Re: Set up GUI stack on OSX server that handles STDIN/STDOUT
Sannyasin Sivakatirswami a écrit : General Question is: How does one set up a stack on an OSX server that can act like a UNIX program where any other [Program A] can set a path: /usr/sbin/myFilter.mc where myFilter.mc is an open stack running in GUI mode, such that output from Program A is read as standardIn incoming data by 'myFilter.mc to which myFilter.mc can send our responses which are seen by Program A as data coming from myFilter.mc's standardOut? Specific Context is: We want to have more control over incoming email on the email server, not only for virus scanning but for many other purposes. Communigate Pro (our mail server) can set up a path to an external program and using its External Filter API which is a simple set or request/response codes, it will send a request to the external program and expect responses. I would like the external program to be a metacard stack if possible, with a GUI interface. Is that doable? In this scenario Apache or any web CGI interfaces are not involved. But i think it must be a similar concept as Pierre Sohores long running process i know how to use the faceless script to read from stnin but how do you do that in a GUI stack ... which must be some how set up a pipe to listen ? mmm. somehow. I think we may have come full circle here back to Metacard's roots? examples stack and scripts would be very helpful... Sannyasin Sivakatirswami Himalayan Academy Publications at Kauai's Hindu Monastery [EMAIL PROTECTED] www.HimalayanAcademy.com, www.HinduismToday.com www.Gurudeva.org www.Hindu.org ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard Allo, The best starter point to build this kind of stuff is probably to adapt an issue of the Mark's mc-based sockets client/server stack to your own needs. I use, for my own, time to time, this method to build some very usefull lan mc-based utilities. See below what Mark wrote, a while ago, to explain us how to do : Objet: Sockets Made Easy .. sort of Date: Wed, 15 Nov 2000 14:14:22 -0600 De: Mark Luetzelschwab [EMAIL PROTECTED] Répondre-A: [EMAIL PROTECTED] A: [EMAIL PROTECTED] Since I have been mucking around with sockets (as others on this list have), I decided to make a simple stack that acted as both a client and a server and could send any data between the two. My current plan is to make it a stack that can act as a library so I can use it at either end and make updates to it without messing with the rest of my stacks. In its current form, it lets you send data up to the stack acting as a server, send a simple command to request data from the server, and to send a file to the server. (remember, its the same stack, just running on two machines...and you hit start server on one). The conversation between the two continues until the client or server says OK...so the server can send error messages or whatever back to the client. Feel free to use it, take it apart, make it better (lots of room).it should be a pretty good intro for someone who is just learning sockets, but also useful for someone who doesnt want to learn too much about them (and just wants to move small blocks of data between stacks). I'll post the library stack once I figure it out for my purposes. Detailed instructions are on the page...but in summary...open it on two computers, click on start server on one, type the IP of the server into the client, then send some data! Download from: http://www.tenet.edu/teks/language_arts/testsite/downloads/mc/mc.html Let me know what you think. Mark J. Luetzelschwab [EMAIL PROTECTED] Graduate Research Assistant (v) (512) 232 6034 Instructional Technology(f) (512) 232 2322 Reading and Language Arts: http://www.texasreading.org Archives: http://www.mail-archive.com/metacard@lists.runrev.com/ Info: http://www.xworlds.com/metacard/mailinglist.htm Please send bug reports to [EMAIL PROTECTED], not this list. -- Cordialement, Pierre Sahores Inspection académique de Seine-Saint-Denis. Applications et bases de données WEB et VPN Qualifier et produire l'avantage compétitif ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Dumb sort question - Tanks Comments
Thank you all for your help suggestions. Unfortunately, none of them helped solving my problem... Below you'll find a few more info on what I'm trying to do, comments on some suggestions and finally some feature requests for future versions of MC. Basically, I need to sort a variable featuring 5 lines with a max of 30,000 items each. The sort key could be any of the 5 lines, and after sorting I'd like to extract any line of the variable (get line 3 of myVariable) for further processing. The content of every item of every line can change / evolve continuously. When the variable is organized as 30,000 lines of 5 items each, sorting is a snap (less than 1 second), but then extracting 1 column is impossible... Jacqueline : Thanks for your script : it works great, but when the variable reaches 20,000 items per line, it becomes way too slow... Ray : Yes, the transpose function looks attracting, but unfortunately it only works on arrays. And once the array has been transposed, it seems impossible to extract 1 single line / row. I tried to put the array content into a variable, but it remains stractured as an array... BTW, when the size of a 2 dimensions array reaches a certain limit (5 rows 20,000 column), I get the error message : can't transpose this array (or something similar), while it works fine with 5 rows and 10,000 colums... Is it a bug ? Mr X : Yes, 1 of the Rinaldi externals does that perfectly, but doesn't run on Windoze... Andu and Tariel : Yes, being able to access arrays content via individual rows columns would be a GREAT feature... I'd even dare to say that future versions of MC should implement most of the properties functions associated with spreadsheets in OMO, but applied to arrays, which means : - the ability to split arrays vertically horizontally - the ability to extract individual rows / colums - the ability to sort the content of an array according to sort keys that could be individual rows / colums - a special find function that would work like in OMO spreadsheets : find rows of myTab where item 2 10 would return a comma-separated list of numbers of rows for which this condition is true Actually, spreadsheets in OMO where 1 of the greatest tools I've ever used and I still miss them several years later... Of course, this would work on 1 or 2 dimension arrays; for 3 dimension arrays, things get more complex... Cheers, JB ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
MC on Apache and CGI
Hello again, I have a rather odd request regarding the installation of MC on a server running Apache for CGI applications, both from standard web pages and from MC standlones. MC has been installed on 2 of our servers several months ago and I've used it successfully for a couple of projects and everything works fine. The question is NOT about how to use it, but how to INSTALL it. Let me explain : it had been installed by a guy who no longer works with us, and I'm not an Apache wizzard. Furthermore, there are plans to transfer the content of our servers to the servers of a company who would administrate everything for us (mainly for cost reduction). Of course, ppl at that company never heard of MC and are quite reluctant to install it on their machines... So what I need is accurate info (from someone who already installed it and uses it daily - Pierre ? ) about installation and safety issues, mainly to convince those ppl... I remember some posts on this list about the need of a wrapper (to hinder hackers to take control of the server), and differences between MC and Mchttpd, but am afraid I don't master these subjects well enough to convince a Unix pro... As I want to use MC for cgi in more and more projects, I'd be very glad if someone could take a part of his time and explain everything to me (or at least everything I need to know), on or off list, it doesn't matter... Or perhaps does anyone know of some company here in France who already knows MC and is willing to have it installed on their servers... It would make things easier... Thanks in advance for your time attention. Best, JB ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: MC on Apache and CGI
jbv a écrit : Hello again, I have a rather odd request regarding the installation of MC on a server running Apache for CGI applications, both from standard web pages and from MC standlones. MC has been installed on 2 of our servers several months ago and I've used it successfully for a couple of projects and everything works fine. The question is NOT about how to use it, but how to INSTALL it. Let me explain : it had been installed by a guy who no longer works with us, and I'm not an Apache wizzard. Furthermore, there are plans to transfer the content of our servers to the servers of a company who would administrate everything for us (mainly for cost reduction). Of course, ppl at that company never heard of MC and are quite reluctant to install it on their machines... So what I need is accurate info (from someone who already installed it and uses it daily - Pierre ? ) about installation and safety issues, mainly to convince those ppl... I remember some posts on this list about the need of a wrapper (to hinder hackers to take control of the server), and differences between MC and Mchttpd, but am afraid I don't master these subjects well enough to convince a Unix pro... As I want to use MC for cgi in more and more projects, I'd be very glad if someone could take a part of his time and explain everything to me (or at least everything I need to know), on or off list, it doesn't matter... Or perhaps does anyone know of some company here in France who already knows MC and is willing to have it installed on their servers... It would make things easier... Thanks in advance for your time attention. Best, JB ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard Hi JB, It's, basicaly, two ways you can install mc to have it running behind Apache. 1.- As a simple cgi engine : just drop the mc engine where you want (but not in a directory where any bad guy will expect to find it) and add the right path head your mc-cgi scripts, alike #!/the path/mc. Verify that the right permissions are ok to let the cgis lauchables by the mc engine and it will be ok. 2.- As a long running mc processes engine (unixes boxes only, including linux and macosx) : first, you will, in this case, have to install the mc engine in the same way as explainded upon. Second, you will have to install the stacks devoted to handle the long running processes just alike any other deamon app, alike Apache or PostgreSQL, and do them launchables (at boot or trough an ssh dedicated command) in istalling the needed .sh scripts in the needed ./init.d/ subdirectories of the server box system. More, off-list, if needed ;) -- Cordialement, Pierre Sahores Inspection académique de Seine-Saint-Denis. Applications et bases de données WEB et VPN Qualifier et produire l'avantage compétitif ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: MC on Apache and CGI
Pierre, It's, basicaly, two ways you can install mc to have it running behind Apache. 1.- As a simple cgi engine : just drop the mc engine where you want (but not in a directory where any bad guy will expect to find it) and add the right path head your mc-cgi scripts, alike #!/the path/mc. Verify that the right permissions are ok to let the cgis lauchables by the mc engine and it will be ok. That's what has been done (AFAIK) and it works OK. Although your comments raise a few important questions that I'll have to discuss with the UNIX guy : - what is the best directory to drop the mc engine so that no bad guy finds it ? - and what can happen if any bad guy finds it ? - is there anything specific that can be done (by a bad guy) with MC as a simple cgi engine that can't be done with a php or perl engine ? - does it have to do with the presence of a wrapper (I've seen that word at times in articles / discussions about cgi engines) ? - are there any safety measures to take to prevent that ? And as for permissions : I know that the right permissions have to be set to mc-cgi scripts and text files used by those scripts, but have the feeling that there must be some specific other permissions to set in the Apache configuration to allow mc-cgi scripts to be triggered by external requests... If yes, can those permissions be set for one domain name only ? More on this issues, please... Thanks a lot, JB ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Can't delete card
When I try to delete a card via a bg script, I am given an Error message the handler: on deletekey answer Supprimer cette carte ? with Annuler or Supprimer if it is supprimer then delete this card end deletekey the error message: Object: stack locked, or object's script is executing Chunk: can't delete object BUT if I click on a button with a one-line script (delete this card) that works! Moreover, if I write a script which sends mouseup to the btn, it doesn't work again (error message)! Is there a rationale behind this? -- Regards, (-8 Dominique ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: MC on Apache and CGI
--On Sunday, December 08, 2002 19:39:59 + jbv [EMAIL PROTECTED] wrote: Pierre, It's, basicaly, two ways you can install mc to have it running behind Apache. 1.- As a simple cgi engine : just drop the mc engine where you want (but not in a directory where any bad guy will expect to find it) and add the right path head your mc-cgi scripts, alike #!/the path/mc. Verify that the right permissions are ok to let the cgis lauchables by the mc engine and it will be ok. That's what has been done (AFAIK) and it works OK. Although your comments raise a few important questions that I'll have to discuss with the UNIX guy : - what is the best directory to drop the mc engine so that no bad guy finds it ? There is no such thing, I usually put it in the cgi-bin directory with the scripts but it can be anywhere as long as you specify the path in the script. You can rename it if you wish. - and what can happen if any bad guy finds it ? Nothing, he never heard of it, only good people know Metacard;-). - is there anything specific that can be done (by a bad guy) with MC as a simple cgi engine that can't be done with a php or perl engine ? No. Usually bad guys don't think of something called mc as something to play with and judging from the logs of the servers I service *all* bad guys look for a directory structure specific to windows NT not Linux. - does it have to do with the presence of a wrapper (I've seen that word at times in articles / discussions about cgi engines) ? - are there any safety measures to take to prevent that ? No And as for permissions : I know that the right permissions have to be set to mc-cgi scripts and text files used by those scripts, but have the feeling that there must be some specific other permissions to set in the Apache configuration to allow mc-cgi scripts to be triggered by external requests... If yes, can those permissions be set for one domain name only ? Just add .cgi sufix to scripts to avoid changes to Apache config file and make sure scripts are executables. More on this issues, please... Thanks a lot, JB ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard Regards, Andu Novac ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: MC on Apache and CGI
I use MC on all our domains in Honolulu, works fine: this is how we have it, possibly you know all this already, but I am very interested in having this area (MC security running behind Apache on a Unix-MacOSX box) thoroughly elucidated as we also know virtually nothing about Unix security issues. so here goes with what I know to date: put the engine itself in cgi-bin ## just like any PERL script ## that's protected from bad guys as far as i know CHMOD 755 the engine itself Put your scripts in the CGI directory along side the engine CHMOD them also 755. Path to engine in 1st line of the script is standard.. .Just look at any access logs for your site to see what the full machine path is to your directory on that machine to any file e.g. #! /export/users/g/gregory/public_html/cgi-bin/mc ## is a typical path on a virtual domain... ## where /public_html/cgi-bin/mc is the flavor for the running OS on StartUp read from stnIn ##make sure any path ref in your script climbs out of the CGI bin ## ../someDirectory/some.file etc. to block other domains you need to create an authorized domain' routine similar to the one in formMail.pl where a) you parse the header from the submisson from the submitting domain, b) check that against a list of authorized domains usually this is the one on which the script itself resides, or several on the same server under your control to prevent hackers from making POSTs from other domains/servers. == I asked these same questions two years ago, was told that the wrapper thing pertained to using MC as a server handling the http requests... not to the context where MC is used as a CGI interpreter where Apache is the actual server. That said, then no more damage to the server can be done by an MC script than one could do with an a bad Perl script. We quietly installed MC remotely in the cgi-bin with a nod from their server admin who we have hosted with since before the web began in 93 on trust that we would not do anything stupid just like they assume anyone using PERL is not going to install scripts that would do something radical to their server. e.g. I see lots of attempts from outside domains to hit on our formMail.pl (perl) script, You see this in the error logs where POSTs are coming down from outside domains to formmail.cgi FormMail.pl formMail.cgi, formMail.pl where some guy is obviously testing to see if he can use my CGI,,, if he could only get the name right... and occasionally they do, but their submission is rejected. by the script itself... not by any wrapper' as such. In this case this is a well-known Perl script in the public domain (formMail.pl) which previously had a big hole in it (go to Matt's Archives and see his comments at the top of the latest version of formMail.pl) I am not an expert, but it would seem to me that any script in any language could be secure or dangerous if it did not do the obviously security thing of examining the globals or some initial bit of data from stdIn and if it is not what's expected, nothing happens. but, perhaps there are other holes or other kinds of CGI scenarios (we are just talking about POST here.) that could be dangerous? Sannyasin Sivakatirswami Himalayan Academy Publications at Kauai's Hindu Monastery [EMAIL PROTECTED] www.HimalayanAcademy.com, www.HinduismToday.com www.Gurudeva.org www.Hindu.org On Sunday, December 8, 2002, at 09:39 AM, jbv wrote: Although your comments raise a few important questions that I'll have to discuss with the UNIX guy : - what is the best directory to drop the mc engine so that no bad guy finds it ? - and what can happen if any bad guy finds it ? - is there anything specific that can be done (by a bad guy) with MC as a simple cgi engine that can't be done with a php or perl engine ? - does it have to do with the presence of a wrapper (I've seen that word at times in articles / discussions about cgi engines) ? - are there any safety measures to take to prevent that ? And as for permissions : I know that the right permissions have to be set to mc-cgi scripts and text files used by those scripts, but have the feeling that there must be some specific other permissions to set in the Apache configuration to allow mc-cgi scripts to be triggered by external requests... If yes, can those permissions be set for one domain name only ? More on this issues, please... ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: MC on Apache and CGI
Just as an add-on to what Andu and Sivakatirswami answered previously :-) Pierre, It's, basicaly, two ways you can install mc to have it running behind Apache. 1.- As a simple cgi engine : just drop the mc engine where you want (but not in a directory where any bad guy will expect to find it) and add the right path head your mc-cgi scripts, alike #!/the path/mc. Verify that the right permissions are ok to let the cgis lauchables by the mc engine and it will be ok. That's what has been done (AFAIK) and it works OK. Although your comments raise a few important questions that I'll have to discuss with the UNIX guy : - what is the best directory to drop the mc engine so that no bad guy finds it ? - and what can happen if any bad guy finds it ? - is there anything specific that can be done (by a bad guy) with MC as a simple cgi engine that can't be done with a php or perl engine ? - does it have to do with the presence of a wrapper (I've seen that word at times in articles / discussions about cgi engines) ? - are there any safety measures to take to prevent that ? Don't use the GET method in cgi scripts, including mc-based cgis. If you use only the POST method in your mc-cgi scripts, including fine conditional closed-list of the possibles replies to each incoming request, excluding any possibility of replying outside of the previous listed cases, mc will never become an unsecure deamon as long as it will stay unlauchable by any backdoor app installed in any way on the server. To be sure about that, and this is not specific to mc, as long as there are many others engines availables on a server (perl, php,.. and, even, the gcc c compiler,...), the best - and it's what i do for my own servers - is to pay a security consultant to update, with regularity, your configs and have an eye on your servers againt bad risks of security holes. And as for permissions : I know that the right permissions have to be set to mc-cgi scripts and text files used by those scripts, but have the feeling that there must be some specific other permissions to set in the Apache configuration to allow mc-cgi scripts to be triggered by external requests... If yes, can those permissions be set for one domain name only ? More on this issues, please... Thanks a lot, JB I agree about what you seen in your logs, Andu ! It's the same there : some ones are trying to hack the NT directories structure of my Linux servers ! It's not a valuable reason to think that nobodyvill never be able to hack a right securised box ;-) To the end, we are more and more liestening, those days, about the proxy applications security concept and i'm far sure that mc is the must have tool to build such kind of firewall proxies apps ! -- Cordialement, Pierre Sahores Inspection académique de Seine-Saint-Denis. Applications et bases de données WEB et VPN Qualifier et produire l'avantage compétitif ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
global misses
I am experimenting with optimizing some aspect of my program and noticed the following: 1. when a global is made into associative array, the globals() functions does not report its existence even though it can be used as expected. 2. the exist operator does not work with globals as objects. Are these bugs or features? I create a series of globals dynamically and use the globals() function to find which were created and delete them when they are not needed. However, after converting some of them into array, they essentially disappear from my scope. The second surfaced when I tried to rememdy the situation by checking for existence of a global. It seems I either can't use associative arrays with globals or I must forget about removing them from memory. Robert Brenstein ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Lessening processor usage
I've brought up this topic earlier and didn't get any responses, let alone a satisfactory answer. Why does MetaCard's processor usage spike horribly after playing a QuickTime object? Even if the player is stopped, or hidden and stopped, the processor usage still is quite inordinate. Is this a feature with MetaCard, or am I doing something wrong with player objects? I notice the processor is used a lot even when I use the play videoClip blah.mov to do a one-time sound where no player object is necessary, though processor usage doesn't seem to be eaten up by it as much. However, as the program is kept running for hours, its processor usage does go up. Ideas? Thoughts? Thanks, Karl ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard
Re: Dumb sort question - Tanks Comments
On 12/7/02 10:18 AM, Ernst M. Reicher wrote: On 12/8/02 15:36 jbv [EMAIL PROTECTED] wrote: -a special find function that would work like in OMO spreadsheets : find rows of myTab where item 2 10 would return a comma-separated list of numbers of rows for which this condition is true Actually, spreadsheets in OMO where 1 of the greatest tools I've ever used and I still miss them several years later... I second that. And I miss chart object form OMO even more. About year ago I wrote here that HyperCard style debugger, OMO style spreadsheet and OMO Chart object is all I miss in MC. Well, we just got great new debugger in upcoming v. 2.5, Table is partially implemented (at least it clips text at the end of the column). This really gives me a hope that eventually MC will have it all :) Tariel ___ metacard mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/metacard