scadblog

No one should run their Windows machines as administrator, but it is incredibly difficult to convince a user of this fact. Often I do not blame them for resisting because the trade-off in terms of convenience is huge. The OS doesn’t help you in this regard at all.

The command line to the rescue. I’ve been running as a limited user for a few months on my Windows desktop. From time to time I need access to act as administrator. So I created a shortcut called ‘Root Shell’ with the target:

runas /user:administrator “\”c:\program files\internet explorer\iexplore\”c:”

the very same command I used in a previous hint, instead this time I use it to launch anything and everything that I need to as administrator. Anything launched from that window, be it a Control Panel, installer application or otherwise is run as root.

Setting up a user with this on their desktop and an Administrator password that matches their own might just be the answer to negotiating control and mitigating further Windows disasters.

WinEDT (v5.3, Windows) cannot take an apostrophe in the path statement for a file you want to compile. It will end in an error and open up the file PDFLaTeX.edt in its own install folder, showing you the section of program code responsible for the error. I have not tried any other special characters but its worth removing them as well if you are encountering compile problems not related to the user-written LaTeX itself.

Because I can’t script for my life it shouldn’t be surprising that this is my first one. All it does is mount a named iso to a hardcoded mount point which is shared out to myself. It saves me the trouble of carrying around a bunch of disks when I can log in remotely, start the share and mount the iso to its location with one command, however sloppy it may be.

(more…)

The MBR (Master Boot Record) of an x86 drive exists in the first 446 bytes of the hard drive. In order to duplicate the MBR onto a second drive with dd you would specify the bytes and the byte count like so:

dd if=/dev/hda of=/dev/hdb bs=446 count=1

FTP likes to open itself up on random high ports in passive mode. If you need static firewall rules this can be a problem. Fortunately the popular VSFTPD package takes arguments that will curtail some of this behavior.

VSFTP is also highly secure in its default configuration. Serving up anonymous FTP just takes a little loosening of the rules. Oddly enough, with the nature of FTP being an insecure protocol for usernames and passwords, its likely that an anonymous setup is much more desireable if security is taken seriously.

(more…)

When generating a PDF from LaTeX, no author or creator information is included in the PDF’s metadata other than the program that was used (in the case of one of my Windows users, MiKTeX via WinEDT).

When generating a PDF that originates in MS Office (which automatically adds metadata such as the Author) using Adobe’s PDF printer (included with the Pro version of Acrobat), the PDF retains the metadata Office has added without notifying the user.

When generating a PDF that originates in MS Office using the open source PDFCreator application you are presented with a dialog box in which it shows you what metadata it is going to add prior to finalizing the PDF creation.

This writeup can be kind of confusing, so its moreso a random thought than a tech tip.

I had various Samba shares set up so that members of a particular groups could access them depending on which share was theirs. Group membership was reflected in the ‘valid users’ statement in the smb.conf file as well as the membership to a particular group account local to the machine.

Along came someone who wanted to be able to access all of the group shares at once. Instead of adding them to the shares individually, I created a new share mapped to the path one level above the existing shares/paths. This way, the individual can see and access all of the shares at once, and even create folders that are no shared out but belong to the same directory structure.

(Its important to note that as part of this scenario I made sure that all users belonged to the same local groups instead of ones reflecting their share access. I then forced all the share creation masks to the same group to ensure that there would be no permission conflicts. Note that this means the setup wouldn’t work if people have local logins on the machine as they would be able to read/write each other’s group files.)