Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Messages - MultiformeIngegno
406
Off-topic / Meaning of usernames
« on October 11th, 2012, 07:26 PM »
I'm interested in knowing what your usernames mean and where they come from!! :D
Let's start from mine. "Multiforme Ingegno" is the italian translation of πολυτρόπως (polytropos), the first epithet Homer gives Odysseus in the Odyssey (in english it's something like "ingenious" or more precisely "ingenious in many ways"). :)
Let's start from mine. "Multiforme Ingegno" is the italian translation of πολυτρόπως (polytropos), the first epithet Homer gives Odysseus in the Odyssey (in english it's something like "ingenious" or more precisely "ingenious in many ways"). :)
407
Features / Re: Hellbanning, aka global ignore
« on October 3rd, 2012, 08:11 AM »
I'd go with core it that means a much cleaner version
408
Features / Re: $db_passwd and $ssi_db_passwd stored in a .htpasswd-like file
« on October 2nd, 2012, 11:55 PM »This sounds interesting. I could perhaps use the .htaccess file to host and protect an anonymous image board for members only, or a non-register oekaki board.
409
Features / Re: $db_passwd and $ssi_db_passwd stored in a .htpasswd-like file
« on October 2nd, 2012, 11:52 PM »
Oh, I see. Well I was a bit worried that the password is displayed in plain text.. what if apache/nginx is misconfigured and instead of serving the file (Settings.php), it's downloaded..?
What about storing the password in another file (randomly named/placed)..? Also, letting admins move that file around the server (for example in /var/www/something/.. or /home/user/...).. it's more likely to be protected there (it's more difficult to mess with permissions)!
What about storing the password in another file (randomly named/placed)..? Also, letting admins move that file around the server (for example in /var/www/something/.. or /home/user/...).. it's more likely to be protected there (it's more difficult to mess with permissions)!
410
Features / $db_passwd and $ssi_db_passwd stored in a .htpasswd-like file
« on October 2nd, 2012, 11:10 PM »
What about storing those variables in a MD5 encrypted file? Or - if this is too complex to setup for a "normal" user - we could give the possibility to manually set that method for "experienced" users..
412
The Pub / Re: Logo Madness
« on September 20th, 2012, 07:56 PM »
Don't like them much (I mean, the logos).. :whistle: :P
413
Features / Re: Sidebar emulation method in IE6/7
« on September 20th, 2012, 12:29 PM »
I'd say 1st..
414
The Pub / Re: Getting ready for an alpha release: CSS fixes
« on September 17th, 2012, 06:19 PM »
On my VPS I compiled PHP 5.4.7 so it's ok for me :lol: :eheh:
416
Off-topic / Re: PHPSESSID Brute force
« on August 22nd, 2012, 10:53 PM »I'm not sure, though, whether the same risk is also applicable to session_id() or not, if it is there's a much bigger problem.
That's what I mean. If someone brute-forces in the manner you're thinking, they're going to generate an obscene number of requests and even the most inept host is going to notice that. But with this technique, session stealing is potentially within the region of requests where hosts may or may not notice it.
What's the /dev/urandom thing?
EDIT: Ok, I read about urandom.. seems it's the maximum security method, but it's very likely slow, isn't it? It gathers all environmental data + the use of PRNG..
417
Off-topic / PHPSESSID Brute force
« on August 22nd, 2012, 02:02 PM »418
The Pub / Re: Print Page
« on August 20th, 2012, 11:29 PM »
I vote for making it plugin and have a css print page in core (also if it doesn't handle all the things that print page non-css does)..
419
Development blog / Re: Development, full speed ahead!
« on August 7th, 2012, 07:53 PM »
Good news!! :D
420
Off-topic / Re: The Internet Map
« on July 31st, 2012, 10:03 PM »
Uhm, their website is broken on mobile..