An outstanding article

Setup of Ruby, Rails, Mongrel and Pound on a VPS.

SVN Reorganization

If you're svn:external'd in to a plugin, I apologize for the inconvenience.

By the way, if you're a Mac user, who uses svn from the terminal (a dying breed, perhaps), it's convienient to use a GUI client to do this type of wholesale reorganization.

But why download a specialized client, when OS X ships with a perfectly good WebDAV client? Just hit command-k from the finder, enter your repository address, and work with the svn tree as a normal filesystem. You are using SVNAutoVersion right?

WebMPD is up!

WebMPD is a site for online ministry partner development resources. It's immediate goal is to provide the unique functionality (i.e. donor reports, NOT address books) of tntMPD, in an online, standards-compliant way. It's aimed at people who can't use TntMPD (Mac users) and people who prefer a lightweight solution. Check it out!

Rails Vulnerability

As everyone knows by now, Rails has a serious routing vulnerability. Anytime you use a :controller in your route, you are choosing a ruby file to load. The vulnerability allows an arbitrary ruby file to be loaded. The solution is an upgrade to Rails 1.1.5. There have also been reports that the 1.1.5 was an inadequate solution. I'm reccommending replacing the default route:

map.connect ":controller/:action/:index"

with

Dir["app/controllers/*_controller.rb"].map{|c| c[%r[/([^/]*)_controller], 1]}.each do |c|
  map.send c.to_sym, "#{c}/:action/:id", :controller => c
end

This may get more complicated if you're using engines, or controllers in modules. If so, you can manually specify each controller like so:

%w(controller1 module/controller2 etc).each do |c|
  map.send c.to_sym, "#{c}/:action/:id", :controller => c
end