Re: Apple Events support
On Aug 29, 2008, at 7:15 AM, [EMAIL PROTECTED] wrote: Rajanikanth Jammalamadaka wrote: Could somebody please tell me if perl has any package to interact with Apple Events. For example: In python one can use appscript to do the same. A quick look on CPAN reveals: http://search.cpan.org/~cnandor/Mac-Carbon-0.77/AppleEvents/AppleEvents.pm which looks like it'll do the job. Or at a higher level, Mac::Applescript. The latter could really use some data translation utilities to turn the returned values into Perl structures. I started work on that at one point, but ran out of time.
Re: Not exactly a Perl question
I use vmware to test against Fedora-because that's what our hosting provider uses. That said, I dont really have any need to test the perl related stuff. Its more for other services. Works like a charm though. 4gb MacBook Pro. --- iPhoned
Re: A Mactel question
At 9:01 AM -0400 6/7/06, Vic Norton wrote: Sorry. This is the wrong list to ask this question, but it's the only Mac list I belong to. Yesterday I was told that a chip maker other than Intel will be supplying chips for Macs sometime in the not too distant future. Is there any credence to this assertion. If so, what chip maker? It seems unlikely that that would happen anytime in the near future. From what I've seen everyone is pretty clear on what chips will be used in the upcoming tower machines, as well as the next gen Powerbooks. I don't think Apple would want to introduce any more variables into a critical migration like this. -- Kee Hinckley http://www.marrowbones.com/commons/technosocial/ Musings on Technology and Society http://www.marrowbones.com/commons/devtech/ Web, Email and Other Dev News I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: sending to Mail.app
At 10:12 PM -0800 3/1/04, Chris Nandor wrote: In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Joseph Alotta) wrote: I can think of two different ways to handle this, 1) using Mac::Glue to cause Mail.app to send a message out to myself, or 2) append to the end of the inbox file and then use Mac:Glue to update the indexes. Does anyone have any ideas on this? If what you are looking for is a way to notify yourself of something that happened on your machine, then maybe you want to rethink the delivery mechanism. How about building an RSS feed on the builtin web server? -- Kee Hinckley http://www.messagefire.com/ Next Generation Spam Defense http://commons.somewhere.com/buzz/ Writings on Technology and Society I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: perl tags in vim/vi?
At 10:29 AM -0500 1/15/04, Warren Pollans wrote: Hello, I'd like to start using tags in vim. Google shows that there is a ptags and a perltags script for creating the tags file and the vim docs indicate that tags are supported. It doesn't appear to be too difficult to create the tags file. QUESTION: What do vim-tag-users use? Or is there a better vi/vim tool? (I don't want to switch to a different editor - sorry) I have this running in my crontab. I use vim. 0 3 * * * zsh -c 'cd ~;~/bin/pltags.pl (list of wildcards)' My pltags is a slightly modified version of the original (with Embperl support added). # pltags - create a tags file for Perl code, for use by vi(m) # # Distributed with Vim http://www.vim.org/, latest version always available # at http://www.mscha.com/mscha.html?pltags#tools # -- Kee Hinckley http://www.messagefire.com/ Next Generation Spam Defense http://commons.somewhere.com/buzz/ Writings on Technology and Society I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: Fixing font spacing in Terminal.app
At 1:49 PM -0800 1/7/03, Daniel Stillwaggon wrote: Same here, had to recompile lynx (btw, the fink lynx didn't work for me, I had to download source) and MySQL, but everything else went smoothly. Right, I forgot that one. MySQL server ran fine, but the client had to be recompiled. In fairness that's not really Apple's fault. They moved forward a major rev of g++, and there were major incompatible changes made in the compiler. I don't know the details, but I gather the performance tradeoff had made it worth while for everyone to bite the bullet, but shared C++ libraries suffered the compatibility issue. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: hard links on HFS+
At 12:40 AM -0500 11/17/02, William H. Magill wrote: Real ACLs on the other hand are quite extensive -- see Digital's VMS for one set. For example one can identify random individuals as authorized to read a file, and a completely different set of individuals to write it. Real ACLs have no link to the standard Unix UGO permission scheme except as defaults. That's a little obscure. Access Control Lists give you the ability to attach an arbitrary number of permissions to a given file. So you could say that everyone in RD can read this file, everyone in sales can write it, and joe, if joe is in accounting, can delete it. (In Unix, delete permissions are on the directory, not the file, but that's a separate issue.) When you try and access a file, it checks who you are (and of course, you may belong to multiple groups) and compares it to the access control list and decides what you're allowed to do. Standard unix, on the other hand, attaches read/write/execute permissions to a file, and can associate them with one person, one group, and the entire world. Much more limited. Used properly, ACLs can create a system, that is much more secure, because you can restrict access to certain parts of the system to specific processes that need to use that sub-system. However, with the exception of the OpenBSD folks, hardly any Unix vendors have taken advantage of even the *Unix* file permissions to do this. As a for instance, you shouldn't have to become root to install a printer, or install a piece of email system software. You should only have to become a member of the group which manages those components. That kind of distributed authority makes it much harder for a virus or worm to gain complete access to the system. A worm that subverted the mail system, for instance, would solely have access to the mail system, nothing else. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more; that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: locale in carbon emacs (was: OS X Installed numbers (was: mac-toolbox))
At 10:36 AM -0500 11/15/02, William H. Magill wrote: If you want to develop for Unix(tm), I would recommend using a platform like Tru64 Unix, as it will teach you what Standards really mean. Just because it was developed and runs on Sun, usually means it won't run anywhere else. AND Not to start a battle. But standards (especially in the Unix space) have never mattered as much as market share. And I've served on my share of standards boards. The main issue is that they seldom specify enough to do anything useful. By the time it's a standard everyone's already using some new technology that isn't a standard yet--and is implemented differently on different platforms. I think one of the big benefits of Open Source has been the resulting defacto standardization of Unix. Sure, you could implement a different variation of the same technology--but why bother. I do all my Unix development on my Powerbook. It's been a god-send. I can work anywhere, and I get the Mac GUI side of things that I've been using for years, along with all the Unix stuff I've been using for even longer. Currently, most of my code ends up actually deployed on Linux or FreeBSD systems. Although I intended to migrate my Linux servers to MacOS X eventually--it's just much easier to keep upgraded and backed up. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more; that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: BBEdit 7.0 - Not Impressed
At 11:29 PM -0500 11/13/02, Chris Nandor wrote: In article [EMAIL PROTECTED], [EMAIL PROTECTED] (_brian_d_foy) wrote: i'll have to see about this CVS tool thing. i'm dubious. It really rocks. It's fairly simple, but it works great. I really only want to do a few things with CVS in my text editor: commit and diff. Local CVS-only, or remote via ssh (with passcode prompting)? I keep upgrading to new BBEdit versions, and it is useful enough on occasion to make it worth while, but it's not my primary editor. It requires far too much use of the mouse (emacs sequences probably help, but I gave up on emacs when my pinky literally refused to move one morning--it's no coincidence that Stallman has to dictate his edits to somebody). Also most of my editing is of Embperl, and there's no way in BBEdit to merge syntax modes. I'd dearly love them to make the syntax editing extensible with something like Perl itself. In the meantime, I spend most of my time in vim, where I don't need either the mouse *or* the control keys. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more; that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: locale in carbon emacs (was: OS X Installed numbers (was: mac-toolbox))
At 8:26 PM -0600 11/14/02, Puneet Kishor wrote: Also, which make do you use to get modules installed from CPAN? no idea. Just say install whateveryouwant at the cpan prompt and it does it all. Please elaborate more on your problems. That is the only way others can help you. Two possibilities. 1. You're used to some version of make which does cpan installs? sudo perl -MCPAN -e shell install xxx or what I do perl -MCPAN -e shell get xxx quit cd ~/.cpan/build/yyy perl Makefile.pl make make test sudo make install which gives me more control. More to the point though, if you haven't installed the developer package, you don't have a make at all--that may be your problem. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more; that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: CamelBones packaging
At 1:43 PM -0500 11/6/02, Emmanuel. M. Decarie wrote: After perusing the CPAN doc, it doesn't seems possible from the command line to ask CPAN to load a specific Config.pm à la httpd -f. Maybe an alternative is to use the programmer's interface. Am I missing something here? I don't know if the CPAN interface can do it. But if you only use CPAN to download the package, and then cd the the build area you can set the environment variables such that when you run perl Makefile.PL it will install in an alternate location. I do this on a shared-hosting machine I use where I don't have access to the system wide perl libraries. Something on the order of perl Makefile.pl LIB=/usr/home/nazgul/perl PREFIX=/usr/home/nazgul/perl Which is in the config file as 'makepl_arg' = q[LIB=/usr/home/nazgul/perl PREFIX=/usr/home/nazgul/perl], Or you could just temporarily swap config files. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: Anyone know what Perl Jaguar is coming with?
I could be totally off base, but doesn't the env utility provide functionality to solve this issue? I don't use env so I could be wrong, but I -thought- that I had read somewhere that #!/usr/bin/env perl Would evaluate to the perl environment variable (which it is assumed would point to your perl interpreter). Can someone please correct me on this if I am wrong, I know that it works for Python. Should work, assuming your system has it. (Certainly seems to be in MacOS X and on my 6.x RedHat system). Of course this kind of solution is inherently dangerous given that /usr/bin/perl and /usr/local/bin/perl may be different versions for good reasons, and letting the interpreter executed depend on a user's path can get you in trouble. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: Anyone know what Perl Jaguar is coming with?
At 8:44 PM -0400 8/14/02, ellem wrote: #! /usr/bin/perl I mean if it's on a bumper sticker it has to be correct; no? Traditional Perl pre-dates bumpers. Now if you have a Perl baby-on-board sign, that's another matter. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: Anyone know what Perl Jaguar is coming with?
At 7:03 PM -0700 8/14/02, Robert D. Sharp wrote: caused a dangerous thing. Thought, I have had the pleasure of writing scripts on a Linux box (developmental) for Unix box (production) and had to provide for changes in that very line from one #! /usr/bin/perl to #! /usr/local/perl or back because of environment. Well, there's always this disgusting solution. : eval exec '`which perl` -S $0 $' if ($running_under_some_shell); print STDERR Hello World\n; foreach $arg (ARGV) { print STDERR Arg: $arg\n; } - That should work under csh or sh, and find whichever perl is first in the path. Test it with something like: ./foo 'args together' args separate Then go wash your hands. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: Reading a file in- different in MacOS X?
At 5:43 PM +1000 8/10/02, Shannon Murdoch wrote: Hi all, My scripts, which are running perfectly well on a Win2000 webserver, do not function correctly under MacOS X. The first thing I've been able to identify that is malfunctioning is the standard file reading process I've always used: while(FILE){ push (array,$_); } print $array[1]; ##prints the second line of file For some reason MacOS X reads the entire file in to $array[0] the first time round, instead of putting one line per array element. $/ = \r; at the beginning? The perl on MacOS X is making Unix assumptions, not Mac ones. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: 10.1.5 upgrade hose CPAN installs?
At 6:06 PM +0100 6/5/02, Phil Dobbin wrote: On 5/6/02 at 09:48, [EMAIL PROTECTED] (James Stepanek) wrote: Well I think it hosed my MySql install, so I'd be careful. concurrently I installed a couple of fink binaries and the 10.1.5 upgrade. After this mysqld would not run. I had to re-install it. Given than the fink binaries were just perm modules, I suspect the problem was the system update. I've got mysql installed in /usr/local/ (not via fink), so I'm thinking after reading what you've said, what with the cpan stuff as well, I may well leave it till Jagwire. I would generally recommend that if you install something that the system already has, you install it in a place where the system did not. /usr/local is typical, fink uses /usr/sw which annoys me, but whatever. The main point is that your worst case will be losing the startup files that *start* your software--but you won't lose your software. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: Double Messages
At 11:39 AM -0400 4/19/02, ellem wrote: Am I doing something wrong? Replies to my posts seem to be doubled. Well, typically people reply-all, and one reply goes to the list, and one goes to you, and both end up in your inbox. Is that what you're seeing? (The received headers will be different.) -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: ICR ?
At 3:52 PM -0500 4/17/02, Matthew Langford wrote: my book, that's plenty good enough to say the email address _was_ valid, to some extent. There was a receipt, though I don't who. This assumes, of course, that this trick doesn't get abused by spammers, causing sites to build robots to stuff such a database with bogus addresses. It does get abused by spammers (and legit companies). That's why my email is configured not to fetch remote images. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: scribble and it will be a production release
At 10:43 AM -0400 4/15/02, Bill -Sx- Jones wrote: On 4/15/02 10:34 AM, drieux [EMAIL PROTECTED] wrote: on a vt52 dial up with only sed as your editor Yes - and THAT is why I only use a Mac :) So I don't have use vt52 OR sed; Damn, your right. I just checked and terminal doesn't do vt52 emulation. I want my money back. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: scribble and it will be a production release
At 8:36 AM -0700 4/15/02, drieux wrote: If anything the fact that they opted to go for the plain jane vt100 mode is the 'warm fuzzy' - no need to worry about esoteric and arcane 'termCap/termInfo' settings for remote hosts Actually the terminal setting lies. It is definitely not a vt100. It does color and it appears to do vt102 sequences as well. Looks more like an ansi emulator (although if you set it to that, it has some problems clearing the full screen). -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: [OT] Question for someone managing this list
At 9:00 AM -0600 4/4/02, Elaine -HFB- Ashton wrote: Kee Hinckley [[EMAIL PROTECTED]] quoth: * * by onion.perl.org (qpsmtpd/0.06) with SMTP; Thu Apr 4 00:08:27 2002 - * *The date header being inserted there is completely out of whack with *any standard. Is something printing dates using the wrong % codes? The nice thing about standards is that there are so many to choose from. Welcome to qmail :) By default qmail puts the time in-between the month and year?! -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: LWP and HEAD and head
At 8:28 AM -0500 3/21/02, Josh Kuperman wrote: Is there a way to make perl install LWP (and everything else): 1. so that all the files are accessible 2. they won't wipe out anything already present 3. they will be able to distinguish the PERL scripts from binaries using some mechanism other than case. Other than install MacOS X on a UFS file system--no. Just save a copy of the old head, and replace HEAD with head when the install is done. I assume something uses HEAD, but I don't know what--I just renamed it HEAD.pl. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: how to include a file
At 6:35 PM -0600 3/17/02, Puneet Kishor wrote: I am glad I asked, because I just spent a good part of last night setting up Mason. I can't get it to work correctly because my mod_perl is buggered up (my previous emails ask for help on that issue), but I have got it working as a That particular message shouldn't interfere with most operations (my Perl is running that way as well, I haven't got around to setting the language in the startup scripts, I keep hoping Apple will release the correct patches for Perl). CGI (being called via handler.pl). So, I have one vote for Mason, and now one vote for Embperl... choice is good, but choice is also confusing... but heck, that _is_ the Perl way, no :-) I will give Embperl a go now and see how it compares to Mason. The Embperl mailing list is quite active, and support there is quite good. However the main reason I like Embperl (aside from 2.0, which allows you to embed Perl in just about anything) is that it understands the syntax of the language. That means that filling in a form, for instance, from a database lookup is a matter of setting the %fdat hash to the values from the database, and Embperl handles filling in all of the form values. It understands how to loop in pulldown menus and fill in the correct values for all the choices. And very importantly (from a security standpoint) it understands how to escape output. So that b[+ $foo +]/b will be HTML escaped, but a href=[+ $foo +] will be URL escaped. I just find that it saves me a lot of programming work. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: how to include a file
At 7:37 PM -0600 3/16/02, Puneet Kishor wrote: I have one index.pl (this is a web app), and everything passes through this. So, if the call is to index.pl?do=login then the login page is included, if the call is to index.pl?do=verify then the verify page is included. This is how I work in the world of other web programming (Cold Fusion, PHP, etc.). I've never understood why I see so much Coldfusion code doing it this way. Coming in and debugging other people's code I find it very difficult to figure out what is getting executed when with this model. Using Embperl's EmbperlObject model you could do this automatically in a readable fashion. Loading login would wrap it in a top-level template automatically. Or alternatively you could have login.html include index.pl and then call the appropriate routines at the appropriate places. The other big advantage you'll get using a package like HTML::Embperl over doing it yourself with .pl files is caching. The perl files will get compiled once, and then the code will be reused. You also don't have to worry about cross-site scripting security issues, since Embperl always escapes user's input appropriately for the context. -- is there anything wrong with coveting embperl, any downsides? Are there other ways of doing things? After several years using my own embedded perl scripting solution I took a close look at Mason and Embperl and went with Embperl. It's been several years more now, and with the XML support being added in Embperl 2.0, I'm feeling very good about that solution. Other's might prefer Mason. But I would definitely recommend either package over straight CGI and home-brew templates. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: CPAN and overwriting files
At 12:47 PM -0500 3/8/02, Ari Kahn wrote: Has anyone had this issue when using the default CPAN settings? Or has this been corrected with darwin.hints? The HEAD problem was still there last I looked. I keep a spare copy in my ~/bin and copy it back if I have problems. When I configured my machine I created a 2GB UFS partition where I do all my source unpacking and building. I untar all my files there as well, since you'll run into Readme/README issues with some packages. I've also set my .cpan directory to reside there. However I install everything onto HFS, and haven't seen any problems other than the HEAD one. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: Perl and AppleScript Studio
At 12:40 PM -0500 1/15/02, Chris Nandor wrote: In article p05100303b8692d0d7508@[192.168.1.104], [EMAIL PROTECTED] (Kee Hinckley) wrote: The nice thing about this approach is that writing the initial glue shouldn't be a big deal. Handling every possible object is a lot of work, but it can be built incrementally. Anytime someone needs to handle a new type of object they simply add the relevant Applescript and Perl code to the libraries. Is any of this making sense? I'm not sure, but it seems a lot more complex than simply dropping an application on a droplet and then coding to it in Perl, bypassing AppleScript altogether. Somehow I missed this the first time round. I guess I'm not sure what you mean by that sentence. My goal is to be able to write an event-driven Perl program that is taking information from the UI, and passing information back. Ideally *not* by execing the Perl program everytime. -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.
Re: GNU fileutils
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 12:29 AM -0500 1/29/02, Troy Davis wrote: I was just searching the archives and saw someone recommend installing GNU fileutils. One word of caution: I had some very strange problems on standard software installers when I upgraded to GNU's versions of common file manipulators. du in particular. Appears that the output of the GNU version changes a column title from Avail to Available, or something like that. A warning for anyone, but developers and Apple in particular. *Never* rely on the PATH variable in a system script like an installer. Either set PATH yourself, or use absolute paths for the utilities you want to use. - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBPFajYCZsPfdw+r2CEQJC0ACeJb43AZVqgXnuBNR70kpmpPs5XysAoL5N JHtOhAhDRZKmORLg8C0LbD1A =y3gd -END PGP SIGNATURE-
Re: Perl and AppleScript Studio
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I was thinking about the Perl/AppleScript issue the other day as I was writing my first AppleScript program in Studio. (So far no luck, can't figure out how to make a droplet wake up when I drop a URL on it from IE.) While you can certainly have Applescript run a Perl script on every action, that's painful and doesn't maintain any state. It seems to me that someone should write an AppleScript program that takes a set of standard UI events, decomposes the objects, and then turns them in to SOAP calls. In fact maybe the hooks already exist for translating Apple Events into SOAP (anyone know?). Then you just need a Perl library for turning those into method calls. To use a Perl program in this environment you write it as an event driven server. When your application starts up, it starts the perl program. All communication thereon is via SOAP. In that environment, writing a GUI Perl program is just a matter of loading a template that has all the Applescript code, and then editing your Perl program to take the events. (Okay, if you want to send anything interesting back, you'll have to write some Applescript to take it and display it, but still, the guts can be in Perl.) The nice thing about this approach is that writing the initial glue shouldn't be a big deal. Handling every possible object is a lot of work, but it can be built incrementally. Anytime someone needs to handle a new type of object they simply add the relevant Applescript and Perl code to the libraries. Is any of this making sense? - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBPEOEriZsPfdw+r2CEQKXyACg6eECtEEsbd0LYA85QZAGPZMV5wAAnA/i AVD/2Q73/b8Zo3oF7yuGkVK8 =fcY0 -END PGP SIGNATURE-
Re: Mac Spanish accents and end-of-line conversion to terminal/perl/html
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 11:34 AM -0600 11/20/01, Reid Wilson wrote: C) Is there anyway I can properly view these files from within the terminal, using e.g. pico? (In other words, does the Unix in Mac OSX speak Spanish?) Try changing the character set in the preferences. Also look at http://www.iro.umontreal.ca/contrib/recode/ Recode can convert between lots of character sets. Unfortunately I've had trouble getting it to run properly on MacOS X--it hits the end of file and then outputs lots of nulls. - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] (or ...!alice!nazgul for time travelers :-) I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBO/qn9yZsPfdw+r2CEQIYIACghj/MqqYjeDx4wa34lRArh5m+P/UAn1pA XKvoYVwDxEBc7Ksm5QFfa0Zm =jCXf -END PGP SIGNATURE-
Re: Security issues surrounding becoming root
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 12:52 AM -0400 10/19/01, Scott Anguish wrote: So, is anyone running a public osx security list? If not, I'll create one. I'd be interested in signing up for one if you do that. I think macsecurity.org does... Got it, thanks. http://www.macsecurity.org/mailman/listinfo/macsec - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] (or ...!alice!nazgul for time travelers :-) I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBO9ChtiZsPfdw+r2CEQJOuACfZ6UVHUQGqEapbdnJTAGl3LLhCnQAoMI5 sunzj1uratUJECzT7rAGOWsy =XLIt -END PGP SIGNATURE-
Security issues surrounding becoming root
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 We're off the Perl topic here (is there a better list for discussing this stuff?) Two issues. 1. Is it possible to create a global contextual menu item that invokes an application? Would it have the same security issues? 2. Frankly the process for giving a GUI application root access makes me very nervous. When I run sudo it asks for my password (if it hasn't recently). I know that I'm running the sudo program and that I'm giving the sudo program my password, and that it is then running this third-party app I got. In the GUI though, I'm giving the third party app my password--what is *it* doing with it? I have no way of knowing, I just have to trust it. This can (and almost certainly will) be a vector for stealing passwords in the future. I don't like that model at all. I'd rather run a trusted program first. Either that or Apple needs to come up with a way of performing some in that dialog box that only the system can perform, so that I know I'm not looking at a forged password stealer. - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] (or ...!alice!nazgul for time travelers :-) I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBO88CFSZsPfdw+r2CEQJqfwCdH8VTKNLUYV70px3qzegI8JhxupcAoKW9 LEcobXB0fBi/hDtxiKt2JxMF =yglv -END PGP SIGNATURE-
Re: setuid root hole... oops!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 5:38 AM +0900 10/18/01, Jim Cooper wrote: the NetInfo manager is just one thing the is likely to be opened and on the desktop in sudo mode... the function is built in however... Any of these third party apps like snard or Pseudo which can open apps as superuser in GUI or if you sudo {{open BBEdit}} and then close the terminal and open from the apple menu with BBEdit in the front same thing .a terminal with root logged in... and BBEdit *did not* show up in the list of apps generated by the find method that Scott Anguish presented at Stepwise. I'm not sure from your mail if you have the Unix model of permissions down or not. If so, then ignore this. Unix permissions are based on a simple user/group/world model. You can read/write/execute something if you are the right user or belong to the right group (you can belong to multiple groups)--as specified by a files permissions. This isn't as flexible as an ACL (Access Control List) model, but there it is. There's one special user called root (actually, you can have multiple root accounts, but we won't go into that). Root can do anything on the machine, regardless of permissions. Since running around in a root shell all the time is dangerous (you might accidentally do something in the wrong place, or to the wrong thing, like rm -r * .bak instead of rm -r *.bak for instance, and create an unbootable machine) the sudo command was created. The sudo command lets you run a single command line program as root. But in order to do so you have to belong to a select list of users and/or groups. sudo won't do this for just anyone. See man sudo and /etc/sudoers. sudo further lets you restrict users by class and limit what each class of user can do. This gives you something that acts kind of like an ACL system. You can restrict certain users to running only certain commands. So you might assign email administration to a particular user, and they could use sudo to run some email administration commands but nothing else. By default the first user in MacOS X is a member of the admin group, and can run sudo to do anything they want, including run a shell (at which point you can obviously run anything else). (If you think about it, you'll realize that sudo must be setuid root to do everything it does.) There is another way that an application can be run as root. That's if it as the setuid bit set. That tells the operating system that the application should be run with the permissions of the user that owns the file (back to the unix permissions there). There's also a setgid bit that does the same thing for groups--for instance email programs might be setgid mail on a typical unix system so that they'd have permission to write to the mail spool directory. This is how NetInfo Manager gets to be root. GUI applications on MacOS X can ask to become root. That's when you enter your password and they can now do an install or whatever it is they need to do. Logically they are doing a sudo, although I don't know the actual mechanism. Now. When a program is run with root permissions, and it invokes another program, that program also runs as root. (Otherwise a root shell would not be very useful.) However if a program is run as root because it is setuid it can check and find out who really ran it, and it can set it's permissions back to that of the original person. What appears to be happening here is that the MacOS X UI is adding a set of standard elements to the menubar of an application. Those include the Apple menu and the Services menu item. The UI presumably handles those elements when the user selects them, the application never sees them. In those particular cases the UI is then executing a program. (I certainly hope it's not executing dynamically loaded code, or this problem becomes very difficult to fix.) The standard way of executing a program in Unix code is fork-and-exec. First you make a copy of yourself, then you replace it with the new application. That needs to be changed in this case to form-setuid-and-gid-and-exec. In other words, it needs to fork, then set itself back to the *real* user of the application, and then run the program. I don't know whether the MacOS X apis even provide those semantics, but if not, they will real soon. This isn't an issue for the dock or other UI elements because they are being run by separate processes that are not setuid. It's only an issue for elements that are provided by the UI, and that run separate applications automatically. (Obviously if the application itself runs other applications, it needs to take the issue into consideration as well--but that's the responsibility of any application that is going to be run as root, and the application writers should be aware of it--this however is not a problem that application writers have any control over). - -- Kee Hinckley
Re: Security issues surrounding becoming root
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 5:15 PM -0500 10/18/01, Jeff Lowrey wrote: Unless we're talking about a perl script to fix any such security issues with OSX, or how to avoid such security So, is anyone running a public osx security list? If not, I'll create one. - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] (or ...!alice!nazgul for time travelers :-) I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBO89egiZsPfdw+r2CEQIZKwCdGNN1dBbXXQAJob2EOLwNKNYcTu4AoMZM lDNoPb+rJVRJqClPJxuoRgLJ =yEZf -END PGP SIGNATURE-
Re: Security issues surrounding becoming root
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 8:31 PM -0500 10/18/01, Chris Devers wrote: On a similar, not-really-perly note, is there a problem with /usr/bin/cc on osx? I can't get it to build anything. A typical example, with the mutt mailier, is below, but others bomb out the same way: Did you install the development tools? Available for download (if you sign up), or via the full purchased CD supposedly, but not on the update. - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] (or ...!alice!nazgul for time travelers :-) I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBO8+liSZsPfdw+r2CEQKALgCfVe9rdAzxTq54OzKmVPoEMSmuvGwAnAu8 VaJKrZqsgcKlB6CJcGWjllSU =BiTL -END PGP SIGNATURE-
Re: setuid root hole... oops!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 12:17 AM -0400 10/17/01, Kee Hinckley wrote: Hmm. A little experimenting shows that this is also true of everything in the Services menu. Do a find in netinfo. Enter Does anyone know how the Services menu works? Is it always interprocess invocation, or can a service be code executed in the context of the calling process? If the latter this is a hard problem to fix. Otherwise Apple just needs to put wrappers around the execution code. Has anyone looked to see if it's possible to take advantage of this with SOAP and/or Applescript? Either way, this will be a good test of how seriously Apple takes security. I would hope that we see a patch for this in no more than a week or so. - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] (or ...!alice!nazgul for time travelers :-) I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBO81zXiZsPfdw+r2CEQKKhgCg64BOHRt6j1iNYR30O99ZAOoY5ZcAoMj8 Da36qDdevrfYsMZrjwUzaJSt =bp5Z -END PGP SIGNATURE-
Re: A quick suggestion to Apple wrt Perl
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 1:05 AM +0900 10/7/01, Jim Cooper wrote: Not sure what all the fuss is about. As you can configure *everything* in the configuration process... why not install in a totally separate location and let the Apple installed version as it is...? if you just configure -des you end up with a /Local Directory anyway. Because I'd rather not have to install and build my own version of perl, which would of course include relinking /usr/bin/perl to it, if I don't have to. The less I customize a system, the less I have to worry about. But the problem is resolved. /Local was a bug. /Library is the correct location for site-specific Perl libraries. - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] (or ...!alice!nazgul for time travelers :-) I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBO79Z0CZsPfdw+r2CEQJd4gCglUL4NfD0/W8HNDwY3kxZlUuaf4sAnAnC UHlFhJVfvCAtByZGO6Bz+sVs =8KIf -END PGP SIGNATURE-
Re: A quick suggestion to Apple wrt Perl
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 11:53 AM -0500 10/5/01, Ken Williams wrote: Huh? What's /Local ? The /Library/Perl directory is where user-installed modules should go, as distinct from vendor-installed modules in /System/Library/Perl . If you created /Local/Library/Perl , what would be the purpose of /Library/Perl ? It just seems like Apple has done exactly what you want, but called it /Library instead of /Local . I think I missed /Local in your original message and thought you were saying /Library . Ah. Now things are making more sense. /Local/Library/Perl is where hints/darwin.sh says site-specific perl modules should be installed in Perl 5.6.1. # Where to put modules. privlib='/System/Library/Perl'; sitelib='/Local/Library/Perl'; vendorlib='/Network/Library/Perl'; So now the question becomes. 1. What makes you think that Apple won't overwrite anything in /Library/Perl? 2. Is darwin.sh (and rhapsody.sh, for that matter) wrong or right? - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] (or ...!alice!nazgul for time travelers :-) I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBO730biZsPfdw+r2CEQIoAQCgtjw3DdW1eG39hTHNzyLNB5htb40An2ld wsNVDpRVBtl2sGDSFb8b/udn =IdD+ -END PGP SIGNATURE-
A quick suggestion to Apple wrt Perl
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I understand that the installs are likely to wipe anything I've put on the system in the system locations. That's what /usr/local (or /Local, if you prefer) is for. However Perl, as installed by the system, does not look in /Local for libraries. That leaves me with two choices. Install my Perl modules in the system locations, and get them wiped out by the next install, or install my own version of Perl that does look there, but get *it* wiped out by the next install. Please build Perl to look in /Local and /usr/local in future releases (preferably before it looks in the system locations, so that I can override system versions). - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] (or ...!alice!nazgul for time travelers :-) I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBO7xbYCZsPfdw+r2CEQJUvQCgrlvYPGnEzZHCh49QeIiD1diciMUAn0uV rwVcBYJ/T6ml85rm1R6RTaf4 =PFlh -END PGP SIGNATURE-
Re: Mac OS X 10.1: Now with extra compiling woes!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 3:20 PM -0700 9/29/01, Randal L. Schwartz wrote: I installed 10.0.1, the 10.0 developer tools, then 10.1 (I don't have the 10.1 developer tools, and they're not available from Apple's download site), and I couldn't even compile hello_world.c (error The releases I saw said they'd come with the update CD. I tried CompUSA today and they didn't have it yet. The (semi) local Apple Store apparently had 900 of them, but as of this morning there was a line of 200 people outside (according to the guy at CompUSA, who knew someone there) so I decided to wait a day or so. Especially with the compile issues people are mentioning, I can't afford to upgrade my machine and have mod_perl fail on me when I'm in the middle of development work. - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ [EMAIL PROTECTED] (or ...!alice!nazgul for time travelers :-) I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBO7ZRaiZsPfdw+r2CEQLiFwCdF3Yl6+SOEQPjg0ex7A7bHBvut3YAoOD4 lhfUswvYwMYHUB4b+6Suq/xN =N0C7 -END PGP SIGNATURE-
Re: Process Priority
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 10:07 PM -0500 8/7/01, Ken Williams wrote: No, but lots of them together can. My favorite bit of malicious Perl code, which I've never had the courage to try, is fork while 1. =) Multiple processes I can see bringing the machine down (shouldn't, but it's common, and hard to protect from). Nevertheless, perhaps it's really Aqua or the Finder or Terminal that's misbehaving, not Apache or mod_perl. Several times I've seen No. Nothing is responding at all--the machine is devoting everything to that one process. I've tried knocking my Apache timeout down to a much smaller value, and I'll see whether that saves me next time. But this clearly shouldn't be happening. BTW, in your original message you mention command-escape. Just want to make sure you know that force-quit is actually command-option-escape. Yes, thanks. - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBO3FgaCZsPfdw+r2CEQK72ACfejAJVQVlxgPbHk9ZsJgGcOVRrkgAn2af Q4JB+3zkGiw88MZ6ZWkDcBTB =DHJU -END PGP SIGNATURE-
Process Priority
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 If I have a mod_perl routine that fouls up (goes into a tight loop) it brings my machine completely to its knees. I'm unable to do just about anything, including command-escape. I've sometimes been able to switch windows, but never type anything or kill the server process. So far I've just had to reboot the machine. I doubt this is a mod_perl problem specifically, it seems to me it's a MacOS X process priority problem. But does anyone know how to keep it from happening? - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBO3AqnSZsPfdw+r2CEQKq4wCg0iAZuinI9Yfz5j45NwSL6sfgvlEAoI6G HmO+G94wHcdT6GCS/e91GGd7 =jA/9 -END PGP SIGNATURE-
Re: mod_perl-1.26 - apache_1.3.20 - mac osX
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 12:49 PM -0500 8/6/01, Craig S. Cottingham wrote: Amen to that! The only thing that keeps me chained to my network now is email and instant messaging, either of Normally I solve the email problem with a PC-card modem and my cell phone, but unfortunately that currently requires rebooting into 9.1. Here's hoping that 10.1 adds PC card support. - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBO28uqyZsPfdw+r2CEQKtvgCgwjmDC9ODfrsI/24flCK7aiY6X58AoIdb +2qOHHWunbt0CltjP0n16GZb =0GJt -END PGP SIGNATURE-
Re: mod_perl-1.26 - apache_1.3.20 - mac osX
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 12:29 PM -0500 8/6/01, Peter Fraterdeus wrote: I've put a few entries into /etc/hosts and configured lookupd to also check there... How!? I tried to figure it out and finally gave up and used NetInfo, which works for most, but not all, utilities. - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -BEGIN PGP SIGNATURE- Version: PGP Personal Security 7.0.3 iQA/AwUBO28zXiZsPfdw+r2CEQL4QgCgmX8s2kwgzX2B5f5UJd/SkF3I2hgAoPwQ gcKZkKKdW8k+qkKFz9hXePLa =SABq -END PGP SIGNATURE-