Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #58567 > unrolled thread
| Started by | Νίκος Γκρ33κ <nikos.gr33k@gmail.com> |
|---|---|
| First post | 2013-11-06 17:25 +0200 |
| Last post | 2013-11-16 10:40 +0000 |
| Articles | 20 on this page of 220 — 47 participants |
Back to article view | Back to comp.lang.python
To whoever hacked into my Database Νίκος Γκρ33κ <nikos.gr33k@gmail.com> - 2013-11-06 17:25 +0200
Re: To whoever hacked into my Database Joel Goldstick <joel.goldstick@gmail.com> - 2013-11-06 10:34 -0500
Re: To whoever hacked into my Database Denis McMahon <denismfmcmahon@gmail.com> - 2013-11-07 21:20 +0000
Re: To whoever hacked into my Database Ian Kelly <ian.g.kelly@gmail.com> - 2013-11-07 14:39 -0700
Re: To whoever hacked into my Database alex23 <wuwei23@gmail.com> - 2013-11-08 11:32 +1000
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-08 09:15 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 11:34 +0200
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-08 20:52 +1100
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-08 09:52 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 12:00 +0200
Re: To whoever hacked into my Database Maarten <maarten.sneep@knmi.nl> - 2013-11-08 03:08 -0800
Re: To whoever hacked into my Database Tim Delaney <timothy.c.delaney@gmail.com> - 2013-11-09 00:12 +1100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 15:48 +0200
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-08 14:55 +0100
Re: To whoever hacked into my Database Joel Goldstick <joel.goldstick@gmail.com> - 2013-11-08 12:05 -0500
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-08 13:30 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 15:57 +0200
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-08 14:09 +0000
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-08 15:44 +0100
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-08 10:00 +0000
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-08 21:09 +1100
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-08 13:40 +0000
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-08 14:02 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 17:15 +0200
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-08 16:06 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 18:28 +0200
Re: To whoever hacked into my Database unknown <unknown@unknown.com> - 2013-11-08 16:48 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 18:57 +0200
Re: To whoever hacked into my Database unknown <unknown@unknown.com> - 2013-11-08 17:01 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 19:09 +0200
Re: To whoever hacked into my Database Joel Goldstick <joel.goldstick@gmail.com> - 2013-11-08 12:16 -0500
Re: To whoever hacked into my Database Ned Deily <nad@acm.org> - 2013-11-08 09:26 -0800
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-08 20:30 +0100
Re: To whoever hacked into my Database unknown <unknown@unknown.com> - 2013-11-08 16:10 +0000
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-08 16:46 +0100
Re: To whoever hacked into my Database aurelien@xload.io (Aurélien DESBRIÈRES) - 2013-11-08 14:56 +0100
Re: To whoever hacked into my Database Joel Goldstick <joel.goldstick@gmail.com> - 2013-11-07 16:45 -0500
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 00:18 +0200
Re: To whoever hacked into my Database Tim Delaney <timothy.c.delaney@gmail.com> - 2013-11-08 09:45 +1100
Re: To whoever hacked into my Database Tim Delaney <timothy.c.delaney@gmail.com> - 2013-11-08 09:46 +1100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 00:56 +0200
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-08 10:04 +1100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 01:10 +0200
Re: To whoever hacked into my Database Grant Edwards <invalid@invalid.invalid> - 2013-11-07 23:18 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 01:28 +0200
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-08 10:32 +1100
Re: To whoever hacked into my Database Larry Hudson <orgnut@yahoo.com> - 2013-11-08 00:42 -0800
Re: To whoever hacked into my Database Denis McMahon <denismfmcmahon@gmail.com> - 2013-11-08 18:19 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 21:18 +0200
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-08 09:12 +0000
Re: To whoever hacked into my Database Steve Simmons <square.steve@gmail.com> - 2013-11-08 01:10 +0000
Re: To whoever hacked into my Database Denis McMahon <denismfmcmahon@gmail.com> - 2013-11-08 18:22 +0000
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-08 09:06 +0000
Re: To whoever hacked into my Database Alister <alister.ware@ntlworld.com> - 2013-11-06 15:40 +0000
Re: To whoever hacked into my Database Steve Simmons <square.steve@gmail.com> - 2013-11-06 18:02 +0100
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-06 17:30 +0000
Re: To whoever hacked into my Database Νίκος Γκρ33κ <nikos.gr33k@gmail.com> - 2013-11-06 23:26 +0200
Re: To whoever hacked into my Database mm0fmf <none@mailinator.com> - 2013-11-06 21:51 +0000
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-06 22:11 +0000
Re: To whoever hacked into my Database Grant Edwards <invalid@invalid.invalid> - 2013-11-06 22:22 +0000
Re: To whoever hacked into my Database Tim Chase <python.list@tim.thechases.com> - 2013-11-06 16:34 -0600
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-07 09:54 +1100
Re: To whoever hacked into my Database Neil Cerutti <neilc@norwich.edu> - 2013-11-07 13:43 +0000
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-06 23:52 +0000
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-07 10:57 +1100
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-07 00:11 +0000
Re: To whoever hacked into my Database Ethan Furman <ethan@stoneleaf.us> - 2013-11-06 16:22 -0800
Re: To whoever hacked into my Database Tim Chase <python.list@tim.thechases.com> - 2013-11-06 21:07 -0600
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-07 12:00 +1100
Re: To whoever hacked into my Database Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-11-06 23:06 -0500
Re: To whoever hacked into my Database Tim Chase <python.list@tim.thechases.com> - 2013-11-07 06:09 -0600
Re: To whoever hacked into my Database bob gailer <bgailer@gmail.com> - 2013-11-07 07:19 -0500
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-07 16:27 +0000
Re: To whoever hacked into my Database Ferrous Cranus <nikos.gr33k@gmail.com> - 2013-11-07 01:01 -0800
Re: To whoever hacked into my Database Ferrous Cranus <nikos.gr33k@gmail.com> - 2013-11-07 01:13 -0800
Re: To whoever hacked into my Database Jussi Piitulainen <jpiitula@ling.helsinki.fi> - 2013-11-07 11:35 +0200
Re: To whoever hacked into my Database Steve Simmons <square.steve@gmail.com> - 2013-11-07 09:15 +0000
Re: To whoever hacked into my Database Ferrous Cranus <nikos.gr33k@gmail.com> - 2013-11-07 01:31 -0800
Re: To whoever hacked into my Database Alister <alister.ware@ntlworld.com> - 2013-11-07 10:06 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-07 15:46 +0200
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-08 00:59 +1100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-07 16:16 +0200
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-08 01:33 +1100
Re: To whoever hacked into my Database Neil Cerutti <neilc@norwich.edu> - 2013-11-07 14:58 +0000
Re: To whoever hacked into my Database Chris “Kwpolska” Warrick <kwpolska@gmail.com> - 2013-11-07 16:13 +0100
Re: To whoever hacked into my Database Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-11-07 19:22 -0500
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-07 15:47 +0200
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-07 16:34 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-07 19:42 +0200
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-07 18:11 +0000
Re: To whoever hacked into my Database MRAB <python@mrabarnett.plus.com> - 2013-11-07 18:28 +0000
Re: To whoever hacked into my Database Joel Goldstick <joel.goldstick@gmail.com> - 2013-11-07 11:45 -0500
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-07 19:45 +0200
Re: To whoever hacked into my Database Denis McMahon <denismfmcmahon@gmail.com> - 2013-11-07 21:29 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 00:31 +0200
Re: To whoever hacked into my Database ishish <ishish@domhain.de> - 2013-11-08 00:32 +0000
Re: To whoever hacked into my Database Johannes Findeisen <mailman@hanez.org> - 2013-11-06 23:28 +0100
Re: To whoever hacked into my Database Gene Heskett <gheskett@wdtv.com> - 2013-11-06 18:19 -0500
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 10:20 +0200
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-08 19:31 +1100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 10:59 +0200
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-08 09:19 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 11:37 +0200
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-08 09:58 +0000
Re: To whoever hacked into my Database Joel Goldstick <joel.goldstick@gmail.com> - 2013-11-08 04:59 -0500
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 11:39 +0200
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-08 09:55 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 12:05 +0200
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-08 21:13 +1100
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-08 14:27 +0100
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-08 13:31 +0000
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-08 14:53 +0100
Re: To whoever hacked into my Database rurpy@yahoo.com - 2013-11-08 09:11 -0800
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-09 05:08 +1100
Re: To whoever hacked into my Database rusi <rustompmody@gmail.com> - 2013-11-08 19:15 -0800
Re: To whoever hacked into my Database rusi <rustompmody@gmail.com> - 2013-11-08 20:24 -0800
Re: To whoever hacked into my Database rurpy@yahoo.com - 2013-11-11 14:47 -0800
Re: To whoever hacked into my Database Joel Goldstick <joel.goldstick@gmail.com> - 2013-11-11 18:49 -0500
Re: To whoever hacked into my Database rurpy@yahoo.com - 2013-11-11 22:24 -0800
Re: To whoever hacked into my Database Tim Chase <python.list@tim.thechases.com> - 2013-11-12 05:30 -0600
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-12 00:03 +0000
Re: To whoever hacked into my Database Ned Batchelder <ned@nedbatchelder.com> - 2013-11-11 17:16 -0800
Re: To whoever hacked into my Database Gregory Ewing <greg.ewing@canterbury.ac.nz> - 2013-11-12 18:21 +1300
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-12 09:34 +0000
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-12 20:35 +1100
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-12 11:20 +0100
Re: To whoever hacked into my Database rurpy@yahoo.com - 2013-11-11 22:31 -0800
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-12 10:09 +0100
Re: To whoever hacked into my Database Ned Batchelder <ned@nedbatchelder.com> - 2013-11-12 03:23 -0800
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-12 18:22 +0100
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-12 23:25 +0000
Re: To whoever hacked into my Database Ian Kelly <ian.g.kelly@gmail.com> - 2013-11-12 06:02 -0700
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-12 17:27 +0100
Re: To whoever hacked into my Database Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-11-13 00:41 +0000
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-13 09:08 +0100
Re: To whoever hacked into my Database Ferrous Cranus <nikos.gr33k@gmail.com> - 2013-11-13 23:46 +0200
Re: To whoever hacked into my Database Ned Batchelder <ned@nedbatchelder.com> - 2013-11-13 13:52 -0800
Re: To whoever hacked into my Database Ferrous Cranus <nikos.gr33k@gmail.com> - 2013-11-14 12:46 +0200
Re: To whoever hacked into my Database Alister <alister.ware@ntlworld.com> - 2013-11-14 12:32 +0000
Re: To whoever hacked into my Database Ferrous Cranus <nikos.gr33k@gmail.com> - 2013-11-14 15:24 +0200
Re: To whoever hacked into my Database Robert Kern <robert.kern@gmail.com> - 2013-11-14 13:30 +0000
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-15 00:27 +1100
Re: To whoever hacked into my Database Alister <alister.ware@ntlworld.com> - 2013-11-14 13:56 +0000
Re: To whoever hacked into my Database Ian Kelly <ian.g.kelly@gmail.com> - 2013-11-12 14:26 -0700
Re: To whoever hacked into my Database Ethan Furman <ethan@stoneleaf.us> - 2013-11-12 13:59 -0800
Re: To whoever hacked into my Database Ian Kelly <ian.g.kelly@gmail.com> - 2013-11-12 16:27 -0700
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-12 23:38 +0000
Re: To whoever hacked into my Database Ferrous Cranus <nikos.gr33k@gmail.com> - 2013-11-13 13:14 +0200
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-13 12:37 +0100
Re: To whoever hacked into my Database Ian Kelly <ian.g.kelly@gmail.com> - 2013-11-12 16:54 -0700
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-13 00:04 +0000
Re: To whoever hacked into my Database Ethan Furman <ethan@stoneleaf.us> - 2013-11-12 17:19 -0800
Bullying [was Re: To whoever hacked into my Database] Steven D'Aprano <steve@pearwood.info> - 2013-11-13 03:40 +0000
Re: Bullying [was Re: To whoever hacked into my Database] Ian Kelly <ian.g.kelly@gmail.com> - 2013-11-13 07:22 -0700
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-13 10:08 +0100
Re: To whoever hacked into my Database Ian Kelly <ian.g.kelly@gmail.com> - 2013-11-13 05:38 -0700
Re: To whoever hacked into my Database Ian Kelly <ian.g.kelly@gmail.com> - 2013-11-13 07:10 -0700
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-13 19:11 +0100
Re: To whoever hacked into my Database superchromix <markb77@gmail.com> - 2013-11-13 10:27 -0800
Re: To whoever hacked into my Database Ned Batchelder <ned@nedbatchelder.com> - 2013-11-13 10:30 -0800
Re: To whoever hacked into my Database Steve Simmons <square.steve@gmail.com> - 2013-11-13 20:02 +0100
Re: To whoever hacked into my Database Zachary Ware <zachary.ware+pylist@gmail.com> - 2013-11-13 13:24 -0600
Re: To whoever hacked into my Database Oscar Benjamin <oscar.j.benjamin@gmail.com> - 2013-11-13 19:36 +0000
Re: To whoever hacked into my Database William Ray Wing <wrw@mac.com> - 2013-11-13 15:11 -0500
Re: To whoever hacked into my Database Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-11-13 19:54 -0500
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-08 21:23 +0200
Re: To whoever hacked into my Database Neil Cerutti <neilc@norwich.edu> - 2013-11-08 20:23 +0000
Re: To whoever hacked into my Database Dotan Cohen <dotancohen@gmail.com> - 2013-11-12 11:37 +0200
Re: To whoever hacked into my Database Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-11-08 19:06 -0500
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-09 00:14 +0000
Relational data model, relations, and relationships (was: To whoever hacked into my Database) Ben Finney <ben+python@benfinney.id.au> - 2013-11-09 11:34 +1100
Re: To whoever hacked into my Database Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2013-11-08 19:03 -0500
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-09 07:54 +0200
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-09 08:16 +0200
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-09 17:20 +1100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-09 08:32 +0200
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-09 17:37 +1100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-09 09:05 +0200
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-09 09:54 +0200
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-09 10:31 +0200
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-09 19:39 +1100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-09 10:46 +0200
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-09 10:50 +0200
Re: To whoever hacked into my Database Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-11-09 15:07 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-09 18:58 +0200
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-09 18:59 +0200
Re: To whoever hacked into my Database ishish <ishish@domhain.de> - 2013-11-10 01:44 +0000
Re: To whoever hacked into my Database Alister <alister.ware@ntlworld.com> - 2013-11-10 12:42 +0000
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-09 16:32 +0100
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-10 09:20 +1100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-10 12:32 +0200
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-10 14:49 +0100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-10 17:01 +0200
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-10 15:09 +0000
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-10 16:28 +0100
Re: To whoever hacked into my Database Ned Batchelder <ned@nedbatchelder.com> - 2013-11-10 08:15 -0800
Re: To whoever hacked into my Database Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-11-10 20:13 +0100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-10 19:58 +0200
Re: To whoever hacked into my Database Petite Abeille <petite.abeille@gmail.com> - 2013-11-10 18:57 +0100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-10 20:46 +0200
Re: To whoever hacked into my Database Petite Abeille <petite.abeille@gmail.com> - 2013-11-10 20:16 +0100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-10 21:21 +0200
Re: To whoever hacked into my Database Petite Abeille <petite.abeille@gmail.com> - 2013-11-10 20:32 +0100
Re: To whoever hacked into my Database Rod Person <rodperson@rodperson.com> - 2013-11-10 14:54 -0500
Re: To whoever hacked into my Database Chris “Kwpolska” Warrick <kwpolska@gmail.com> - 2013-11-10 21:41 +0100
Re: To whoever hacked into my Database Rod Person <rodperson@rodperson.com> - 2013-11-10 15:44 -0500
Re: To whoever hacked into my Database Rod Person <rodperson@rodperson.com> - 2013-11-10 15:50 -0500
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-11 10:36 +1100
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-10 14:45 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-10 17:12 +0200
Re: To whoever hacked into my Database Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-11-10 15:24 +0000
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-09 08:35 +0200
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-09 17:45 +1100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-09 09:11 +0200
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-09 18:19 +1100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-09 09:44 +0200
Re: To whoever hacked into my Database Chris Angelico <rosuav@gmail.com> - 2013-11-09 18:57 +1100
Re: To whoever hacked into my Database Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> - 2013-11-11 11:36 +0200
Re: To whoever hacked into my Database Ferrous Cranus <nikos.gr33k@gmail.com> - 2013-11-12 15:37 +0200
Re: To whoever hacked into my Database Robert Day <robert.day@merton.oxon.org> - 2013-11-16 10:40 +0000
Page 9 of 11 — ← Prev page 1 … 7 8 [9] 10 11 Next page →
| From | Steve Simmons <square.steve@gmail.com> |
|---|---|
| Date | 2013-11-13 20:02 +0100 |
| Message-ID | <mailman.2547.1384369341.18130.python-list@python.org> |
| In reply to | #59324 |
On 13/11/2013 19:27, superchromix wrote: > > hi all, > > I've been thinking about learning Python for scientific programming.. but all of these flame war type posts make the user community look pretty lame. How did all of these nice packages get written when most of the user interaction is .... this?? > > Can anyone tell me, is there another newsgroup where the discussion is more on python programming? > > thanks Sadly, I'm inclined to agree with you but this is a relatively recent development. I joined this group about a year ago and, while it wasn't all 'sweetness and light', it was a lot better than '. . . . this' - in fact I'd say it was pretty good, I certainly got treated well and got quality answers to my (few) questions. Right now, we have a 'help vampire' who has demanded an inordinate amount of time from the list members - and not in a polite or well structured way. The members of this list have responded in various ways, ranging from continuing to help through to kill-file on the offending person. The discourse around how to deal with this issue has degenerated into some unfortunate and vitriolic debate. As far as I can see, it remains possible to post sensible, well constructed questions and get sensible well-considered answers - just let the intense arguments pass you by and focus on your own issues and their resolutions and you'll be fine on this list. There are plenty of very capable Pythonistas ready to help. Some basic advice (not wanting to teach you to suck eggs): - Include relevant info on your environment (OS; version of Python; any specialist libraries in use; etc) - Come to the list with a clear description of what you are trying to do - Preferably include a code sample that displays the problem - Include the trace-back if you are getting one - Try to avoid using Google Groups as your 'reader' Welcome! Ignore the BS and Enjoy :-) Steve S
[toc] | [prev] | [next] | [standalone]
| From | Zachary Ware <zachary.ware+pylist@gmail.com> |
|---|---|
| Date | 2013-11-13 13:24 -0600 |
| Message-ID | <mailman.2548.1384370677.18130.python-list@python.org> |
| In reply to | #59324 |
On Wed, Nov 13, 2013 at 12:27 PM, superchromix <markb77@gmail.com> wrote: > > > hi all, > > I've been thinking about learning Python for scientific programming.. but all of these flame war type posts make the user community look pretty lame. How did all of these nice packages get written when most of the user interaction is .... this?? > > Can anyone tell me, is there another newsgroup where the discussion is more on python programming? Please don't judge the whole community by this thread, I promise we're not all bad! The majority of the traffic on this list is of a useful sort, and you can learn fairly quickly the addresses that are best ignored, blocked, or otherwise passed over. For myself using Gmail, I have a filter set up to mark particular threads that I don't want to be notified about and mute them after the first few mails come in. I didn't see your message initially because it was part of a muted thread, I only saw it at all because the thread spilled over the 100 message mark into a "new" thread in Gmail with one of the replies to your message. Also, if you have a specific question about how to do something in Python you can try the tutor list (tutor@python.org) which is much more focused, much lower traffic, and has several very knowledgeable Pythonistas listening in. Give us a chance, and I don't think we'll let you down :) -- Zach
[toc] | [prev] | [next] | [standalone]
| From | Oscar Benjamin <oscar.j.benjamin@gmail.com> |
|---|---|
| Date | 2013-11-13 19:36 +0000 |
| Message-ID | <mailman.2550.1384371404.18130.python-list@python.org> |
| In reply to | #59324 |
[Multipart message — attachments visible in raw view] — view raw
On Nov 13, 2013 6:31 PM, "superchromix" <markb77@gmail.com> wrote: > > I've been thinking about learning Python for scientific programming.. but all of these flame war type posts make the user community look pretty lame. How did all of these nice packages get written when most of the user interaction is .... this?? This isn't usually what happens on this list. Most people on this list (myself included) are ignoring or at least not contributing to these particular threads. > > Can anyone tell me, is there another newsgroup where the discussion is more on python programming? For a beginner I would certainly recommend the python-tutor list. I've never seen a flame war there. Threads tend to stay on-topic and are usually helpful to the OP. The tutor list is for generic python problems but you can usually get help for simple scientific programming problems. https://mail.python.org/mailman/listinfo/tutor Oscar
[toc] | [prev] | [next] | [standalone]
| From | William Ray Wing <wrw@mac.com> |
|---|---|
| Date | 2013-11-13 15:11 -0500 |
| Message-ID | <mailman.2552.1384373508.18130.python-list@python.org> |
| In reply to | #59324 |
On Nov 13, 2013, at 1:27 PM, superchromix <markb77@gmail.com> wrote: > > > hi all, > > I've been thinking about learning Python for scientific programming.. but all of these flame war type posts make the user community look pretty lame. How did all of these nice packages get written when most of the user interaction is .... this?? > > Can anyone tell me, is there another newsgroup where the discussion is more on python programming? > > thanks > -- > https://mail.python.org/mailman/listinfo/python-list I'd like to add one final thought to the note about joining the python-tutor list. For scientific programming you are almost certainly going to want to learn about scipy, numpy and matplotlib. These specialized libraries have dedicated discussion groups, which can be found at: <numpy-discussion@scipy.org>, and <matplotlib-users@lists.sourceforge.net> I'd recommend looking over the material at http://www.scipy.org Welcome to the community. -Bill
[toc] | [prev] | [next] | [standalone]
| From | Dennis Lee Bieber <wlfraed@ix.netcom.com> |
|---|---|
| Date | 2013-11-13 19:54 -0500 |
| Message-ID | <mailman.2569.1384390510.18130.python-list@python.org> |
| In reply to | #59324 |
On Wed, 13 Nov 2013 10:27:39 -0800 (PST), superchromix <markb77@gmail.com>
declaimed the following:
>
>
>hi all,
>
>I've been thinking about learning Python for scientific programming.. but all of these flame war type posts make the user community look pretty lame. How did all of these nice packages get written when most of the user interaction is .... this??
>
Go back in the archives about two years -- the group looked a lot
different back then... I think my first encounter with the entity known by
multiple names was summer of last year.
My own archives show my first response to "ferrous cranus" was January
19 of this year. I'm not going to look for any of the other names used...
--
Wulfraed Dennis Lee Bieber AF6VN
wlfraed@ix.netcom.com HTTP://wlfraed.home.netcom.com/
[toc] | [prev] | [next] | [standalone]
| From | Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> |
|---|---|
| Date | 2013-11-08 21:23 +0200 |
| Message-ID | <l5jdmr$olf$1@dont-email.me> |
| In reply to | #58817 |
Στις 8/11/2013 7:11 μμ, ο/η rurpy@yahoo.com έγραψε: > On 11/08/2013 03:05 AM, Νίκος Αλεξόπουλος wrote: >> I never ignore advices. >> I read all answers as carefully as i can. >> But nevertheless sometimes i feel things should have been better >> implemented using my way. >> >> Not of course that i know better, but thats better suited for me in the >> level iam. > > Most of the "advice" I've seen posted here has, as far > as I can tell, not intended to be useful but to serve > as a way to telling you are incompetent are in other ways > insulting or useless. I think you are quite right to > ignore it (or tell the poster to get lost.) > > Long before you showed up here, I noticed the tendency > to not answer questions directly but to jerk people off > by giving hints or telling them to do something other > than they want to do. > > Often that is good because the original request was > for something that the OP really didn't want to do. > But sometimes the OP knows they want to do (but doesn't > want or is unable to clearly explain why) and when > they clearly state that, yes, they do want to do it > their way, their question should be answered in good > faith or, for those who just can't tell how to do > something "wrong", ignored. > > Instead the response is typically a lot of hostility > directed at them for not "taking advice". In other > words, the advice here is not free advice, but come > with the price that you are expected to except it > gratefully whether it was what you asked for or not. > > I think you are quite right to reject advice that does > not do what you want and ask again for advice that does. > > FWIW, I am quite sure there are other readers of this > group who feel the same way, but most people aren't > willing to subject themselves to the bullying that > will be directed at anyone who publicly agrees with you. > It is the same way in real life too as I'm sure > you know. > > Just wanted to let you know that not everybody here > is an asshole. It is just that assholes, by their > nature, are the loudest. > Thank you for your support rurpy. Not all ppl in this list are rude and insulting. -- What is now proved was at first only imagined! & WebHost <http://superhost.gr>
[toc] | [prev] | [next] | [standalone]
| From | Neil Cerutti <neilc@norwich.edu> |
|---|---|
| Date | 2013-11-08 20:23 +0000 |
| Message-ID | <be4vivF5rrcU1@mid.individual.net> |
| In reply to | #58817 |
On 2013-11-08, rurpy@yahoo.com <rurpy@yahoo.com> wrote: > Just wanted to let you know that not everybody here is an > asshole. It is just that assholes, by their nature, are the > loudest. Hey man, pass that over! -- Neil Cerutti
[toc] | [prev] | [next] | [standalone]
| From | Dotan Cohen <dotancohen@gmail.com> |
|---|---|
| Date | 2013-11-12 11:37 +0200 |
| Message-ID | <mailman.2444.1384249057.18130.python-list@python.org> |
| In reply to | #58817 |
On Fri, Nov 8, 2013 at 7:11 PM, <rurpy@yahoo.com> wrote: > Long before you showed up here, I noticed the tendency > to not answer questions directly but to jerk people off > by giving hints or telling them to do something other > than they want to do. > > Often that is good because the original request was > for something that the OP really didn't want to do. > But sometimes the OP knows they want to do (but doesn't > want or is unable to clearly explain why) and when > they clearly state that, yes, they do want to do it > their way, their question should be answered in good > faith or, for those who just can't tell how to do > something "wrong", ignored. > > Instead the response is typically a lot of hostility > directed at them for not "taking advice". In other > words, the advice here is not free advice, but come > with the price that you are expected to except it > gratefully whether it was what you asked for or not. > > I think you are quite right to reject advice that does > not do what you want and ask again for advice that does. > > FWIW, I am quite sure there are other readers of this > group who feel the same way, but most people aren't > willing to subject themselves to the bullying that > will be directed at anyone who publicly agrees with you. > It is the same way in real life too as I'm sure > you know. > > Just wanted to let you know that not everybody here > is an asshole. It is just that assholes, by their > nature, are the loudest. When I've been given advice on this list or others that does not directly answer my question, I've found that the advice comes from one of two types of posters: 1) Those who don't understand my question, possibly due to my own failure to properly articulate. -or- 2) Those who understand my predicament better than I do, and show my how to get the results that I need despite my own failure to understand what exactly I need. With Python specifically, the latter far outnumber the former. When somebody here is giving advice, I listen humbly. Likewise I advise any newcomer to do. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com
[toc] | [prev] | [next] | [standalone]
| From | Dennis Lee Bieber <wlfraed@ix.netcom.com> |
|---|---|
| Date | 2013-11-08 19:06 -0500 |
| Message-ID | <mailman.2270.1383955806.18130.python-list@python.org> |
| In reply to | #58779 |
On Fri, 08 Nov 2013 13:31:02 +0000, Mark Lawrence <breamoreboy@yahoo.co.uk>
declaimed the following:
>On 08/11/2013 10:05, ????? ??????????? wrote:
>>
>> I never ignore advices.
>> I read all answers as carefully as i can.
>> But nevertheless sometimes i feel things should have been better
>> implemented using my way.
>
>The only relational database that has no relationships as effectively
>there's only one table, despite what Denis McMahon (amongst others?) has
>said.
>
In terms of relational database theory -- "relation" IS what most
people call a "table": the dependent data is "related" to the primary key
of the table.
Foreign keys to other tables are part of the definition.
--
Wulfraed Dennis Lee Bieber AF6VN
wlfraed@ix.netcom.com HTTP://wlfraed.home.netcom.com/
[toc] | [prev] | [next] | [standalone]
| From | Mark Lawrence <breamoreboy@yahoo.co.uk> |
|---|---|
| Date | 2013-11-09 00:14 +0000 |
| Message-ID | <mailman.2272.1383956108.18130.python-list@python.org> |
| In reply to | #58779 |
On 09/11/2013 00:06, Dennis Lee Bieber wrote: > On Fri, 08 Nov 2013 13:31:02 +0000, Mark Lawrence <breamoreboy@yahoo.co.uk> > declaimed the following: > >> On 08/11/2013 10:05, ????? ??????????? wrote: >>> >>> I never ignore advices. >>> I read all answers as carefully as i can. >>> But nevertheless sometimes i feel things should have been better >>> implemented using my way. >> >> The only relational database that has no relationships as effectively >> there's only one table, despite what Denis McMahon (amongst others?) has >> said. >> > In terms of relational database theory -- "relation" IS what most > people call a "table": the dependent data is "related" to the primary key > of the table. > > Foreign keys to other tables are part of the definition. > Practicality beats purity :) -- Python is the second best programming language in the world. But the best has yet to be invented. Christian Tismer Mark Lawrence
[toc] | [prev] | [next] | [standalone]
| From | Ben Finney <ben+python@benfinney.id.au> |
|---|---|
| Date | 2013-11-09 11:34 +1100 |
| Subject | Relational data model, relations, and relationships (was: To whoever hacked into my Database) |
| Message-ID | <mailman.2273.1383957311.18130.python-list@python.org> |
| In reply to | #58779 |
Dennis Lee Bieber <wlfraed@ix.netcom.com> writes: > On Fri, 08 Nov 2013 13:31:02 +0000, Mark Lawrence <breamoreboy@yahoo.co.uk> > declaimed the following: > > >The only relational database that has no relationships as effectively > >there's only one table, despite what Denis McMahon (amongst others?) > >has said. Relational databases aren't about implementing relationships between tables. They're about implementing the relational data model <URL:http://www.c2.com/cgi/wiki?RelationalModel> <URL:http://www.c2.com/cgi/wiki?RelationalDatabase>. > In terms of relational database theory -- "relation" IS what > most people call a "table": the dependent data is "related" to the > primary key of the table. Yes. In databases using SQL, one table implements a relation, where “relation” is a term of art from relational data theory. > Foreign keys to other tables are part of the definition. And between two relations connected by a foreign key, there exists a relationship — which is *not* what the “relational” in relational databases are about. Confusing? Yep. Relational theory is *not* a theory about relationship between tables. Relational databases are so called not because of relationships between tables, but because they implement relational theory. -- \ “It is the integrity of each individual human that is in final | `\ examination. On personal integrity hangs humanity's fate.” | _o__) —Richard Buckminster Fuller, _Critical Path_, 1981 | Ben Finney
[toc] | [prev] | [next] | [standalone]
| From | Dennis Lee Bieber <wlfraed@ix.netcom.com> |
|---|---|
| Date | 2013-11-08 19:03 -0500 |
| Message-ID | <mailman.2269.1383955419.18130.python-list@python.org> |
| In reply to | #58770 |
On Fri, 08 Nov 2013 11:39:17 +0200, ????? ???????????
<nikos.gr33k@gmail.com> declaimed the following:
>You wouldn't be able to write the scripts i have written.
>All you do is criticize me, but you never ever have posted code to
>anything i have asked.
>
I doubt if ANY of us could "write the scripts" you "have written"...
Ours would be functioning properly before we'd deploy them on an active
server.
--
Wulfraed Dennis Lee Bieber AF6VN
wlfraed@ix.netcom.com HTTP://wlfraed.home.netcom.com/
[toc] | [prev] | [next] | [standalone]
| From | Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> |
|---|---|
| Date | 2013-11-09 07:54 +0200 |
| Message-ID | <l5kimo$imp$1@dont-email.me> |
| In reply to | #58567 |
Στις 6/11/2013 5:25 μμ, ο/η Νίκος Γκρ33κ έγραψε: > Okey let the hacker try again to mess with my database!!! > > He is done it twice, lets see if he will make it again! > > I'am waiting! I have to congratulate the hacher because as it seems s/he's done it again. S/he's manages to actually pass fake filename values inside my db even after my changes: here is prrof: http://superhost.gr/?show=stats Now i need to hit my head into the wall until i understand how this thing
[toc] | [prev] | [next] | [standalone]
| From | Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> |
|---|---|
| Date | 2013-11-09 08:16 +0200 |
| Message-ID | <l5kjvh$mg7$1@dont-email.me> |
| In reply to | #58896 |
Στις 9/11/2013 7:54 πμ, ο/η Νίκος Αλεξόπουλος έγραψε: > Στις 6/11/2013 5:25 μμ, ο/η Νίκος Γκρ33κ έγραψε: >> Okey let the hacker try again to mess with my database!!! >> >> He is done it twice, lets see if he will make it again! >> >> I'am waiting! > > > I have to congratulate the hacher because as it seems s/he's done it again. > > S/he's manages to actually pass fake filename values inside my db even > after my changes: > > here is prrof: http://superhost.gr/?show=stats > > Now i need to hit my head into the wall until i understand how this thing Here is the link proof of the hack because now i have deleted this bogus entries: http://i.imgur.com/eqahBMj.png Perhaps these '../../' attempts were actually an attempt to try reading sensitive server's data from within'/etc' so to gain root in my system. Last night i have made some changes to the way i validate user input but as it seems the new scenario didn't work efficiently. I just re-altered something and i'm curious if this can happen once again.
[toc] | [prev] | [next] | [standalone]
| From | Chris Angelico <rosuav@gmail.com> |
|---|---|
| Date | 2013-11-09 17:20 +1100 |
| Message-ID | <mailman.2276.1383978054.18130.python-list@python.org> |
| In reply to | #58896 |
On Sat, Nov 9, 2013 at 4:54 PM, Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> wrote: > Στις 6/11/2013 5:25 μμ, ο/η Νίκος Γκρ33κ έγραψε: >> >> Okey let the hacker try again to mess with my database!!! >> >> He is done it twice, lets see if he will make it again! >> >> I'am waiting! > > > > I have to congratulate the hacher because as it seems s/he's done it again. > > S/he's manages to actually pass fake filename values inside my db even after > my changes: https://en.wikipedia.org/wiki/Hubris ChrisA
[toc] | [prev] | [next] | [standalone]
| From | Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> |
|---|---|
| Date | 2013-11-09 08:32 +0200 |
| Message-ID | <l5kkuj$qih$1@dont-email.me> |
| In reply to | #58898 |
Στις 9/11/2013 8:20 πμ, ο/η Chris Angelico έγραψε: > On Sat, Nov 9, 2013 at 4:54 PM, Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> wrote: >> Στις 6/11/2013 5:25 μμ, ο/η Νίκος Γκρ33κ έγραψε: >>> >>> Okey let the hacker try again to mess with my database!!! >>> >>> He is done it twice, lets see if he will make it again! >>> >>> I'am waiting! >> >> >> >> I have to congratulate the hacher because as it seems s/he's done it again. >> >> S/he's manages to actually pass fake filename values inside my db even after >> my changes: > > https://en.wikipedia.org/wiki/Hubris > > ChrisA > I'am not saying out of arrogance but i was really under the impression i had secure my script. And i had until i made some new changes last night, which i think i have corrected now as we speak.
[toc] | [prev] | [next] | [standalone]
| From | Chris Angelico <rosuav@gmail.com> |
|---|---|
| Date | 2013-11-09 17:37 +1100 |
| Message-ID | <mailman.2277.1383979076.18130.python-list@python.org> |
| In reply to | #58899 |
On Sat, Nov 9, 2013 at 5:32 PM, Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> wrote: > I'am not saying out of arrogance but i was really under the impression i had > secure my script. > > And i had until i made some new changes last night, which i think i have > corrected now as we speak. In other words, you closed off whatever you could see as being a problem, and then boasted that the script was secure... until someone proved to you that it wasn't. Your script is insecure by default, and you're band-aid patching everything you happen to be made aware of. What makes you think that it's now secure? ChrisA
[toc] | [prev] | [next] | [standalone]
| From | Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> |
|---|---|
| Date | 2013-11-09 09:05 +0200 |
| Message-ID | <l5kmse$22b$1@dont-email.me> |
| In reply to | #58901 |
Στις 9/11/2013 8:37 πμ, ο/η Chris Angelico έγραψε:
> On Sat, Nov 9, 2013 at 5:32 PM, Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> wrote:
>> I'am not saying out of arrogance but i was really under the impression i had
>> secure my script.
>>
>> And i had until i made some new changes last night, which i think i have
>> corrected now as we speak.
>
> In other words, you closed off whatever you could see as being a
> problem, and then boasted that the script was secure... until someone
> proved to you that it wasn't. Your script is insecure by default, and
> you're band-aid patching everything you happen to be made aware of.
> What makes you think that it's now secure?
>
> ChrisA
>
Its probably unwise to post the following snippet of code that validates
user input so an attacker wouldn't pass arbitrary values to my script
but what the heck.....
==================================
# initiate some local variables
htmlvalid = pyvalid = False
path = '/home/nikos/public_html/'
cgi_path = '/home/nikos/public_html/cgi-bin/'
# define how the .html or .python pages are called
file = form.getvalue('file') # this value should come only from
.htaccess and not as http://superhost.gr/~nikos/cgi-bin/metrites.py
page = form.getvalue('page') # this value comes from 'index.html' or
from within 'metrites.py'
# is it a python file or an html template?
if page and os.path.exists( cgi_path + page ):
pyvalid = True
elif os.path.exists( file ):
page = file.replace( path, '' )
htmlvalid = True
else:
file = 'forbidden'
.....
.....
if 'forbidden' in file:
print( '''<h2><font color=red>Δεν επιτρέπεται η απευθείας πρόσβαση στο
script παρά μόνον μέσω της αρχικής σελίδας! Ανακατεύθυνση σε 5...''' )
print( '''<meta http-equiv="REFRESH"
content="5;URL=http://superhost.gr">''' )
sys.exit(0)
==================================
Now, when it comes to database insertions i use this check to prevent
bogus data:
==================================
if cookieID != 'some_secret_here' and ( htmlvalid or pyvalid ) and
re.search(
r'(amazon|google|proxy|cloud|reverse|fetch|msn|who|spider|crawl|ping)',
host ) is None:
==================================
Even if i get re-hacked i'll find a security alternative.
[toc] | [prev] | [next] | [standalone]
| From | Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> |
|---|---|
| Date | 2013-11-09 09:54 +0200 |
| Message-ID | <l5kpnk$csv$1@dont-email.me> |
| In reply to | #58903 |
Στις 9/11/2013 9:05 πμ, ο/η Νίκος Αλεξόπουλος έγραψε:
> Στις 9/11/2013 8:37 πμ, ο/η Chris Angelico έγραψε:
>> On Sat, Nov 9, 2013 at 5:32 PM, Νίκος Αλεξόπουλος
>> <nikos.gr33k@gmail.com> wrote:
>>> I'am not saying out of arrogance but i was really under the
>>> impression i had
>>> secure my script.
>>>
>>> And i had until i made some new changes last night, which i think i have
>>> corrected now as we speak.
>>
>> In other words, you closed off whatever you could see as being a
>> problem, and then boasted that the script was secure... until someone
>> proved to you that it wasn't. Your script is insecure by default, and
>> you're band-aid patching everything you happen to be made aware of.
>> What makes you think that it's now secure?
>>
>> ChrisA
>>
>
>
> Its probably unwise to post the following snippet of code that validates
> user input so an attacker wouldn't pass arbitrary values to my script
> but what the heck.....
>
> ==================================
> # initiate some local variables
> htmlvalid = pyvalid = False
> path = '/home/nikos/public_html/'
> cgi_path = '/home/nikos/public_html/cgi-bin/'
>
> # define how the .html or .python pages are called
> file = form.getvalue('file') # this value should come only
> from .htaccess and not as http://superhost.gr/~nikos/cgi-bin/metrites.py
> page = form.getvalue('page') # this value comes from
> 'index.html' or from within 'metrites.py'
>
> # is it a python file or an html template?
> if page and os.path.exists( cgi_path + page ):
> pyvalid = True
> elif os.path.exists( file ):
> page = file.replace( path, '' )
> htmlvalid = True
> else:
> file = 'forbidden'
>
> .....
> .....
>
> if 'forbidden' in file:
> print( '''<h2><font color=red>Δεν επιτρέπεται η απευθείας πρόσβαση
> στο script παρά μόνον μέσω της αρχικής σελίδας! Ανακατεύθυνση σε
> 5...''' )
> print( '''<meta http-equiv="REFRESH"
> content="5;URL=http://superhost.gr">''' )
> sys.exit(0)
> ==================================
>
>
> Now, when it comes to database insertions i use this check to prevent
> bogus data:
>
> ==================================
> if cookieID != 'some_secret_here' and ( htmlvalid or pyvalid ) and
> re.search(
> r'(amazon|google|proxy|cloud|reverse|fetch|msn|who|spider|crawl|ping)',
> host ) is None:
> ==================================
>
> Even if i get re-hacked i'll find a security alternative.
>
>
How on earth did the hacker managed to alter the database again:
http://superhost.gr/?show=stats
i can't ****ing believe it!
He is actually trying to read sensitive stuff from my linux server by
passing arguments into 'page' variable like '../../../../etc/passwd'
How was he able to pass that info again....?!?!
[toc] | [prev] | [next] | [standalone]
| From | Νίκος Αλεξόπουλος <nikos.gr33k@gmail.com> |
|---|---|
| Date | 2013-11-09 10:31 +0200 |
| Message-ID | <l5krsu$lo5$1@dont-email.me> |
| In reply to | #58912 |
Στις 9/11/2013 9:54 πμ, ο/η Νίκος Αλεξόπουλος έγραψε:
> Στις 9/11/2013 9:05 πμ, ο/η Νίκος Αλεξόπουλος έγραψε:
>> Στις 9/11/2013 8:37 πμ, ο/η Chris Angelico έγραψε:
>>> On Sat, Nov 9, 2013 at 5:32 PM, Νίκος Αλεξόπουλος
>>> <nikos.gr33k@gmail.com> wrote:
>>>> I'am not saying out of arrogance but i was really under the
>>>> impression i had
>>>> secure my script.
>>>>
>>>> And i had until i made some new changes last night, which i think i
>>>> have
>>>> corrected now as we speak.
>>>
>>> In other words, you closed off whatever you could see as being a
>>> problem, and then boasted that the script was secure... until someone
>>> proved to you that it wasn't. Your script is insecure by default, and
>>> you're band-aid patching everything you happen to be made aware of.
>>> What makes you think that it's now secure?
>>>
>>> ChrisA
>>>
>>
>>
>> Its probably unwise to post the following snippet of code that validates
>> user input so an attacker wouldn't pass arbitrary values to my script
>> but what the heck.....
>>
>> ==================================
>> # initiate some local variables
>> htmlvalid = pyvalid = False
>> path = '/home/nikos/public_html/'
>> cgi_path = '/home/nikos/public_html/cgi-bin/'
>>
>> # define how the .html or .python pages are called
>> file = form.getvalue('file') # this value should come only
>> from .htaccess and not as http://superhost.gr/~nikos/cgi-bin/metrites.py
>> page = form.getvalue('page') # this value comes from
>> 'index.html' or from within 'metrites.py'
>>
>> # is it a python file or an html template?
>> if page and os.path.exists( cgi_path + page ):
>> pyvalid = True
>> elif os.path.exists( file ):
>> page = file.replace( path, '' )
>> htmlvalid = True
>> else:
>> file = 'forbidden'
>>
>> .....
>> .....
>>
>> if 'forbidden' in file:
>> print( '''<h2><font color=red>Δεν επιτρέπεται η απευθείας πρόσβαση
>> στο script παρά μόνον μέσω της αρχικής σελίδας! Ανακατεύθυνση σε
>> 5...''' )
>> print( '''<meta http-equiv="REFRESH"
>> content="5;URL=http://superhost.gr">''' )
>> sys.exit(0)
>> ==================================
>>
>>
>> Now, when it comes to database insertions i use this check to prevent
>> bogus data:
>>
>> ==================================
>> if cookieID != 'some_secret_here' and ( htmlvalid or pyvalid ) and
>> re.search(
>> r'(amazon|google|proxy|cloud|reverse|fetch|msn|who|spider|crawl|ping)',
>> host ) is None:
>> ==================================
>>
>> Even if i get re-hacked i'll find a security alternative.
>>
>>
>
>
>
> How on earth did the hacker managed to alter the database again:
>
> http://superhost.gr/?show=stats
>
> i can't ****ing believe it!
>
> He is actually trying to read sensitive stuff from my linux server by
> passing arguments into 'page' variable like '../../../../etc/passwd'
>
> How was he able to pass that info again....?!?!
Okey mighty one!
Try to do the same thing again and be successfull.
i know what you did last summer!
You took advantage of this is statemnt:
if page and os.path.exists( cgi_path + page ):
and manages to pass arbitrary values to page by giving input
of '../../../../etc/passwd' ehich is actually translated as:
if page and os.path.exists( '/home/nikos/public_html/cgi-bin/' +
'../../../../etc/passwd' ):
So
1. you actually are passign a value to page
2. you passed value is in fact exist as a
'pathname/to/a/linux/sensitive/file'
I know what i have to do now:
Alter the if to soemthing like:
if page and os.path.isfile( cgi_path + page ) and page should only
allowed to be an actual file but only from within the 'cgi-bin' directory.
Hence, i altered the code to this:
if page and os.path.isfile( cgi_path + page ) in os.listdir( cgi_path ):
Try pass bogus values again into my database!
[toc] | [prev] | [next] | [standalone]
Page 9 of 11 — ← Prev page 1 … 7 8 [9] 10 11 Next page →
Back to top | Article view | comp.lang.python
csiph-web