From shuchit at gmail.com Wed Jul 7 13:34:47 2010 From: shuchit at gmail.com (Shuchit Velkar) Date: Wed, 7 Jul 2010 16:34:47 -0400 Subject: [kw-pm] Meeting this Thursday, 15 July Message-ID: Two talks about using Vim for development are planned for this month. Guest speaker, David Fishburn, will talk about editing database scripts in Vim. David is the maintainer of DBExt extension for Vim. http://www.vim.org/scripts/script.php?script_id=356 fishbot will talk about navigating large C/C++ projects in gvim. Pizza will be procured, sponsored by $anonymous. Don't forget to add yourself to: http://kw.pm.org/wiki/index.cgi?PizzaList As usual we meet: 7pm in DC3323, University of Waterloo. http://kw.pm.org has the details. Hope to see you Thursday, Shuchit From eric at uc.org Wed Jul 7 14:24:12 2010 From: eric at uc.org (fishbot) Date: Wed, 7 Jul 2010 17:24:12 -0400 (EDT) Subject: [kw-pm] Meeting this Thursday, 15 July In-Reply-To: References: Message-ID: If anyone else wants to demo some Vim tricks, plugins, etc. then this is encouraged. Just show up prepared to demo, or let us know ahead of time. Doesn't need to be Perl-relevant, you need a good editor for programming any language. Except Java, where you use Eclipse. ---- original message : 2010-07-07 4:34pm : Shuchit Velkar ---- > Two talks about using Vim for development are planned for this month. > > Guest speaker, David Fishburn, will talk about editing database > scripts in Vim. David is the maintainer of DBExt extension for Vim. > http://www.vim.org/scripts/script.php?script_id=356 > > fishbot will talk about navigating large C/C++ projects in gvim. > > Pizza will be procured, sponsored by $anonymous. Don't forget > to add yourself to: http://kw.pm.org/wiki/index.cgi?PizzaList > > As usual we meet: 7pm in DC3323, University of Waterloo. > http://kw.pm.org has the details. > > Hope to see you Thursday, > Shuchit > _______________________________________________ > kw-pm mailing list > kw-pm at pm.org > http://mail.pm.org/mailman/listinfo/kw-pm > From daniel at coder.com Wed Jul 14 11:21:06 2010 From: daniel at coder.com (Daniel R. Allen) Date: Wed, 14 Jul 2010 14:21:06 -0400 (EDT) Subject: [kw-pm] Meeting this Thursday, 15 July In-Reply-To: Message-ID: Friendly reminder about tomorrow's meeting & pizza-list RSVP: http://kw.pm.org/wiki/index.cgi?PizzaList If you would like to give a presentation, either 45 minutes, 20 minutes, or shorter, just give a shout. We're looking for talks for September onward. See you tomorrow, Daniel On Wed, 7 Jul 2010, Shuchit Velkar wrote: > Two talks about using Vim for development are planned for this month. > > Guest speaker, David Fishburn, will talk about editing database > scripts in Vim. David is the maintainer of DBExt extension for Vim. > http://www.vim.org/scripts/script.php?script_id=356 > > fishbot will talk about navigating large C/C++ projects in gvim. > > Pizza will be procured, sponsored by $anonymous. Don't forget > to add yourself to: http://kw.pm.org/wiki/index.cgi?PizzaList > > As usual we meet: 7pm in DC3323, University of Waterloo. > http://kw.pm.org has the details. > > Hope to see you Thursday, > Shuchit > _______________________________________________ > kw-pm mailing list > kw-pm at pm.org > http://mail.pm.org/mailman/listinfo/kw-pm > From roberthpike at yahoo.com Mon Jul 19 06:35:07 2010 From: roberthpike at yahoo.com (Robert Pike) Date: Mon, 19 Jul 2010 06:35:07 -0700 (PDT) Subject: [kw-pm] Security Handling Message-ID: <771113.41507.qm@web120514.mail.ne1.yahoo.com> When creating a CGI app (in Perl), what procedures and/or modules do you find useful when validating and/or removing anything harmful from a query? I'm using the CGI module currently, is there anything additional that can be added that will help with security issues and such? Any input would be appreciated. Thanks. From shuchit at gmail.com Mon Jul 26 06:59:12 2010 From: shuchit at gmail.com (Shuchit Velkar) Date: Mon, 26 Jul 2010 09:59:12 -0400 Subject: [kw-pm] Security Handling In-Reply-To: <771113.41507.qm@web120514.mail.ne1.yahoo.com> References: <771113.41507.qm@web120514.mail.ne1.yahoo.com> Message-ID: On Mon, Jul 19, 2010 at 9:35 AM, Robert Pike wrote: > When creating a CGI app (in Perl), what procedures and/or modules do you find useful when validating and/or removing > anything harmful from a query? I'm using the CGI module currently, is there anything additional that can be added that will > help with security issues and such? Any input would be appreciated. Thanks. "Perlsec" section in the Perl documentation should be the starting point of your research. http://perldoc.perl.org/perlsec.html Especially the part about "taint" mode. Also go through http://oreilly.com/catalog/cgi2/chapter/ch08.html Shuchit From nick.dumas at gmail.com Mon Jul 26 12:55:27 2010 From: nick.dumas at gmail.com (Nick Dumas) Date: Mon, 26 Jul 2010 15:55:27 -0400 Subject: [kw-pm] kw-pm Digest, Vol 84, Issue 4 In-Reply-To: References: Message-ID: On Mon, Jul 19, 2010 at 9:35 AM, Robert Pike wrote: > When creating a CGI app (in Perl), what procedures and/or modules do you find useful when validating and/or removing > anything harmful from a query? I'm using the CGI module currently, is there anything additional that can be added that will > help with security issues and such? Any input would be appreciated. Thanks. In addition to the technical means, you should avoid thinking of it in terms of "removing harmful things". Instead, take the point of view of accepting only known good values. It is much easier to add functionality you know than to remove vulnerabilities you don't know. :) - Nick