What are Recommended Practices vs. “Best Practices”?

0 Comments

Background
Facebook’s engineering culture during its earlier days of rapid growth was “move fast and break things.” But the Harvard Business Review says that this era is over.

Problem scenario
You are concerned about recommended practices and “best practices.” You want to be productive and leave no security gaps in your systems that you design/install or allow bugs in your code.

Continue reading “What are Recommended Practices vs. “Best Practices”?”

How Do You Troubleshoot the Hadoop Message “Exception in thread “main” java.nio.file.AccessDeniedException: /home/jdoe/./mapper.py”?

0 Comments

Problem scenario
You are trying to run a hadoop command (to kick off a mapreduce job). But you get this error:
“Exception in thread “main” java.nio.file.AccessDeniedException: /home/jdoe/./mapper.py”

What should you do?

Solution (short version)
Change to a directory where the user can write files to. Retry the command.

Solution (long version)
Create a directory that is owned by the user and the group associated with the user that is running this command.

Continue reading “How Do You Troubleshoot the Hadoop Message “Exception in thread “main” java.nio.file.AccessDeniedException: /home/jdoe/./mapper.py”?”

What is a Hacker?

0 Comments

Question
You have seen the word “hacker” appear in different contexts. You have seen it used to describe a cybercriminal. Moreover some companies proudly claim that they employ no hackers while only hiring trained software developers. In some articles the term hacker has a positive connotation. What is a hacker?

Answer
“Hacking tends to be a misunderstood topic, and the media likes to sensationalize,

Continue reading “What is a Hacker?”

What Are Some Ways to Prevent XSS Attacks with a Web Page That Uses JavaScript?

0 Comments

Problem scenario
You know that cross-site scripting (aka XSS) attacks are a big concern in today’s world. OWASP places XSS security risks as the seventh biggest web application risk as of June 2020. What are some techniques to stop such attacks from happening when designing a website that uses JavaScript?

Possible Solution #1
Have the HTML and JavaScript validate and escape regularly throughout the code.

Continue reading “What Are Some Ways to Prevent XSS Attacks with a Web Page That Uses JavaScript?”

How Do You Change the Version of Python that Ansible Uses?

0 Comments

Problem scenario
You are using Ansible with -vvv to see what Python version it is using. (Or you use ansible –version.) You see an incorrect version of Python being used.

You tried ansible_python_interpreter=/usr/bin/python3 in your playbook and in the ansible.cfg file. Neither worked.

What should you do?

Solution
In the playbook, find the hosts stanza. Underneath it use this (where python3 is the version you want and “/usr/bin” is the path to it):

vars:
ansible_python_interpreter: /usr/bin/python3 …

Continue reading “How Do You Change the Version of Python that Ansible Uses?”

How Do You Troubleshoot the Unexpected Output to a grep Command “Binary file (standard input) matches”?

0 Comments

Problem scenario
When grepping a file or output, you get “Binary file (standard input) matches”. You only see a subportion of the matching strings. What should you do?

Solution
Use the -a flag. Here is an example:
cat foobar.txt | grep -a coolterm

Continue reading “How Do You Troubleshoot the Unexpected Output to a grep Command “Binary file (standard input) matches”?”

How Do You Fix the Ansible Problem about “libselinux-python”?

0 Comments

Problem scenario
You try to run an Ansible playbook, but you get an error like this: “msg: Aborting target uses selinux but python bindings (libselinux-python) aren’t installed!”

You are using a Red Hat derivative of Linux (e.g., Red Hat Enterprise Linux, CentOS or Fedora) and Python 3. What should you do?

Solution
Prerequisite
Install pip3. If you need assistance,

Continue reading “How Do You Fix the Ansible Problem about “libselinux-python”?”