Fri Nov 22 00:14:03 2024
EVENTS
 FREE
SOFTWARE
INSTITUTE

POLITICS
JOBS
MEMBERS'
CORNER

MAILING
LIST

NYLXS Mailing Lists and Archives
NYLXS Members have a lot to say and share but we don't keep many secrets. Join the Hangout Mailing List and say your peice.

DATE 2013-03-01

HANGOUT

2024-11-22 | 2024-10-22 | 2024-09-22 | 2024-08-22 | 2024-07-22 | 2024-06-22 | 2024-05-22 | 2024-04-22 | 2024-03-22 | 2024-02-22 | 2024-01-22 | 2023-12-22 | 2023-11-22 | 2023-10-22 | 2023-09-22 | 2023-08-22 | 2023-07-22 | 2023-06-22 | 2023-05-22 | 2023-04-22 | 2023-03-22 | 2023-02-22 | 2023-01-22 | 2022-12-22 | 2022-11-22 | 2022-10-22 | 2022-09-22 | 2022-08-22 | 2022-07-22 | 2022-06-22 | 2022-05-22 | 2022-04-22 | 2022-03-22 | 2022-02-22 | 2022-01-22 | 2021-12-22 | 2021-11-22 | 2021-10-22 | 2021-09-22 | 2021-08-22 | 2021-07-22 | 2021-06-22 | 2021-05-22 | 2021-04-22 | 2021-03-22 | 2021-02-22 | 2021-01-22 | 2020-12-22 | 2020-11-22 | 2020-10-22 | 2020-09-22 | 2020-08-22 | 2020-07-22 | 2020-06-22 | 2020-05-22 | 2020-04-22 | 2020-03-22 | 2020-02-22 | 2020-01-22 | 2019-12-22 | 2019-11-22 | 2019-10-22 | 2019-09-22 | 2019-08-22 | 2019-07-22 | 2019-06-22 | 2019-05-22 | 2019-04-22 | 2019-03-22 | 2019-02-22 | 2019-01-22 | 2018-12-22 | 2018-11-22 | 2018-10-22 | 2018-09-22 | 2018-08-22 | 2018-07-22 | 2018-06-22 | 2018-05-22 | 2018-04-22 | 2018-03-22 | 2018-02-22 | 2018-01-22 | 2017-12-22 | 2017-11-22 | 2017-10-22 | 2017-09-22 | 2017-08-22 | 2017-07-22 | 2017-06-22 | 2017-05-22 | 2017-04-22 | 2017-03-22 | 2017-02-22 | 2017-01-22 | 2016-12-22 | 2016-11-22 | 2016-10-22 | 2016-09-22 | 2016-08-22 | 2016-07-22 | 2016-06-22 | 2016-05-22 | 2016-04-22 | 2016-03-22 | 2016-02-22 | 2016-01-22 | 2015-12-22 | 2015-11-22 | 2015-10-22 | 2015-09-22 | 2015-08-22 | 2015-07-22 | 2015-06-22 | 2015-05-22 | 2015-04-22 | 2015-03-22 | 2015-02-22 | 2015-01-22 | 2014-12-22 | 2014-11-22 | 2014-10-22 | 2014-09-22 | 2014-08-22 | 2014-07-22 | 2014-06-22 | 2014-05-22 | 2014-04-22 | 2014-03-22 | 2014-02-22 | 2014-01-22 | 2013-12-22 | 2013-11-22 | 2013-10-22 | 2013-09-22 | 2013-08-22 | 2013-07-22 | 2013-06-22 | 2013-05-22 | 2013-04-22 | 2013-03-22 | 2013-02-22 | 2013-01-22 | 2012-12-22 | 2012-11-22 | 2012-10-22 | 2012-09-22 | 2012-08-22 | 2012-07-22 | 2012-06-22 | 2012-05-22 | 2012-04-22 | 2012-03-22 | 2012-02-22 | 2012-01-22 | 2011-12-22 | 2011-11-22 | 2011-10-22 | 2011-09-22 | 2011-08-22 | 2011-07-22 | 2011-06-22 | 2011-05-22 | 2011-04-22 | 2011-03-22 | 2011-02-22 | 2011-01-22 | 2010-12-22 | 2010-11-22 | 2010-10-22 | 2010-09-22 | 2010-08-22 | 2010-07-22 | 2010-06-22 | 2010-05-22 | 2010-04-22 | 2010-03-22 | 2010-02-22 | 2010-01-22 | 2009-12-22 | 2009-11-22 | 2009-10-22 | 2009-09-22 | 2009-08-22 | 2009-07-22 | 2009-06-22 | 2009-05-22 | 2009-04-22 | 2009-03-22 | 2009-02-22 | 2009-01-22 | 2008-12-22 | 2008-11-22 | 2008-10-22 | 2008-09-22 | 2008-08-22 | 2008-07-22 | 2008-06-22 | 2008-05-22 | 2008-04-22 | 2008-03-22 | 2008-02-22 | 2008-01-22 | 2007-12-22 | 2007-11-22 | 2007-10-22 | 2007-09-22 | 2007-08-22 | 2007-07-22 | 2007-06-22 | 2007-05-22 | 2007-04-22 | 2007-03-22 | 2007-02-22 | 2007-01-22 | 2006-12-22 | 2006-11-22 | 2006-10-22 | 2006-09-22 | 2006-08-22 | 2006-07-22 | 2006-06-22 | 2006-05-22 | 2006-04-22 | 2006-03-22 | 2006-02-22 | 2006-01-22 | 2005-12-22 | 2005-11-22 | 2005-10-22 | 2005-09-22 | 2005-08-22 | 2005-07-22 | 2005-06-22 | 2005-05-22 | 2005-04-22 | 2005-03-22 | 2005-02-22 | 2005-01-22 | 2004-12-22 | 2004-11-22 | 2004-10-22 | 2004-09-22 | 2004-08-22 | 2004-07-22 | 2004-06-22 | 2004-05-22 | 2004-04-22 | 2004-03-22 | 2004-02-22 | 2004-01-22 | 2003-12-22 | 2003-11-22 | 2003-10-22 | 2003-09-22 | 2003-08-22 | 2003-07-22 | 2003-06-22 | 2003-05-22 | 2003-04-22 | 2003-03-22 | 2003-02-22 | 2003-01-22 | 2002-12-22 | 2002-11-22 | 2002-10-22 | 2002-09-22 | 2002-08-22 | 2002-07-22 | 2002-06-22 | 2002-05-22 | 2002-04-22 | 2002-03-22 | 2002-02-22 | 2002-01-22 | 2001-12-22 | 2001-11-22 | 2001-10-22 | 2001-09-22 | 2001-08-22 | 2001-07-22 | 2001-06-22 | 2001-05-22 | 2001-04-22 | 2001-03-22 | 2001-02-22 | 2001-01-22 | 2000-12-22 | 2000-11-22 | 2000-10-22 | 2000-09-22 | 2000-08-22 | 2000-07-22 | 2000-06-22 | 2000-05-22 | 2000-04-22 | 2000-03-22 | 2000-02-22 | 2000-01-22 | 1999-12-22

Key: Value:

Key: Value:

MESSAGE
DATE 2013-03-22
FROM Elfen Magix
SUBJECT Re: [NYLXS - HANGOUT] yabb
From owner-hangout-outgoing-at-mrbrklyn.com Fri Mar 22 15:09:25 2013
Return-Path:
X-Original-To: archive-at-mrbrklyn.com
Delivered-To: archive-at-mrbrklyn.com
Received: by mrbrklyn.com (Postfix)
id A8E4D161CAD; Fri, 22 Mar 2013 15:09:24 -0400 (EDT)
Delivered-To: hangout-outgoing-at-mrbrklyn.com
Received: by mrbrklyn.com (Postfix, from userid 28)
id 9917A161CB0; Fri, 22 Mar 2013 15:09:24 -0400 (EDT)
Delivered-To: hangout-at-mrbrklyn.com
Received: from nm14-vm1.bullet.mail.ne1.yahoo.com (nm14-vm1.bullet.mail.ne1.yahoo.com [98.138.91.38])
by mrbrklyn.com (Postfix) with ESMTP id B96E8161CAD
for ; Fri, 22 Mar 2013 15:09:23 -0400 (EDT)
Received: from [98.138.90.55] by nm14.bullet.mail.ne1.yahoo.com with NNFMP; 22 Mar 2013 19:09:22 -0000
Received: from [98.138.89.172] by tm8.bullet.mail.ne1.yahoo.com with NNFMP; 22 Mar 2013 19:09:22 -0000
Received: from [127.0.0.1] by omp1028.mail.ne1.yahoo.com with NNFMP; 22 Mar 2013 19:09:22 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: 19640.12284.bm-at-omp1028.mail.ne1.yahoo.com
Received: (qmail 98232 invoked by uid 60001); 22 Mar 2013 19:09:21 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1363979361; bh=91oUl5MQUiT1giZIDW6ZcP/iWlR9jTf0kQjJWwh9ccE=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=uBF5zTi+LFFVBGoq9w1QmRFKF+BYf0gDVHZzFfx+hfzWxJtMFwdgjZMayja5bfDUOSb3iM81YkRCqyTF++snb1sDOYntEtG4YGUFHs8HjeKrktObfCzuDs3AL0P8lal/0UGrWityvpB2gbFDSFPE5Utve73z7eVGSzwoz2wj0d4=
DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.com;
h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:Message-ID:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type;
b=g4AF+/HGNfLIoF8OEXU1i9wKgC3tc+2WDBs3YfRgtepP/7I/rZK6a/ak+UfyoC4t1A0Oh4sBc5o3xYBLvrDiYfwmmFmHh0O21MeFOrdDwKjKvyHE0AIeWlcr1ZN+a7fHFKkZ4lqlzobuvMO32+6gQb5kKZ0N3B/2J6/zP+8U4tM=;
X-YMail-OSG: g2UBrSkVM1nQfRPaLejEcA3Ys7yuLaJbZ64qEWQj1iguUt_
6d3s64jsmLmtXlnz6dbPky0RaJPGzjBMKNJ305g88qBoeUSWDx0yLz2TcnLq
9vbaDOaaLeTmx22iQoid_3N4BTGlrFumydBwPGkMOqwh.Do47BFPkxZrL5ls
vVSm9DGI1dS9A4Q2vzv8ndbky.xxDEzoNSA2mJzI.LqQuDnL5mB8ZZ7F6Uqw
AwmKoHH82rdJoB25ugVmMkvdTOV6zzisMy.Vij_IXbAeeS3Amh5VWGthaXWP
Ani8.g1SSvh0AuiePNHFAPyn9e1HwXtYnCM4pCGCf1TtQkvG3mcf9RiDMpfO
u99Nife0UGXhdzFbi9uGOehaBKvkIapRMXTvCjSYfpOwpkMohfCAaIgEAnjm
2nl8YXx7aXbKDaorgS5JOsEff0IkkeoeuE5O.muL22mXPfxNJSZcl6temEwA
d2w4wBwjWQj.svnzue3ch5JXFRx4hnGsxrqVPsqQ0FfCENJFPUW989ut0K1a
wcjLdxey8Yied3F_gT_FGVF..oz.ypydkIfhLv6_r.TYEBwSLbiHMa2vFUFB
eGGQ.mJAfnexX68Kt2ficLOyjjDtFRbd3JXr68H0ak8yNknS3pH4bZ4uqv75
eLnrNGidhrVMoSLyZAko_iujnAQSwJ6.wklbb5Hkc3SFR9uwqqUlow7FfMC8
VwAH5OFpWSX7aRWVOQK2FDylC_aYIkzYT14AscWyPM0U3_tu9TffX3ZA1Cut
EJfOEkQ6PBzvZAffhnhlSICV34ecQnfUyIbLth9aGs6FcbJ0Hpai1CTLHLHu
U51ZTmrdijIzIi5u9S3pY54Fj
Received: from [65.88.88.63] by web120103.mail.ne1.yahoo.com via HTTP; Fri, 22 Mar 2013 12:09:21 PDT
X-Rocket-MIMEInfo: 002.001,SSBmb3Jnb3QgdG8gbWVudGlvbiB0aGF0IHlvdSBkbyBub3QgaGF2ZSB0byBhZGQgdG8gQXBhY2hlJ3MgcnVsZXMgd2l0aCBNb2QgUmV3cml0ZS4gSXQgY2FuIGJlIGRvbmUgd2l0aGluIHRoZSAuaHRhY2Nlc3MgZmlsZSBpbiBZYUJCJ3MgZm9sZGVyIGluIHRoZSBDR0kuDQpCVFcgLSBZYUJCIHNldHMgdXAgaXRzIG93biAuaHRhY2Nlc3MgZmlsZSBpZiB5b3Ugc2V0IHVwIEd1YXJkaWFuIGluIHRoZSBhZG1pbiBwYW5lbCBmb3IgYmxvY2tlZCBJUHMuIEkgd291bGQgYWR2aXNlIHNldHRpbmcgdXAgdGhlIGd1YXIBMAEBAQE-
X-Mailer: YahooMailClassic/15.1.7 YahooMailWebService/0.8.138.524
Message-ID: <1363979361.97972.YahooMailClassic-at-web120103.mail.ne1.yahoo.com>
Date: Fri, 22 Mar 2013 12:09:21 -0700 (PDT)
From: Elfen Magix
Subject: Re: [NYLXS - HANGOUT] yabb
To: hangout-at-mrbrklyn.com
In-Reply-To: <1363977856.71992.YahooMailClassic-at-web120103.mail.ne1.yahoo.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="-955686164-1023625480-1363979361=:97972"
Sender: owner-hangout-at-mrbrklyn.com
Precedence: bulk
Reply-To: hangout-at-mrbrklyn.com

---955686164-1023625480-1363979361=:97972
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

I forgot to mention that you do not have to add to Apache's rules with Mod =
Rewrite. It can be done within the .htaccess file in YaBB's folder in the C=
GI.
BTW - YaBB sets up its own .htaccess file if you set up Guardian in the adm=
in panel for blocked IPs. I would advise setting up the guardian in YaBB fi=
rst and then add the rewite rules to that .htaccess file.

--- On Fri, 3/22/13, Elfen Magix wrote:

From: Elfen Magix
Subject: Re: [NYLXS - HANGOUT] yabb
To: hangout-at-mrbrklyn.com
Date: Friday, March 22, 2013, 2:44 PM

If you want Mod Rewrite Rules, you are going to need to know where the file=
s are.
To sort this craziness out you have to figure where the board are. That is =
in cgi-bin/Boards.http://www.hondosackett.com/yabb/YaBB.pl?board=3Dsignpost
But the threads are listed by date created in each board file in the Boards=
Directory. Adding to the insanity, the threads are in their own directory/=
folder called "Messages" and there are two files to go with it - the .txt f=
ile which is the actual thread and the .ctb which is an index of that file =
(who started it, when, what permissions are allowed, etc.) and keeps track =
of the thread added posts.
Within Yabb, all this is figured out with several perl files, including Yab=
b.pl.
To do a simple rewrite mod for YaBB, you need to=0A convert from the cgi-bi=
n to without it.I'm guessing it would be:RewriteRule ^cgi-bin/YaBB.pl$ Y=
aBB/$Dont count on it for it may look like it, it is not the answer.See: ht=
tp://httpd.apache.org/docs/2.0/misc/rewriteguide.htmland: http://httpd.apac=
he.org/docs/current/mod/mod_rewrite.html- and search 'cgi' within the docum=
ents.
--- On Wed, 3/20/13, Ruben Safir wrote:

From: Ruben Safir
Subject: Re: [NYLXS - HANGOUT] yabb
To: hangout-at-mrbrklyn.com
Date: Wednesday, March 20, 2013, 11:03 AM

On Wed, Mar 20, 2013 at 09:38:30AM -0400, David Sugar wrote:
> Isn't this what the existing apache uri rewrite rules/module is also norm=
ally
> used=0A for, to do translations between uri paths and cgi arguments?=A0 I=
recall
> mediawiki can use rewrite rules to normalize document paths to feed the c=
ore
> app.=A0 Why do they have/want to do it differently than anyone else has?
> Doing it as a kind of redirect just seems bizaare to me.=A0 But I have he=
ard
> equally bizzare things recently, like people insisting that file managers
> should now only present case insensitive file ordering, when of course th=
e
> native file system is and always have been case sensitive...

I'd have to look at the specifics of what your refering to, but while in
the Pharmacy, the essential difference would be regular expression
mapping wbich would be a fairly large security hole for a standard
setup, or any set up with usage of an .htaccess file.=A0 It would allow
for anyone to inject anything at all into cgi as a get statement.=20


Ruben


>=0A=20
> Ruben Safir wrote:
>=20
> > This is an example of something that is just a PIA to churn through,
> > partly because these idiots are splicing an ISII crapolla fix into
> > their "documentations", and secondly because assume your sitting on
> > someone elses webserver, rather than your own, and thirdly because=20
> > they believe that your apache set up has a rather rare and somewhat
> > insecure module installed for RedirectMatchUrl, and then ...
> >=20
> > their last instruction fails to identify what the hell the code is
> > for!=A0 Is it httpd.conf?=A0 Is it perl code to drop into the applicati=
on?
> >=20
> > The who concept is to redirect a static uri like
> >=20
> > http://www.myuri.com/messages/some_numbers_as_arguments
> >=0A=20
> > to their cgi engine automaticaly, to be translated to look
> > internally as something like this:
> >=20
> >=A0=20
> > http://www.myuri.com/cgi-bin/yabb.pl?some_numbers_as_arguments
> >=20
> >=20
> > It would be just simpler to drop down to mod_perl and add it as a
> > script into the apache calls under the URI of=20
> >=20
> > http://www.myuri.com/messages/=20
> >=20
> > and be done with it....
> >=20
> > The whole discussion of symbolic links to directories is just confussin=
g
> > the issue.=A0 There doesn't need to be any real directory when the serv=
er
> > is picking up that uri and handling it entirely within the apache
> > engine.
> >=0A=20
> > Ruben
> >=20

---955686164-1023625480-1363979361=:97972
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

top" style=3D"font: inherit;">I forgot to mention that you do not have to a=
dd to Apache's rules with Mod Rewrite. It can be done within the .htaccess =
file in YaBB's folder in the CGI.

BTW - YaBB sets up its=
own .htaccess file if you set up Guardian in the admin panel for blocked I=
Ps. I would advise setting up the guardian in YaBB first and then add the r=
ewite rules to that .htaccess file.

--- On Fri, 3/22/13, Elfen Ma=
gix <elfen_magix-at-yahoo.com>
wrote:
"border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5=
px;">
From: Elfen Magix <elfen_magix-at-yahoo.com>
Subject: Re: [N=
YLXS - HANGOUT] yabb
To: hangout-at-mrbrklyn.com
Date: Friday, March 22,=
2013, 2:44 PM

llpadding=3D"0" border=3D"0">
herit;">If you
want Mod Rewrite Rules, you are going to need to know where the files are.=

To sort this craziness out you have to figure where the=
board are. That is in cgi-bin/Boards.
http://www.hondosackett.co=
m/yabb/YaBB.pl?board=3Dsignpost

But the threads ar=
e listed by date created in each board file in the Boards Directory. Adding=
to the insanity, the threads are in their own directory/folder called "Mes=
sages" and there are two files to go with it - the .txt file which is the a=
ctual thread and the .ctb which is an index of that file (who started it, w=
hen, what permissions are allowed, etc.) and keeps track of the thread adde=
d posts.

Within Yabb, all this is figured out with=
several perl files, including Yabb.pl.

To do a si=
mple rewrite mod for YaBB, you need to=0A convert from the cgi-bin to witho=
ut it.
I'm guessing it would be:
RewriteRule   ^cg=
i-bin/YaBB.pl$ YaBB/$
Dont count on it for it may look like it, =
it is not the answer.
See: http://httpd.apache.org/docs/2.0/misc/=
rewriteguide.html
and: http://httpd.apache.org/docs/current/mod/m=
od_rewrite.html
- and search 'cgi' within the documents.
iv>

--- On Wed, 3/20/13, Ruben Safir <mrbrklyn-at-=
panix.com>
wrote:
rgb(16, 16, 255);margin-left:5px;padding-left:5px;">
From: Ruben Safir &=
lt;mrbrklyn-at-panix.com>
Subject: Re: [NYLXS - HANGOUT] yabb
To: han=
gout-at-mrbrklyn.com
Date: Wednesday, March 20, 2013, 11:03 AM

class=3D"yiv1833021656plainMail">On Wed, Mar 20, 2013 at 09:38:30AM -0400, =
David Sugar wrote:
> Isn't this what the existing apache uri rewrite =
rules/module is also normally
>
used=0A for, to do translations between uri paths and cgi arguments? =
I recall
> mediawiki can use rewrite rules to normalize document pat=
hs to feed the core
> app.  Why do they have/want to do it diffe=
rently than anyone else has?
> Doing it as a kind of redirect just se=
ems bizaare to me.  But I have heard
> equally bizzare things re=
cently, like people insisting that file managers
> should now only pr=
esent case insensitive file ordering, when of course the
> native fil=
e system is and always have been case sensitive...

I'd have to look =
at the specifics of what your refering to, but while in
the Pharmacy, th=
e essential difference would be regular expression
mapping wbich would b=
e a fairly large security hole for a standard
setup, or any set up with =
usage of an .htaccess file.  It would allow
for anyone to inject an=
ything at all into cgi as a get statement.


Ruben


>=
;=0A
> Ruben Safir wrote:
>
> > This is an example o=
f something that is just a PIA to churn through,
> > partly becaus=
e these idiots are splicing an ISII crapolla fix into
> > their "d=
ocumentations", and secondly because assume your sitting on
> > so=
meone elses webserver, rather than your own, and thirdly because
> &=
gt; they believe that your apache set up has a rather rare and somewhat
=
> > insecure module installed for RedirectMatchUrl, and then ...
&=
gt; >
> > their last instruction fails to identify what the he=
ll the code is
> > for!  Is it httpd.conf?  Is it perl c=
ode to drop into the application?
> >
> > The who concep=
t is to redirect a static uri like
> >
> > ollow" target=3D"_blank"
href=3D"http://www.myuri.com/messages/some_numbers_as_arguments">http://ww=
w.myuri.com/messages/some_numbers_as_arguments

> >=0A
>=
> to their cgi engine automaticaly, to be translated to look
> &g=
t; internally as something like this:
> >
> > 
=
> > m/cgi-bin/yabb.pl?some_numbers_as_arguments">http://www.myuri.com/cgi-bin/y=
abb.pl?some_numbers_as_arguments

> >
> >
> &g=
t; It would be just simpler to drop down to mod_perl and add it as a
>=
; > script into the apache calls under the URI of
> >
>=
> ssages/">http://www.myuri.com/messages/
> >
> > and=
be done with it....
> >
> > The whole discussion of sym=
bolic links to directories is just confussing
> > the issue. =
There doesn't need to be any real directory when the server
> > i=
s picking up that uri and handling it entirely within the
apache
> > engine.
> >=0A
> > Ruben
> &g=
t;
e>

---955686164-1023625480-1363979361=:97972--

---955686164-1023625480-1363979361=:97972
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

I forgot to mention that you do not have to add to Apache's rules with Mod =
Rewrite. It can be done within the .htaccess file in YaBB's folder in the C=
GI.
BTW - YaBB sets up its own .htaccess file if you set up Guardian in the adm=
in panel for blocked IPs. I would advise setting up the guardian in YaBB fi=
rst and then add the rewite rules to that .htaccess file.

--- On Fri, 3/22/13, Elfen Magix wrote:

From: Elfen Magix
Subject: Re: [NYLXS - HANGOUT] yabb
To: hangout-at-mrbrklyn.com
Date: Friday, March 22, 2013, 2:44 PM

If you want Mod Rewrite Rules, you are going to need to know where the file=
s are.
To sort this craziness out you have to figure where the board are. That is =
in cgi-bin/Boards.http://www.hondosackett.com/yabb/YaBB.pl?board=3Dsignpost
But the threads are listed by date created in each board file in the Boards=
Directory. Adding to the insanity, the threads are in their own directory/=
folder called "Messages" and there are two files to go with it - the .txt f=
ile which is the actual thread and the .ctb which is an index of that file =
(who started it, when, what permissions are allowed, etc.) and keeps track =
of the thread added posts.
Within Yabb, all this is figured out with several perl files, including Yab=
b.pl.
To do a simple rewrite mod for YaBB, you need to=0A convert from the cgi-bi=
n to without it.I'm guessing it would be:RewriteRule ^cgi-bin/YaBB.pl$ Y=
aBB/$Dont count on it for it may look like it, it is not the answer.See: ht=
tp://httpd.apache.org/docs/2.0/misc/rewriteguide.htmland: http://httpd.apac=
he.org/docs/current/mod/mod_rewrite.html- and search 'cgi' within the docum=
ents.
--- On Wed, 3/20/13, Ruben Safir wrote:

From: Ruben Safir
Subject: Re: [NYLXS - HANGOUT] yabb
To: hangout-at-mrbrklyn.com
Date: Wednesday, March 20, 2013, 11:03 AM

On Wed, Mar 20, 2013 at 09:38:30AM -0400, David Sugar wrote:
> Isn't this what the existing apache uri rewrite rules/module is also norm=
ally
> used=0A for, to do translations between uri paths and cgi arguments?=A0 I=
recall
> mediawiki can use rewrite rules to normalize document paths to feed the c=
ore
> app.=A0 Why do they have/want to do it differently than anyone else has?
> Doing it as a kind of redirect just seems bizaare to me.=A0 But I have he=
ard
> equally bizzare things recently, like people insisting that file managers
> should now only present case insensitive file ordering, when of course th=
e
> native file system is and always have been case sensitive...

I'd have to look at the specifics of what your refering to, but while in
the Pharmacy, the essential difference would be regular expression
mapping wbich would be a fairly large security hole for a standard
setup, or any set up with usage of an .htaccess file.=A0 It would allow
for anyone to inject anything at all into cgi as a get statement.=20


Ruben


>=0A=20
> Ruben Safir wrote:
>=20
> > This is an example of something that is just a PIA to churn through,
> > partly because these idiots are splicing an ISII crapolla fix into
> > their "documentations", and secondly because assume your sitting on
> > someone elses webserver, rather than your own, and thirdly because=20
> > they believe that your apache set up has a rather rare and somewhat
> > insecure module installed for RedirectMatchUrl, and then ...
> >=20
> > their last instruction fails to identify what the hell the code is
> > for!=A0 Is it httpd.conf?=A0 Is it perl code to drop into the applicati=
on?
> >=20
> > The who concept is to redirect a static uri like
> >=20
> > http://www.myuri.com/messages/some_numbers_as_arguments
> >=0A=20
> > to their cgi engine automaticaly, to be translated to look
> > internally as something like this:
> >=20
> >=A0=20
> > http://www.myuri.com/cgi-bin/yabb.pl?some_numbers_as_arguments
> >=20
> >=20
> > It would be just simpler to drop down to mod_perl and add it as a
> > script into the apache calls under the URI of=20
> >=20
> > http://www.myuri.com/messages/=20
> >=20
> > and be done with it....
> >=20
> > The whole discussion of symbolic links to directories is just confussin=
g
> > the issue.=A0 There doesn't need to be any real directory when the serv=
er
> > is picking up that uri and handling it entirely within the apache
> > engine.
> >=0A=20
> > Ruben
> >=20

---955686164-1023625480-1363979361=:97972
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

top" style=3D"font: inherit;">I forgot to mention that you do not have to a=
dd to Apache's rules with Mod Rewrite. It can be done within the .htaccess =
file in YaBB's folder in the CGI.

BTW - YaBB sets up its=
own .htaccess file if you set up Guardian in the admin panel for blocked I=
Ps. I would advise setting up the guardian in YaBB first and then add the r=
ewite rules to that .htaccess file.

--- On Fri, 3/22/13, Elfen Ma=
gix <elfen_magix-at-yahoo.com>
wrote:
"border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5=
px;">
From: Elfen Magix <elfen_magix-at-yahoo.com>
Subject: Re: [N=
YLXS - HANGOUT] yabb
To: hangout-at-mrbrklyn.com
Date: Friday, March 22,=
2013, 2:44 PM

llpadding=3D"0" border=3D"0">
herit;">If you
want Mod Rewrite Rules, you are going to need to know where the files are.=

To sort this craziness out you have to figure where the=
board are. That is in cgi-bin/Boards.
http://www.hondosackett.co=
m/yabb/YaBB.pl?board=3Dsignpost

But the threads ar=
e listed by date created in each board file in the Boards Directory. Adding=
to the insanity, the threads are in their own directory/folder called "Mes=
sages" and there are two files to go with it - the .txt file which is the a=
ctual thread and the .ctb which is an index of that file (who started it, w=
hen, what permissions are allowed, etc.) and keeps track of the thread adde=
d posts.

Within Yabb, all this is figured out with=
several perl files, including Yabb.pl.

To do a si=
mple rewrite mod for YaBB, you need to=0A convert from the cgi-bin to witho=
ut it.
I'm guessing it would be:
RewriteRule   ^cg=
i-bin/YaBB.pl$ YaBB/$
Dont count on it for it may look like it, =
it is not the answer.
See: http://httpd.apache.org/docs/2.0/misc/=
rewriteguide.html
and: http://httpd.apache.org/docs/current/mod/m=
od_rewrite.html
- and search 'cgi' within the documents.
iv>

--- On Wed, 3/20/13, Ruben Safir <mrbrklyn-at-=
panix.com>
wrote:
rgb(16, 16, 255);margin-left:5px;padding-left:5px;">
From: Ruben Safir &=
lt;mrbrklyn-at-panix.com>
Subject: Re: [NYLXS - HANGOUT] yabb
To: han=
gout-at-mrbrklyn.com
Date: Wednesday, March 20, 2013, 11:03 AM

class=3D"yiv1833021656plainMail">On Wed, Mar 20, 2013 at 09:38:30AM -0400, =
David Sugar wrote:
> Isn't this what the existing apache uri rewrite =
rules/module is also normally
>
used=0A for, to do translations between uri paths and cgi arguments? =
I recall
> mediawiki can use rewrite rules to normalize document pat=
hs to feed the core
> app.  Why do they have/want to do it diffe=
rently than anyone else has?
> Doing it as a kind of redirect just se=
ems bizaare to me.  But I have heard
> equally bizzare things re=
cently, like people insisting that file managers
> should now only pr=
esent case insensitive file ordering, when of course the
> native fil=
e system is and always have been case sensitive...

I'd have to look =
at the specifics of what your refering to, but while in
the Pharmacy, th=
e essential difference would be regular expression
mapping wbich would b=
e a fairly large security hole for a standard
setup, or any set up with =
usage of an .htaccess file.  It would allow
for anyone to inject an=
ything at all into cgi as a get statement.


Ruben


>=
;=0A
> Ruben Safir wrote:
>
> > This is an example o=
f something that is just a PIA to churn through,
> > partly becaus=
e these idiots are splicing an ISII crapolla fix into
> > their "d=
ocumentations", and secondly because assume your sitting on
> > so=
meone elses webserver, rather than your own, and thirdly because
> &=
gt; they believe that your apache set up has a rather rare and somewhat
=
> > insecure module installed for RedirectMatchUrl, and then ...
&=
gt; >
> > their last instruction fails to identify what the he=
ll the code is
> > for!  Is it httpd.conf?  Is it perl c=
ode to drop into the application?
> >
> > The who concep=
t is to redirect a static uri like
> >
> > ollow" target=3D"_blank"
href=3D"http://www.myuri.com/messages/some_numbers_as_arguments">http://ww=
w.myuri.com/messages/some_numbers_as_arguments

> >=0A
>=
> to their cgi engine automaticaly, to be translated to look
> &g=
t; internally as something like this:
> >
> > 
=
> > m/cgi-bin/yabb.pl?some_numbers_as_arguments">http://www.myuri.com/cgi-bin/y=
abb.pl?some_numbers_as_arguments

> >
> >
> &g=
t; It would be just simpler to drop down to mod_perl and add it as a
>=
; > script into the apache calls under the URI of
> >
>=
> ssages/">http://www.myuri.com/messages/
> >
> > and=
be done with it....
> >
> > The whole discussion of sym=
bolic links to directories is just confussing
> > the issue. =
There doesn't need to be any real directory when the server
> > i=
s picking up that uri and handling it entirely within the
apache
> > engine.
> >=0A
> > Ruben
> &g=
t;
e>

---955686164-1023625480-1363979361=:97972--

  1. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] back up
  2. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Korean cyberwar
  3. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] yabb
  4. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  5. 2013-03-20 David Sugar <dyfet-at-gnutelephony.org> Re: [NYLXS - HANGOUT] yabb
  6. 2013-03-20 David Sugar <dyfet-at-gnutelephony.org> Re: [NYLXS - HANGOUT] yabb
  7. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  8. 2013-03-20 From: "Redpill" <red.pill-at-verizon.net> RE: [NYLXS - HANGOUT] back up
  9. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] back up
  10. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  11. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  12. 2013-03-20 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  13. 2013-03-20 From: "Redpill" <red.pill-at-verizon.net> RE: [NYLXS - HANGOUT] back up
  14. 2013-03-20 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] back up
  15. 2013-03-20 From: "Paul Robert Marino" <prmarino1-at-gmail.com> Re: [NYLXS - HANGOUT] back up
  16. 2013-03-20 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] back up
  17. 2013-03-20 From: "Michael L. Richardson" <mlr52-at-michaellrichardson.com> Re: [NYLXS - HANGOUT] back up
  18. 2013-03-21 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] back up
  19. 2013-03-21 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] back up
  20. 2013-03-21 David Sugar <dyfet-at-gnutelephony.org> Re: [NYLXS - HANGOUT] yabb
  21. 2013-03-21 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  22. 2013-03-21 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] yabb
  23. 2013-03-22 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] yabb
  24. 2013-03-22 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  25. 2013-03-22 Ruben <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] UEFI
  26. 2013-03-22 Ruben <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Coin Forum - up and running on YaBB
  27. 2013-03-22 Elfen Magix <elfen_magix-at-yahoo.com> Re: [NYLXS - HANGOUT] yabb
  28. 2013-03-22 Elfen Magix <elfen_magix-at-yahoo.com> Re: [NYLXS - HANGOUT] Coin Forum - up and running on YaBB
  29. 2013-03-22 Elfen Magix <elfen_magix-at-yahoo.com> Re: [NYLXS - HANGOUT] yabb
  30. 2013-03-22 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] yabb
  31. 2013-03-23 David Sugar <dyfet-at-gnutelephony.org> Re: [NYLXS - HANGOUT] yabb
  32. 2013-03-24 Paul Robert Marino <prmarino1-at-gmail.com> Subject: [NYLXS - HANGOUT] UEFI
  33. 2013-03-24 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Paul and Grand Central terminal
  34. 2013-03-25 Ruben <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] UEFI
  35. 2013-03-25 From: "Paul Robert Marino" <prmarino1-at-gmail.com> Re: [NYLXS - HANGOUT] UEFI
  36. 2013-03-25 mayer ilovitz <mayeri-at-mindspring.com> Re: [NYLXS - HANGOUT] UEFI
  37. 2013-03-28 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [SECURE1-at-cablevision.com: case # 157902]
  38. 2013-03-28 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [SECURE1-at-cablevision.com: case # 157902]
  39. 2013-03-28 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] [SECURE1-at-cablevision.com: case # 157902]
  40. 2013-03-28 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] [SECURE1-at-cablevision.com: case # 157902]
  41. 2013-03-28 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] [SECURE1-at-cablevision.com: case # 157902]
  42. 2013-03-28 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] bitcoins
  43. 2013-03-28 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] [SECURE1-at-cablevision.com: case # 157902]
  44. 2013-03-28 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] bitcoins
  45. 2013-03-28 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [info-at-rxinsider411.com: ICS Prescription Formulary Coverage Change]
  46. 2013-03-29 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] Stan Lee is not quite dead yet
  47. 2013-03-29 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] The NY Times and Egyptian Gold easy to find now
  48. 2013-03-29 Ron Guerin <ron-at-vnetworx.net> Re: [NYLXS - HANGOUT] The NY Times and Egyptian Gold easy to find
  49. 2013-03-29 David Sugar <dyfet-at-gnutelephony.org> Re: [NYLXS - HANGOUT] The NY Times and Egyptian Gold easy to find now
  50. 2013-03-30 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [rick-at-linuxmafia.com: Re: BIND options]
  51. 2013-03-30 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [rick-at-linuxmafia.com: More observations about the DNS-based DDoS]
  52. 2013-03-30 Ruben Safir <mrbrklyn-at-panix.com> Subject: [NYLXS - HANGOUT] [ruben-at-mrbrklyn.com: Re: BIND options]
  53. 2013-03-30 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] The NY Times and Egyptian Gold easy to find
  54. 2013-03-30 Ruben Safir <mrbrklyn-at-panix.com> Re: [NYLXS - HANGOUT] The NY Times and Egyptian Gold easy to find

NYLXS are Do'ers and the first step of Doing is Joining! Join NYLXS and make a difference in your community today!