  Has anybody got this to compile??

  Dude,
  this sounds like you need to link the math library. I remember having patched the Makefile to put an extra "-lm" to the LIBS
  The Makefile to patch is in the plugins sub-directory.
  Go find the line wich reads
  LIBS = -lnsl -lsocket
  and change to
  LIBS = -lnsl -lsocket -lm
  this works for me.
  Hope this helps,
  Regards Dog

• Wallpaper GPO + Loop-back Merge mode+ security filtering. issue

  I have deployed a loopback Merge Mode GPO to set wallpaper for all users who logon to specified workstations. And you have set security filtering just allow workstations in specified group can apply this GPO. Then you doubt whether user can apply user configuration
  in the loopback GPO because they don’t in your security filtering allow list.
  So I think why not add “Domain Users” group to security filtering. Then all domain users have both Read and AGP (Apply Group Policy) permission for user configuration in the loopback GPO.
  Loopback GPO only takes effect on computer objects in your specified OU, and your workstation group security filtering control apply scope, then “Domain Users” security filtering grant permissions for all users.
  ========================issue is below================
  Now GPO is applying to other workstations which are not part of group filtered in GPO.
  its randomly but not for all workstations..
  Workstations are XP operating systems..

  I have deployed a loopback Merge Mode GPO to set wallpaper for all users who logon to specified workstations. And you have set security filtering just allow workstations in specified group can apply this GPO. Then you doubt whether user can apply user configuration
  in the loopback GPO because they don’t in your security filtering allow list.
  So I think why not add “Domain Users” group to security filtering. Then all domain users have both Read and AGP (Apply Group Policy) permission for user configuration in the loopback GPO.
  Loopback GPO only takes effect on computer objects in your specified OU, and your workstation group security filtering control apply scope, then “Domain Users” security filtering grant permissions for all users.
  ========================issue is below================
  Now GPO is applying to other workstations which are not part of group filtered in GPO.
  its randomly but not for all workstations..
  Workstations are XP operating systems..
  "Domain Users" or I would prefer "Authenticated Users" should only have Read, Not Apply Policy. 
  Enfo Zipper
  Christoffer Andersson – Principal Advisor
  http://blogs.chrisse.se - Directory Services Blog

• Mods, Security issue in my unread messages

  Dear Mods and readers
  I was somewhat aggravated this morning to receive the following message in my "unread messages" as I logged onto the forum.
  I IS CLEARLY A SCAM!!:
  My Dear,
  Permit me to inform you of my desire of going into business relationship with you.I know this mail may come to you as a surprise,since we have not known or written before.After you receive this mail kindly contact me on my private Email contact below,([email protected]) for the full details of the transfer.
  I am Miss Bella Duncan,the Only Daugther of the late Gavin Duncan,my father was a gold and cocoa mercahant based in accra, Ghana and Abidjan (Ivory Coast),he was poisoned to death by his business associates on one of their business trips recently.Before his death, he called me bedside him and told me that he has the sum of $7.500,000USD deposited in one of the prime bank here in abidjan ivory coast,that he used my name being the only Daugther as the next of kin in deposited fund.Please my dear contact me on my private email for the full informations and my picture and the deposited slip and other douctments conciering the transfer.I will need your assistance as follows;
  1) To assist me in retriving this money from the bank.
  2) To serve as the guardian of this fund.
  3) To make arrangement for me to come over to your country to further my education and to secure a residential permit in your country.Moreover,I am willing to offer you 15% of the total sum as compensation for your effort/input after the successful transfer of this fund to your nominated account overseas.
  Reply to my private e-mail box below for more details)
  Anticipating to hear from you soon.
  Awaiting your urgent reply.
  Regards,
  Miss Bella [email protected]
  PLEASE MODS CAN WE TAKE SOME ACTION TO STOP THIS!
  tHANKYOU
  Solved!
  Go to Solution.

  Hi chris
  I had the same via PM on 06/10/10
  I sent this to Kerry for her attention
  Kerry already knew of this and prevented the user from posting further messages
  Maybe this person has created a new id and started again
  -+-No longer a forum member-+-

• Is bridge mode secure?

  I am using a imac connected to Time Capsule, then to tmobile cell spot booster, then to comcast modem.  Apparently each has a function.  But the TC made me change its setting to Bridge Mode. I'd wondering if this is less secure.  Does the security come through the sign in I have to do for the Comcast and TMobile routers?

  The security is furnished by the main network router, so in your case bridge mode is secure since you are connecting to the main network router.