Showing all posts by Dan
Python Cheat Sheet: Lists
Posted on December 26, 2015, 1:55 pm by

Lists are linear sequences that provide constant time data lookup. They can be resized, searched, sorted (using a custom compare function) and are not restricted to a single data type (e.g. you can define lists with mixed data). Lists in Python are 0 indexed.

Defining a pre-initialized list with 10 numeric values (all zeros):
A = [0] * 10
Defining a pre-initialized list with 10 numeric values (powers of 2):
A = [ 2**i for i in xrange(0, 10) ]

Note1: xrange above returns values from 0 to 9 inclusive.

Note2: this syntax is known as list comprehension.

Iterating through all the elements (read only):
A = [ 0, 'a', {'b':'c'} ]
for e in A:
	print e
Iterating through all the elements (read/write):
A = [ 0, 'a', {'b':'c'} ]
for i in xrange(len(A)):
	print i, A[i]
Adding new elements at the end of the list:
A = [ 0, 1, 2, 3 ]
A += [ 4 ]

Note: there is an append method that can also be used for this purpose.

Insert new elements:
A = [ 0, 1, 2, 3 ]
A.insert(0, -1)	#position, value

Note: the insert above puts a new element at the front of the list.

Find elements in the list:
A = [ 0, 1, 2, 3 ]
A.index(2)

Note: index does a linear search for the element with the value provided. A ValueError exception is thrown if the element cannot be found.

Remove elements from the list:
A = [ 0, 1, 2, 3 ]
A.remove(2)		#by value
del A[1]		#by index
Using a Python List as a Stack:
A = [ ]
A.append(1)
A.append(2)			#always add elements at the end
stacktop = A.pop()	#returns 2, the last element added

Note: pop throws the exception IndexError if the list is empty.

Using a Python List as a Queue:
A = [ ]
A.insert(0, 1)
A.insert(0, 2)	#always insert at the beginning of the list
elem = A.pop()	#returns 1, the first element added

Note: for an optimized implementation for both Stacks and Queues you may want to look at the collections.deque data structure.

That’s it for today, have fun!

No comments yet Categories: Python, Scripts Tags: , ,
Setting up a secure Linux server
Posted on December 10, 2015, 10:18 pm by

There is no such thing as a completely secure server: as long as you provide public access to services running on a server, there is a risk that somebody at some point is going to try something like a privilege escalation or denial of service. What one can do is to minimize the chance of success of such attack or at least to minimize the damages.

I am not going to provide here some “high tech” security mechanisms but rather some “common sense” ones; such measures will most likely prevent speculative attackers or bots from doing their stuff. Let’s start with the first trick from the book:

1. Set up iptables

One may think: why set the firewall up? If I provide 3 services to the world and those are the only ones with listening sockets, why would I need a completely configured firewall?

The answer is: the firewall is always necessary. Having a policy of “deny all + exceptions” will render useless any rogue service that an attacker may inject through some privilege escalation attack.

On a RedHat (CentOS) system one will find the firewall configuration file as /etc/sysconfig/iptables. A typical restrictive configuration might be:

*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m multiport --dports 22,80,443 -j ACCEPT

The configuration above allows new tcp traffic (new connections) to ports 22 (ssh), 80 (http) and 443 (https), while allowing all outgoing traffic and also the responses received in relation to such traffic. It also allows icmp (ping), but denies everything else.

Continue Reading →

No comments yet Categories: Scripts, Security Tags: , , , , ,
Crazy DevOps interview questions (2)
Posted on November 24, 2015, 5:41 pm by

You can find the first article of the series here: Crazy DevOps interview questions.

Question 1:

Suppose you run the following commands:

# cd /tmp
# mkdir a
# cd a
# mkdir b
# cd b
# ln /tmp/a a

… what is the result?

At this point one may point out that the hardlink being defined may basically create a circular reference, which is a correct answer on its own. It’s not complete, though: how would the operating system (the file system) handle such command, anyway?

A command line guru may simply dismiss the question saying that hardlinks are not allowed for directories and that’s about it. Another guru may point out that we’re missing the -d parameter to ln and the command will fail before anything else considered. Correct, but still not the complete answer expected by the interviewer.

The complete answer must point out that:

  • Not all file systems disallow directory hardlinks (most do). The notable exception is HFS+ (Apple OS/X).

  • The hard links are, by definition, multiple directory entries pointing to a single inode. There is a “hardlink counter” field within the inode. Deleting a hard link will not delete the file unless that counter is 1.

  • Directory hard links are not by definition dangerous to be disallowed by default. The major problem with them is the circular reference situation described above. This can be solved by using graph theory but such implementation is both cpu and memory intensive.

  • The decision to disallow hard links for directories was taken with this computation cost in mind. Such computation cost grows with the file system size.

I agree to you that a comprehensive answer is usually expected in an interview setting by a company within the “Big Four” technology companies.

Continue Reading →

No comments yet Categories: Interview, Scripts Tags: ,

Previous Page · Next Page