Been a week since I posted. I've not done much, though I did complete most of the migration of my planet-searching code to gluck.debian.org.
This is now logging to a local SQLite database, and available online.
I've updated the blog software so that I can restrict comments to posts made within the past N days - which has helped with spam.
My other comment-spam system is the use of the crm114 mail filter. I have a separate database now for comments (distinct from that I use for email), and after a training on previous comments all is good.
Other than being a little busy over the past week life is good. Especially when I got to tell a recruitment agent that I didn't consider London to be within "Edinburgh & Surrounding Region". Muppets.
The biggest downside of the week was "discovering" a security problem in Java, which had been reported in 2003 and is still unfixed. Grr. (CVE-2003-1156 for those playing along at home).
Heres the code:
#!/bin/sh
#
# Grep for potentially unsafe /tmp usage in shared libraries
#
find /lib -name '*.so' -type f -print > /tmp/$$
find /usr/lib -name '*.so' -type f -print >> /tmp/$$
for i in $(cat /tmp/$$ ); do
out=$(strings $i | grep '/tmp')
if [ ! -z "$out" ]; then
echo "$i"
echo "$out"
fi
done
rm /tmp/$$
