Comments for Little Impact

Comment on Automatic encryption of home directories using TrueCrypt 6.2a and pam_exec by Martin

Martin — Fri, 20 Aug 2010 20:22:41 +0000

Thanks for script.
For Ubuntu 10.04 and TrueCrypt 6.1a in /bin/cryptmount.sh file
instead:
head -c -1 | truecrypt -t –protect-hidden=no -k "" \
"$CRYPTVOLUME" "$MOUNTPOINT"
I changed to:
head | truecrypt -t –protect-hidden=no -k "" \
"$CRYPTVOLUME" "$MOUNTPOINT"
Because truecrypt (in this version) expect new line character after password

Comment on Automatic encryption of home directories using TrueCrypt 6.2a and pam_exec by Jochen Ritzel

Jochen Ritzel — Fri, 30 Apr 2010 15:41:18 +0000

Hey, thanks for all this, I had no idea what PAM can do, but worked out great. I just wanted to say that by now, `pam_exec` works out of the box on ubuntu, no need to compile anything. Also, it's much simpler to mount your encrypted media when you save them as favorites and mount them with `truecrypt –auto-mount=favorites –load-preferences` and dismount them with `truecrypt –dismount`

Comment on Constantize in Python by Justin

Justin — Thu, 17 Dec 2009 01:36:06 +0000

well, being able to obtain a reference to an object in the global namespace using its name as a string is orthogonal to deciding what you want to do with it. I was just providing a better alternative to using regular expressions and eval().

you could easily maintain a whitelist of names that you will allow lookups for. i.e.

whitelist = ['A','B']

def str2class(str):
return str in whitelist and globals()[str]

Comment on Constantize in Python by Henryk

Henryk — Wed, 16 Dec 2009 23:26:51 +0000

@Justin
Thank you for your comment. Your proposition looks better than an "eval",
but you still need to check whether the class is "allowed".

Comment on Constantize in Python by Justin

Justin — Wed, 16 Dec 2009 21:20:36 +0000

or you could just use globals()["MyClass"]

Comment on NoArchive-Tag for Robots-Meta by My Favorite WordPress Plugins | Daniel Haïm

My Favorite WordPress Plugins | Daniel Haïm — Thu, 26 Nov 2009 13:39:58 +0000

[...] Add noarchive tags to your blog (Thanks to Henryk Gerlach). [...]

Comment on Automatic encryption of home directories using TrueCrypt 6.2a and pam_exec by Henryk

Henryk — Sat, 10 Oct 2009 07:46:34 +0000

@Reid:
Yes, you're absolutely right. I fixed the post. Thank you and sorry for the inconvenience to all.

Comment on Automatic encryption of home directories using TrueCrypt 6.2a and pam_exec by Reid Linnemann

Reid Linnemann — Fri, 09 Oct 2009 19:28:18 +0000

I think there's a typo/misnomer here in rolling your own pam_exec.so. pam_1.0.1.orig.tar.gz doesn't have pam_exec patched for expose_authtok. I grabbed pam_1.1.0_orig.tar.gz and built a working pam_exec.so using the remaining instructions. If you follow the instructions as-is, the pam_exec module will think 'expose_authtok' is the command to run in the child process.

Comment on Constantize in Python by Little Impact » Blog Archive » Constantize with Care

Little Impact » Blog Archive » Constantize with Care — Tue, 15 Sep 2009 11:53:26 +0000

[...] I also have some notes on Constantize in Python. Share and [...]

Comment on Constantize with Care by Little Impact » Blog Archive » Constantize in Python

Little Impact » Blog Archive » Constantize in Python — Tue, 15 Sep 2009 11:49:48 +0000

[...] noted in another post constantize is prone to code injections. We have two protections built in. The regular expression makes sure that eval does not execute [...]