{"version": "https://jsonfeed.org/version/1", "title": "/dev/posts/ - Archive for 2018", "home_page_url": "https://www.gabriel.urdhr.fr", "feed_url": "/2018/feed.json", "items": [{"id": "http://www.gabriel.urdhr.fr/2018/11/26/document-generation-workflow/", "title": "My document generation workflow with Markdown, YAML, Jinja2 and WeasyPrint", "url": "https://www.gabriel.urdhr.fr/2018/11/26/document-generation-workflow/", "date_published": "2018-11-26T00:00:00+01:00", "date_modified": "2018-11-26T00:00:00+01:00", "tags": ["computer", "python"], "content_html": "<p>Here is the workflow I am using to generate simple text documents\n(resume, cover letters, etc.) from Markdown, YAML and Jinja2 templates.</p>\n"}, {"id": "http://www.gabriel.urdhr.fr/2018/11/22/south-park-ip-address-spoofing/", "title": "IP address spoofing in order to watch South Park", "url": "https://www.gabriel.urdhr.fr/2018/11/22/south-park-ip-address-spoofing/", "date_published": "2018-11-22T00:00:00+01:00", "date_modified": "2018-11-22T00:00:00+01:00", "tags": ["computer", "web", "hack", "firefox"], "content_html": "<p>Trying to bring back some old IP spoofing Firefox extension\nfor watching South Park episodes.</p>\n"}, {"id": "http://www.gabriel.urdhr.fr/2018/05/30/more-browser-injections/", "title": "More example of argument and shell command injections in browser invocation", "url": "https://www.gabriel.urdhr.fr/2018/05/30/more-browser-injections/", "date_published": "2018-05-30T00:00:00+02:00", "date_modified": "2018-05-30T00:00:00+02:00", "tags": ["computer", "unix", "debian", "security", "shell", "vulnerability"], "content_html": "<p>In the <a href=\"https://www.gabriel.urdhr.fr/2018/05/28/browser-injections/\">previous episode</a>, I talked about\nsome argument and shell command injections vulnerabilities\nthrough URIs passed to browsers.\nHere I am evaluating some other CVEs\nwhich were registered at the same time (not by me).</p>\n"}, {"id": "http://www.gabriel.urdhr.fr/2018/05/28/browser-injections/", "title": "Argument and shell command injections in browser invocation", "url": "https://www.gabriel.urdhr.fr/2018/05/28/browser-injections/", "date_published": "2018-05-28T00:00:00+02:00", "date_modified": "2018-05-28T00:00:00+02:00", "tags": ["computer", "unix", "debian", "security", "shell", "vulnerability", "freedesktop"], "content_html": "<p>I found an argument injection vulnerability\nrelated to the  handling of the <code>BROWSER</code> environment variable\nin <code>sensible-browser</code>.\nThis lead me (and others) to a few other arguments and shell command injection\nvulnerabilities in <code>BROWSER</code> processing and browser invocation in general.</p>\n"}, {"id": "http://www.gabriel.urdhr.fr/2018/03/19/sibling-tco-in-python/", "title": "Sibling tail call optimization in Python", "url": "https://www.gabriel.urdhr.fr/2018/03/19/sibling-tco-in-python/", "date_published": "2018-03-19T00:00:00+01:00", "date_modified": "2018-03-19T00:00:00+01:00", "tags": ["computer", "python", "functional"], "content_html": "<p>In <a href=\"http://chrispenner.ca/posts/python-tail-recursion\">Tail Recursion In Python</a>,\n<a href=\"http://chrispenner.ca/posts/python-tail-recursion\">Chris Penner</a>\nimplements (self) tail-call optimization (TCO) in Python using a function decorator.\nHere I am extending the approach for sibling calls.</p>\n"}]}