Toby Eggitt

Ranch Hand
+ Follow
since Dec 08, 2004
Cows and Likes
Cows
Total received
1
In last 30 days
0
Total given
0
Likes
Total received
5
Received in last 30 days
2
Total given
3
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Toby Eggitt

Well, I think that since you can hear the music, the approach is clearly workable. You just have to discover how to get a program that's started from a context that doesn't have a connection to your windowing system to connect successfully to your windowing system. I can tell you how to do that in Unix, but unfortunately have no clue in your environment. But at least it's a direction for investigation. Maybe go to a Windows admin forum and ask "how to start a gui program on my local system from a service" and see if they can help? Good luck!
2 weeks ago
Indeed, implicit, in what I was pondering is where do you expect this stuff to show up even if it works?

Since you seem to be configuring this to run when the servlet context is initialized, I guess you are trying to run it on the server, but if you're expecting the output to show up for any client you're definitely misunderstanding what webservers do. And of course, the other side of the question is why on earth would you want to use a webserver to launch a "system" program?! Most servers run headless where nobody can see them anyway
2 weeks ago
I don't know how this works in Windows, but in Unix like environments, there's an environment variable that needs to be set to tell a GUI application what windowing system it should connect to. Running a command without specifying that (and it's usually inherited from the places you're likely to start programs) will result in failure.

Of course, you're running windows, so I have zero clue if this has parallel considerations for that system, so if I just wasted your time, I apologize.

2 weeks ago
Greetings all. I'm on a bit of a mission to understand software security better, in a Java environment. My particular focus right now is to try to find--and understand--real examples of how code fails in practice. I've read extensive stuff about "don't do this" on a bunch of topics, and I've looked at a number of resources (e.g. metasploit) that would potentially show me how to *perform* an attack (with the goal of penetration testing one's own software, one hopes!) but what I'd really like to see now is examples of how real code has actually failed. E.g. how did the struts code permit remote code execution? I'm hoping some of you might be able to point me at such resources, either individual case studies, or perhaps whole data sets, that describe some of these.

I will add that I already found the OWASP web goat, and am trying to get into that. But I am hoping for specific, described, examples of real failures "in the wild", ideally (for impact's sake) associated with known dramatic breaches (Equifax, anyone?!)

Thanks
Toby
2 weeks ago
As side notes:

  • Java's "lambda expression" is primarily an anonymous function literal, it happens to have a closure capability in addition (though if no values are captured, this "doesn't happen".)
  • Java's closure mechanism was created at Java 1.1 with the advent of the ability to nest classes (particularly, but not exclusively, anonymous classes) inside the body of a method.
  • The beta release of Java 1.1 have closures that wrapped mutable state, but given that an immutable reference to a mutable object serves pretty well for those who want a mutable state to be captured in their closure, they decided that a copying implementation would be preferable, and with the copying implementation came the requirement for finality that is now "effectively final".
  • 3 months ago
    Here's a thought for amusement. "Closure" is first and foremost a functional programming concept no? Well, in pure functional programming there's no such thing as mutable state anyway, so tell me again how Java's "effectively final" rule is "not a real closure". I agree it's not the same as a JavaScript closure, but just because that's what you're familiar with doesn't make it king of everything. Alonzo Church would probably have something to say about that
    3 months ago

    Dmitrii Valov wrote:
    I mean something like in these examples.
    https://docs.oracle.com/javase/tutorial/java/generics/inheritance.html
    When we should override some methods with generic types.



    Wow, that's pretty evil that they include subclassing of generic types when the objectives don't talk about generics in any way. Still, I guess at least, from the context you give, it's not co/contra-variance.

    Hopefully I'll see for myself in a week. Can't believe how long it takes to deliver a stupid electronic voucher, and then how little availability the testing centers near me have. One open day per week for the rest of this month, then a bit better further out!

    Anyway, thanks again for the input!
    5 months ago

    Dmitrii Valov wrote:Am I the first one here who passed this exam?


    I don't know, but you must be among the first, and regardless, many congratulations on a worthy achievement that's doubled on account of you having minimal resources for this new beast!

    Dmitrii Valov wrote:There were added several new themes from Java 8+
    - generic
    - generic-inheritance



    Can you add any more info regarding the generics questions you saw? There's no mention of generics in the published 1Z0-815 objectives, so this is pretty bad on Oracle's part if they did this. I can imagine the use of a few angle-brackets for giving generic types to something like a List, but more than that is pretty inexcusable to omit from the objectives. Also, what do you mean by generic inheritance? Are you talking about inheritance from a generic class/interface, or are you referring to co/contravariance?

    Thanks for letting us know what's going on with this!
    Toby
    5 months ago

    Toby Eggitt wrote:Lots of interesting comments, and I admit I might have skimmed them a little too much, but did anyone mention that this compiles (but does not run  )

    on second look, I've a feeling I did skim it too quickly and missed that this was pretty much already there. Sorry!

    7 months ago
    Lots of interesting comments, and I admit I might have skimmed them a little too much, but did anyone mention that this compiles (but does not run  )



    (notice the only difference is the cast)

    The point is that UnaryOperator is a sub interface of Function and constrains the argument and return type to be the same. But it's still a subclass, so since the thing on the right has the compile time type of Function (runtime type too, btw, which is why it doesn't *run*) the left is a more specific type, so the original assignment isn't legal. The cast, however, is credible (since there's a parent/child relationship between Function<E,E> and UnaryOperator<E>. However, since the type of an object is the type that it was created with, not whatever viewpoint(s) it happens to conform to (that is, Java is statically typed, not duck-typed like JavaScript etc.) the thing that was built is *not* in fact a UnaryOperator, so the cast fails at runtime.

    In general, once a lambda (not what's being discussed here, has been compiled, its type is fixed, and is subject to all the normal rules of Java typing). However, before it's typed, its type is seemingly flexible, which is why you can do stuff like:



    But it's really important to know that the types off those two lambdas, despite being "identical source code" are different. One is a Function object, the other is a UnaryOperator, and those are different classes (well, interfaces) even though they do have a parent/child relationship

    In your "they're the same" comment, with blah1 and blah2, try these assignments:



    and you'll see what I mean..

    Anyway, if f I didn't miss it being already in there, I hope this might add a little to the discussion.

    Cheers,
    Toby
    7 months ago

    s ravi chandran wrote:Not sure if you have solved this problem yet.
    Why are you using scanLeft specifically?

    [snip snip...]

    But if you are updating an array, there are definitely better ways to do it.
    Benefit of functional programming is no side effects.



    Thanks for the input Ravi, I appreciate you taking the time to answer.

    I ended up building a parallel scanLeft-to-array by hand. It worked out fairly well and scales well.

    Thanks,
    Toby
    1 year ago
    Greetings, I've a Scala syntax question; I came across a situation where scanLeft seemed perfect for the job at hand, but I needed to write the results to an existing array. However, I couldn't work out how to "teach" scanLeft to put its results in that array, rather than generating whatever structure it wanted to.

    Can anyone show me how I'd do that?

    TIA,
    Toby.
    1 year ago
    Well, homework submitted successfully. Now I can take a more serious look at your book without feeling like I would have cheated.

    What I did, in the end, was pretty much what I'd outlined in my original post.

    1) I created a mechanism that created an ordered list from a tree. I made sure to build the list by pushing items onto the front of the list, so that every element in it was built only once, rather than building it from left to right, which I figured would force reconstructing the entire tail of the list with every addition, and be desperately inefficient.

    2) I created a mechanism that merged two ordered lists into a single ordered list. Again, assembling from the right hand end backwards, ensures (I think, at least!) that this has a decent performance.

    3) Finally a mechanism to build a (tolerably balanced) tree directly from an ordered list by repeated subdivision. Again, the result should be that every sub-tree is built only once.

    The marking (it's an online course) is automatic, but the did warn us that poor implementations would time out and fail the test.

    I'm pretty happy that this doesn't seem like a disastrously bad approach, and it's "entirely mine" rather than the (frankly more academically appropriate "read the book, implement the standard solution". Anyway, now I can go read the book properly and find out what would have been better, without risking losing the sense of achievement that came from banging my head against this for a dozen hours or more!

    Thanks for the thought topics Pierre, also for not spoiling the story, and now thanks for the book which I'll delve into properly now.

    Cheers,
    Toby
    In my original post, you doubtless noticed my comment about "inefficient" So, yes, I think that your questions are exactly what I'm supposed to dive into, and I rather suspect I might not (educationally) up to it. But I'm also not ready to give up yet. All that said, I have a Safari account, so I have access to your book if/when I decide to take the PhD candidate's approach and "review the literature" ;)

    Meanwhile, thanks for all your comments, they've been very helpful, and as requested, avoided giving the key secrets that I'm seeking away and thereby avoided spoiling the story.

    Cheers,
    Toby.

    OK, I believe I understand this now, thanks. And if confusion remains, I can go read your book.

    Merci bien Pierre!