Personal, Politics

Green Gore?

Is Gore as green as he’s preaching we should all be?  Apparently not.

That’s a disappointment.  Democrat vs. Republican aside, I really wish we could count on folks in the public eye to not be so hypocritical.  Maybe that’s just part of the job for folks in politics, but I like to have higher expectations than that.

Note to self:  Don’t be hypocritical.


Security Descriptor Definition Language

Exactly what I said.  “What the h-e-double-hockey-sticks is that”?  SDDL, of course.  I ran into it yesterday when debugging a production issue on some ASP.NET applications, and since I’d never seen or heard of it before I thought I’d better get it down before I forget (i.e. tomorrow.)  Turns out this didn’t lead to the solution of the production problem, but it was educational nonetheless.

The problem we were seeing was that when using impersonation (impersonate=true in a web.config) with NTLM security we were getting access denied errors.  Turns out the errors were due to permissions on creating temporary ASP.NET files for the specific users (since IIS is impersonating each authenticated user when creating temp files), but the search led me to SDDL first.  We were originally thinking that the access denied errors were errors thrown when the app was attempting to log an error into the event log since the last release involved the creation of a new event source.  Really a rediculous conclusion in hindsite considering that we were being notified of the access denied errors through the event log source which we were questioning the security settings of.  Anyway.

SDDL is a language used to set permissions on the event log.  Read, Write and Clear can all be granted or restricted for groups of users or specific users.  I’m sure it has other uses as well, but this is how I came to be aware of its existance.  It’s really not too difficult to understand.  I won’t go into the details, but instead here are some links I found useful when trying to figure out how to read and manipulate it.

MSDN Article
Security Newsgroup Posting covering some event log specifics
This google groups posting, which looks like it’s from a blog somewhere (looks like I screwed up that link as it’s not going where I wanted…will update later if I find it again)
Finally, the google groups posting that lead me down the path in the first place


Landis Part II

It’s been a couple days, but things have been kind of busy so no time to follow up.  Landis’ B sample came back with the same results, as everyone expected.  So he’s been kicked off his team and is now in a fight to appeal the results in order to keep his crown.  Good luck to him, but no matter how this comes out it isn’t good for the sport.

On a related note, when searching for the CNN article referenced above I discovered Landis has a blog on his site.  Who knew!  I think I’ll have to subscribe to keep up with the latest.  Too bad the UCI or US Cycling doesn’t have a similar voice on the Internet (unless I’m missing it) to get the other side of the story.