Porter Square Nikuman

Until yesterday I hadn’t had good nikuman for years; not since I lived in Tokyo. Last night, however, I discovered, buried beneath the escalator in Porter Square Station, a small newsstand selling freshly steamed pork nikuman.

Of course, I should really say baozi since these were authentic Chinese steamed buns. Served, oddly enough, in a plastic glove.

Oddness aside, they’re delicious.  If I passed through Porter Square every day I could imagine a stop at the newsstand quickly becoming a breakfast habit.

Finding files by date with the Linux find command

Here’s something I’ve wanted to know how to do since forever.

Use this trick to find files that have been modified since some arbitrary date:

$ touch -d "13 may 2001 17:54:19" date_marker
$ find . -newer date_marker

To find files created before that date, use the cnewer and negation conditions:

$ find . ! -cnewer date_marker

And to delete them, use the built-in “delete” action, eg:

$ find . ! -cnewer date_marker -delete

Discovered in the Irish Linux Users Group‘s exceptional online tutorial.

Shoe In

Why don’t we all go down to Washington D.C. and throw our shoes at the White House?

Shoes or, creme pies.

Best quote from the Huffington Post comment board:

“Did you see how well he dodged those shoes?? Decades of dodging responsibility sure paid off!”

Indeed.

SVN File Status Flags

More SVN stuff I can never completely remember.  As seen from running svn update, svn switch, or svn merge. “G” always throws me. See $ svn status help for details.

U filename = item (U)pdated to repository version
G filename = item’s local changes mer(G)ed with repository
C filename = item’s local changes (C)onflicted with repository
D filename = item (D)eleted from working copy
A filename = item (A)dded to working copy
~ filename = item (S)ubstitution; for example local file update obstructed by substitution of a symlink with the same name in the repository (I think of this as a sideways/backwards “S”)

Also note that a real “S” flag means that something has gone horribly wrong with a switch and that the operation was not fully completed. Hopefully you’ll never see this.

Boston’s Christmas Castle.. FOR SALE?!

Came across this on Zillow today and couldn’t believe it.  It looks like the Christmas Castle is on sale, and has been for the better part of the year.  A steal at 2.2 million.

I plan to swing by later this week and see if the lights are up.  Though I for one enjoyed last year’s bizarre spectacle of lights, I suspect that Jamaica Plainers just might be getting a little more sleep this Christmas.

Button Fly Blues

Why do I purchase clothing without trying things on or, for that matter, bothering to look closely at what I’m actually buying?

A lament in haiku form.

New jeans.  Old habits.
Way too much morning coffee.
“What the..?!” Buttons fly.

Securing Mantis

Any Mantis users out there running older versions should consider upgrading immediately. Recently crackers have been using an exploit in pre-1.1.4 versions of Mantis to execute arbitrary code via a sort parameter. The exploit attempts to execute a call to create_function from manage_proj_page.php.

See the CVE on Mitre and details in the Mantis forums.

It would appear that this exploit is used to create a cron under the username of the web server. When fired, the cron generates a new “mc-root” directory within the Mantis tree which would appear to contain some kind of root kit or similar.

In addition to upgrading, I recommend adding the following to your Mantis conf_inc.php if you do not run an open-access Mantis system:

#############################
# Signup and Lost Password
#############################


# --- signup ----------------------


# allow users to signup for their own accounts.
# Mail settings must be correctly configured to work
$g_allow_signup = OFF;


# Max. attempts to login using a wrong password before
# lock the account.
#
# When locked, it's required to reset the password
# (lost password)
# Value resets to zero at each successfully login
# Set to OFF to disable this control
$g_max_failed_login_count = 3;