Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page All in one big page See also: last week's Back page page. |
Linux Links of the WeekThe as-yet undelivered stable Linux 2.4 Kernel made #4 on Wired's Vaporware 2000, along with a mention of Linux-based organizers. Honors were shared with the Y2K bug, Microsoft's .NET strategy, wireless web pads, Bluetooth and Max OS X, which got the top, or to be more accurate, the bottom honors.
Section Editor: Forrest Cook |
December 28, 2000 |
|
This week in historyTwo years ago The LWN staff took a much needed break. One year ago (December 30, 1999 LWN): LWN took a close look at the LinuxOne amended S-1 filing, and noted some suspicious claims within. Despite the large wave of Linux based IPOs going on at the time, that one failed to materialize. The development kernel was version 2.3.35 and the stable kernel was still version 2.2.13, but the fix of a major IDE bug would allow version 2.2.14 to move forward. Support for the IBM S/390 was to be included in version 2.2.14. The inclusion of the kernel based web server, khttpd, was debated. The discussion centered on whether adding the complexity of a web server to the kernel was justifiable, even if it produced an incredibly fast web server. Tiny Linux, intended for small, obsolete computers, was released. Version 1.0 came out in April, 2000 and the project is still active. LWN mentioned a Salon article that questioned the stability of the Linux and dot com stock market frenzy: "Sooner or later, dot-com mania must be headed for a fall -- whenever you see this many lemmings gathered together in one place, you just know a steep cliff has got to be nearby. Could the rush to invest in companies which base their business models on free software be the last straw? Certainly, many observers who have long looked askance at the last few years of Internet insanity have seized upon the VA Linux IPO as just the latest, freakiest example of how crazy things are getting. " Last, but not least, the dark gloom of impending disaster loomed heavily over sys-admins and programmers everywhere, just a few hours until all hell would break loose due to zillions of unfixed Y2K Bugs. All of the advance work paid off and computers all around the world sailed smoothly into year 19100. | |
|
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. | |
Date: Thu, 21 Dec 2000 00:43:31 -0800 (PST) From: Matt Dillon <dillon@earth.backplane.com> To: letters@lwn.net Subject: Yet more on Elevator algorithms and write ordering I'm afraid there is considerable confusion over write ordering in a filesystem. The confusion stems from an assumption that dependant operations are queued to the disk device all together. This assumption is not true of FFS with softupdates. FFS with softupdates turned on will queue all *NON* dependant buffers to disk all at once and doesn't care in the least whether the kernel, the disk device, or the physical disk itself reorders the writes. Dependant buffers are not queued until non-dependant buffers have completed their I/O's. FFS without softupdates will use synchronous writes where necessary to (try to) ensure that dependant buffers are not queued until after such I/O's have completed. EXT2FS is roughly similar to FFS. However, both EXT2FS and FFS (without softupdates) have cases related to directories, inodes, and file blocks where *NO* write ordering is correct even if you do things synchronously. Filesystems are more complex then they seem. Softupdates deals with these interdependant cases by actually unrolling portions of the buffers when writing them to disk to guarentee consistency on-disk, allowing it to operate almost completely asynchronously without endangering the filesystem A log-structured filesytem deals with such cases by writing a sequential log, but there is nothing preventing even a log structured filesystem from writing a bunch of log blocks in random order as long as it doesn't try to recover past any holes created due to a crash or commit the file structure until after the (asynchronous) log block I/O has completed. What this means is that a kernel, disk device, and physical disk should be allowed to reorder blocks however they please. It is up to the filesystem code to handle dependant operations. -Matt | ||
Date: Thu, 21 Dec 2000 10:44:44 +0000 From: Edmund GRIMLEY EVANS <edmundo@rano.org> To: letters@lwn.net Subject: problems in /tmp You'll probably get a lot of letters like this one ... http://lwn.net/2000/1221/security.php3: > Into this model was introduced /tmp, a shared directory to which > anyone had write privileges and the ability to delete files created by > other users. Since it is amazing how many otherwise experienced people don't know about the "sticky bit" on directories, you really should have mentioned here that /tmp is usually created with permissions 1777, which means it is "append-only": you can't delete other people's files. This would also have been a good place to educate some of your readers about what exactly the "problems in /tmp" are. AFAIK, the main problem is a "symlink attack": if an attacker can guess that a program might open the file /tmp/foo for writing, they can create a symbolic link from /tmp/foo to /etc/passwd, say. If the program is running as root, it overwrites the password file, unless the program was clever enough to use O_EXCL, but even then, there may be a possibility for a denial-of-service of attack. See the man pages for mktemp and mkstemp. On SCO UnixWare a brute-force solution to this problem is used: the kernel does not allow symbolic links to be created in a directory with the sticky bit set which does not belong to the caller. I don't know of any legitimate application that require symbolic links in /tmp, so this solution should perhaps be considered as an option for Linux. Edmund | ||
Date: Thu, 21 Dec 2000 11:09:18 +0000 (GMT) From: Joey Maier <maierj@home.com> To: lwn@lwn.net Subject: to: Liz Coolbaugh Hi Liz, First off, thanks for the good work. You do a great job with the security page at LWN. I especially like your editorializing of bugtraq threads...this week's comments on the /tmp discussion is a great example. I stopped following the thread (and the offshoots from it) after the first few posts seemed to say the same thing. If you hadn't linked to it in LWN, this would have caused me to miss Kris Kennaway's post. Anyway, I really like your work, and I appreciate the fact that you don't snub OpenBSD users ;-) WRT, the Kaspersky Lab virus review, you said: >...or, perhaps, it's the fact that it takes a little more than >a bogus email attachment in the Linux environment...? I suspect that you made the above comment because the email attatchment can only run in the context of the user reading the mail, and that user should not be root. While this is correct, it simply means that malware is limited in the amount of damage that it can do to the system configuration. A malicious program in a unix environment could still destroy all of the files of the user. Most corporate environments have decent backup policies for end users, but home users typically don't back up files as often as they should, and a piece of malware that destroyed local user files could be very nasty for them. It is also important to note the increase in the tendancy for unix desktop user to prefer HTML-rendering mail clients. Many of these clients - especially the ones that are incorporated into a browser - may have active scripting vunerabilies that could allow manipulation or deletion of the user's local files. I suspect that the reason we have not seen more email-born malware in the unix environment is not due to the slightly limited scope of the damage that can be done. (Loss of data can be enough of a problem, even if the system configuration is unharmed.) Instead, I suspect that the currently heterogenious use of email clients make it more difficult to write a virus that will affect a large number of people in the way the Outlook-dominated Windows platform can be affected. If the *nix world starts to be predominated by a single email client, it will start to attract malware authors. This is especially true if the client is HTML/active scripting aware. Unfortunately, noone seems to be taking this seriously, and I have not seen any viable solutions offered. -- "When you understand UNIX, you will understand the world. When you understand NT....you will understand NT" - Richard Thieme http://www.slothnet.com - is currently unavailable :( | ||
Date: Thu, 21 Dec 2000 11:13:20 -0500 From: Joe Louderback <jlouder@wfu.edu> To: letters@lwn.net Subject: Defamation of Fortran In this forum Mr. Kastrup took Linus Torvalds to task for incorrectly claiming arrays in Pascal start at 1. He then wrote, "Most probably Mr. Torvalds is confusing Pascal with Fortran which indeed has its arrays starting at 1." Ahem. real atone(50) integer atminusthree(-3:50) logical atsix(6:50) Joe Louderback, itinerant physicist and occasional Fortran programmer | ||
Date: Tue, 26 Dec 2000 13:04:42 -0800 From: Davina Armstrong <davina@lickey.com> To: letters@lwn.net Subject: Rick Collette's "petition" to British Telecom I was very interested in your coverage of British Telecom's patent infringement lawsuit against Prodigy (LWN 12/21/00). I happily clicked on the link to Rick Collette's "petition" to British Telecom, thereby myself infringing upon their patent (or at least contributing to your infringement). I was anxious to add my signature to what I assumed would be a petition to British Telecom urging them to drop their absurd lawsuit. Instead, I found the following: "British Telecom is claiming they own the rights to the Hyperlink. That's saying that everything you click on a website, the method used to bring you from one page to another, belongs to them. They are currently suing Prodigy for this, and it's only going to worsen. We must stand up and put a stop to this craziness. The signatures collected here will be sent to the Linux Journal, deepLINUX, MSN, and any other media outlet that I can think of." This is *not*, in fact, a petition. This is merely a statement of fact. Why would anyone sign it? Webster's Dictionary defines a petion as "1 a solemn, earnest supplication or request to a superior or deity or to a person or group in authority; prayer or entreaty" OR "2 a formal writing or document embodying such a request, addressed to a specific person or group and often signed by a number of petitioners". This "petition" is not addressed to British Telecom and does not actually make any request. When someone starts a real petition to British Telecom about this issue, I will be more than happy to add my signature to it. Regards, Davina Armstrong | ||
|