I was sourcing .env through my shell, which, I suspect, is a non-standard behavior, because this struck me as a bug:
DJANGO_SECRET_KEY=string
along with all the other variables are not quoted with single-apostrophe ticks ' ... which means that if there are characters that can be shell-evaluated, they will be. This also affects urls because of the & that may be possible in their strings, as well as other shell characters.
Shouldn't it be
DJANGO_SECRET_KEY='string'
?
Or am I doing it wrong .env never gets sourced by a shell?
The .env file is read by the package django-environ and bears no relationship to either the python or shell formatting, it literally wants <key>=<value>.
Yes, the .env file is meant to be consumed by the django-environ package.
For detailed usage, check out the GitHub repo.
Related
I am working on HP-UX project, there are a old document. Can open it with vim, but there are some special character among text. For example:
.P
"xxxxx"
.AL 1 10
.LI "xxx"
.H 3 "xxxx"
It looks like html but not be html. Is it possible convert it to modern document?
Looks like troff. Install GNU troff (Groff) and try:
groff -Thtml -pet -mm input.mm > output.html
I guess more details are needed - some ideas you may try:
First, issue a file command for the file. It will probably tell you what type of file is.
jim#debian:~$ file foo.bar
foo.bar: ASCII text
Second, search for similar files and see if there's a program to open them in the machine - maybe, they are binary files for some program out there, and you just don't know which one.
Last, but not least, I believe you are right - looks like HTML code to me, so maybe this is used by an application as a kind-of intermediate language, that is parsed later to transform it to real HTML.
I hope this helps!
I am trying to prevent the access on files outside of a given working directory.
My first attempt was to use chdir and chroot, but chroot can only be used by root users.
Is there any other possibility? I have heard something about another one, but I can't remember.
Perhaps a simple function to check if the path is outside of the working directory or second argument.
Some details about the program:
shall be run on Linux
simple shell programm without any interactive elements
takes a directory argument, which is the working directory
Thanks for any advices.
EDIT:
After some research I found different aproachments, but I can't use any of them.
pivot_root
set_fs_root (linux kernel)
Is there any possibility to use that?
Perhaps there is a possibility to open a file which is contained by a given directory. So I call the function with the argument file path and the "root" path where to look.
I'm assuming that you're on a Linux/MacOSX platform. There are a couple of ways. One is to create a special user for your program who owns that directory, but doesn't have write permissions to anything else in the system*. The other option is to use a program like SELinux to only allow certain operations to the program, but that seems like overkill.
*: You must always give the user read permissions. How will your program run without read access to glibc?
You might want to look into a restricted shell; I think most of the common shells have options for a restricted mode that disables cd, prevents changes to certain environment variables, and some other things. For pdksh, it would be /bin/ksh -r. The option differ for other shells, though, so read the appropriate manual page.
I'm working on a C application that has to walk $PATH to find full pathnames for binaries, and the only allowed dependency is glibc (i.e. no calling external programs like which). In the normal case, this just entails splitting getenv("PATH") by colons and checking each directory one by one, but I want to be sure I cover all of the possible corner cases. What gotchas should I look out for? In particular, are relative paths, paths starting with ~ meant to be expanded to $HOME, or paths containing the : char allowed?
One thing that once surprised me is that the empty string in PATH means the current directory. Two adjacent colons or a colon at the end or beginning of PATH means the current directory is included. This is documented in man bash for instance.
It also is in the POSIX specification.
So
PATH=:/bin
PATH=/bin:
PATH=/bin::/usr/bin
All mean the current directory is in PATH
I'm not sure this is a problem with Linux in general, but make sure that your code works if PATH has some funky (like, UTF-8) encoding to deal with directories with fancy letters. I suspect this might depend on the filesystem encoding.
I remember working on a bug report of some russian guy who had fancy letters in his user name (and hence, his home directory name which appeared in PATH).
This is minor but I'll added it since it hasn't already been mentioned. $PATH can include both absolute and relative paths. If your crawling the paths list by chdir(2)ing into each directory, you need to keep track of the original working directory (getcwd(3)) and chdir(2) back to it at each iteration of the crawl.
The existing answers cover most of it, but it's worth covering parts of the question that wasn't answered yet:
$ and ~ are not special in the value of $PATH.
If $PATH is not set at all, execvp() will use a default value.
Is putting a space in a directory name still a big deal? I've been doing some reading, but all the articles are from the early 2000s. Is it a problem now?
For those who don't get what I mean: public_html/space directory/index.html
If this is still an issue, why shouldn't I use spaces when naming files and directories?
Spaces in URLs are still special characters that need to be escaped or encoded (either a + or %20).
Well, I am still crossing fingers when executing external processes (from ant or Java's ProcessBuilder for example). If you just pass this dir to the external process within the command - it may break apart in two arguments which is clearly not what you want.
Some quoting and minding the spaces is still required in some usecases.
Hello I'm trying to get Perforce syntax to obtain (for example using "fstat") list of files only in given folder (depot), without rubbish from all sub-folders. But I was not able to find anything in the docs, nothing related when using Google, even experimenting with ".", ".../." etc. lead me to nowhere...
Is that because it's not possible at all? I can't understand why... Isn't that a performance back hit?!
Thanks in advance.
Seb.
A single '*' expands to "all files in this directory" in p4 (no subdirectories). So, e.g. at a Unix shell prompt, in the correct directory in a perforce client:
$ p4 fstat '*'
You need to quote or escape the * to avoid the shell expanding it, of course;-).
Ah finally.
It was partially my own fault - I'd set ExceptionLevel to ExceptionOnBothErrorsAndWarnings... I needed full debug... Unfortunately:
When exception was raised - there was no Response object created, and I could not read the warning message, which wasn't part of the exception message (or object).
Using '//depot/Folder1/Folderx/*' thrown warning "No such file(s)!" - what is not something that developer might expect... As not being any special case...
It seems that I have still much to learn on the Perforce though :-/
Thank you guys for your posting.
Seb.