Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters
Other LWN stuff:
Archives/search
Recent features: Here is the permanent site for this page. See also: last week's LWN.
|
Leading items and editorialsThe long arm of the MPAA reaches into Norway. The arrest of Dmitry Sklyarov struck many as one of those "only in America" events. Certainly no country in the "free world" would attempt to arrest a programmer for having written code. The indictment in Norway of Jon Johansen, co-author of the DeCSS code, has shown that the world is not so simple. This indictment comes as a result of pressure from the Motion Picture Association of America on ØKOKRIM, the Norwegian agency in charge of dealing with economic crimes. As described in this EFF release, this prosecution is a novel application of Norwegian law: Johansen's prosecution marks the first time the Norwegian government has attempted to punish individuals for accessing their own property. Previously, the government used this law only to prosecute those who violated someone else's secure system, like a bank or telephone company system, in order to obtain another person's records. Even that is not enough for the MPAA; they wanted Mr. Johansen charged with contributory copyright infringement as well. The usual groups are swinging into action, and protests have happened in Norway. The EFF has set up a 'Free Jon' mailing list for those who wish to follow this case. With luck, the Norwegian justice system will see reason and eventually drop the charges against Jon Johansen. In the mean time, however, he is facing the possibility of two years in prison. All for allowing people to "break into" their own property. This is not just an American problem. In the modern world, bad ideas can spread globally in little time - especially when pushed by a mean and scared industrial group. There will be more Dmitrys and Jons in our future, and they will be found worldwide. Those of us who value free software are going to have to fight for it, even in the "free world." Should Aunt Tillie build her own kernels? Eric Raymond has been working for some time on a new kernel configuration system which, someday, is slated for incorporation into the 2.5 series. This project has seen its share of controversy over the last year, but, perhaps, never at the level of the last week. What is the development that has set off so many kernel hackers? It is an autoconfiguration module (implemented initially by Giacomo Catenazzi) which figures out which hardware is present on the system and cooks up a kernel configuration to match. Eric has been working overtime to justify this work by way of an amusing set of stories. For your amusement, here are the inspirational tales of Aunt Tillie, her nephew Melvin ("Autoconfigure saves the day. Possibly it even helps Melvin get laid"), and the 'girl geek' Penelope. Beyond the possible improvement to hackers' love lives worldwide, the reasoning behind the work is essentially this: Because the second we stop thinking about Aunt Tillie, we start making excuses for badly-designed interfaces and excessive complexity. We tend to fall back into insular, elitist assumptions that limit both the useability of our software and its potential user population. We get lazy and stop checking our assumptions. When we do this, Bill Gates laughs at us, and is right to do so.
There are reasons to question some of Eric's scenarios. Aunt Tillie is almost certain to be happier with the kernel supplied by her distributor, which includes numerous patches, has modules for an unbelievable variety of hardware, and has been extensively tested. Building and running a kernel off the net, even from a "stable" series, will never be without its potential surprises. But the hostility to the autoconfiguration idea seems to go beyond that. Some people clearly do not want Aunt Tillie to be able to build a kernel without learning about the process and understanding what hardware is on her system. Some, perhaps, fear Aunt Tillie's inevitable "help me" message to linux-kernel once the process fails. Others, perhaps, prefer a world where only the Select Few are able to do certain things. That latter view was often seen in arguments against the desktop projects a few years ago, though it seems to have faded away in recent times. But perhaps kernel hackers ("girl geeks" included) remain a more hairy-chested bunch. If Aunt Tillie can build her own kernels, that's one less thing that sets them, and their skills, apart. Linux hackers in general have managed to get over this attitude in general, and that has been an unmitigated good thing. It has been repeatedly shown that Linux can be made easier to use without taking away the power appreciated by more advanced users. And an easier Linux, among other things, helps to ensure that the advanced users can work with Linux in the office as well as at home. So there is no harm in the creation of an autoconfiguration system for the Linux kernel, as long as nobody is forced to use it. Even if it does not really solve Aunt Tillie's problems, there will certainly be a class of users that is helped by easier kernel configuration. It may even turn out that some of those kernel hackers end up using it to quickly configure and build a kernel for a strange system - when nobody is looking, of course. (See also: Aunt Tillie's web site, hosted at her very own aunt-tillie.org domain - thanks to Nicolas Pitre). Correction: last week's LWN Weekly Edition stated that Guenter Freiherr von Gravenreuth was behind the legal attack against MobiliX in Germany. The truth of the matter is that he registered the Obelix trademark in that country, but is not the one pursuing the enforcement action. We regret the error. Inside this LWN.net weekly edition:
This Week's LWN was brought to you by:
|
January 17, 2002
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Security page. |
SecurityNews and EditorialsDebian took a month to distribute a fix for a glibc buffer overflow vulnerability. This week's glibc updates from Debian and Slackware distribute a fix for the problem about a month after the first update from Red Hat on December 14th. You may wonder why Debian, with over eight hundred developers and a dedicated security team, took so long to distribute a fix for such a basic vulnerability. The short answer is that with a half dozen architectures the only way to change glibc is very carefully. This note from Martin Schulze illustrates the care with which Debian manages a distribution for six different architectures. Tending the necessary balance between release management and getting out security fixes for core components is a serious challenge. As Mr. Schulze notes, "we have to be extraordinary careful. This takes time." January CRYPTO-GRAM Newsletter. Here's Bruce Schneier's CRYPTO-GRAM Newsletter for January. The main topic this time around is the Windows UPnP vulnerability. "To think, some time ago I criticized eEye for not waiting long enough before releasing a vulnerability. Shows how hard it is to get the balance right." Security ReportsNasty security hole in sudo. The sudo package, used to provide limited administrator access to systems, has an unpleasant vulnerability which makes it relatively easy for a local attacker to obtain root access. If you have sudo on a system with untrusted users, you probably want to disable it until you can get a fix installed. So far, updates are available from MandrakeSoft, Conectiva, EnGarde, SuSE, Debian, Red Hat and Red Hat Powertools Remotely exploitable vulnerability in pine. Pine has an unpleasant vulnerability in URL handling vulnerability which can lead to command execution by remote attackers. Updates fixing the problem were released this week by Slackware, EnGarde and Red Hat. This vulnerability is remotely exploitable; updating is a good idea. Heap corruption vulnerability in at. Security updates for this potentially exploitable heap corruption bug are available from SuSE and Debian. XChat session hijacking vulnerability. Updates fixing this problem in XChat were released by Debian and Red Hat. EnGarde Secure Linux security update to LIDS. EnGarde Secure Linux released a security update to LIDS (Linux Intrusion Detection System) fixing a number of locally exploitable vulnerabilities. Debian security update to gzip. The Debian Project has issued a security update to gzip fixing a buffer overflow problem in that package. Debian security update to cipe. The Debian Project has issued a security update to the cipe VPN package fixing a denial of service vulnerability.Yellow Dog Linux released a whole list of updates that they evidently forgot to send out until now. Geeklog 1.3 vulnerability. According to this post to BugTraq the version of Geeklog released last December 30th has a vulnerability which "allows any user to assume the identity of any other registered user, including the administrative user." Instructions on where to obtain a fix are on the Geeklog website. Pi3Web Webserver v2.0 is subject to a denial of service attach which crashes the daemon according to this brief description posted to BugTraq. UpdatesBugzilla upgrade to version 2.14.1. This is a security update with patches for a number of security-related bugs described in this announcement. "All users of Bugzilla, the bug-tracking system from mozilla.org [...] are strongly recommended to update to version 2.14.1". The problem was first reported by LWN in the January 10th Security page. New updates:
Previous updates: Buffer overflow problem in glibc. The glibc filename globbing code has a buffer overflow problem. For those who are interested, Global InterSec LLC has provided a detailed description of this vulnerability. This problem was first reported by LWN on December 20th.This week's updates: Previous updates:
Format string vulnerability in groff. A format string problem exists in groff; apparently it could be remotely exploited when it is configured to be used with the lpd printing system. (First LWN report: August 16, 2001). The stable release of Debian is not vulnerable. New updates:
Previous updates:
This week's updates: Previous updates:ResourcesSecuring Linux Servers for Service Providers by Bill Half, Sr. Consulting I/T Architect, is now available in PDF format from this link inside the IBM Linux Technology Center website. (Thanks to Steve Fox). EventsUpcoming Security Events. Sixth Annual Distributed Objects and Components Security Workshop has extended the call for papers to January 26. "The workshop, hosted by the Object Management Group and co-sponsored by Promia, Inc. and the National Security Agency (NSA), will provide a forum for discussing the issues associated with securing integrated application systems." The workshop will be held March 18 through 21, 2002 in Baltimore, Maryland, USA.
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net. Section Editor: Dennis Tenney |
January 17, 2002
LWN Resources | ||||||||||||||||||
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Kernel page. |
Kernel developmentThe current development kernel release is 2.5.2, which was released on January 14. The final version of the patch added relatively little to the prepatches; some more scheduling tweaks, a devfs update, and more block device work. It also includes a bug that prevents swap from working properly; people who really want to run 2.5.2 should probably apply this patch. 2.5.3-pre1 came out shortly thereafter. It includes the swap fix, more scheduler work, a parallel port update, and, perhaps most interestingly, the surprise appearance of Andre Hedrick's new ATA (IDE) driver code (see below). Dave Jones's latest is 2.5.2-dj1. It fixes a number of compilation problems people have encountered in 2.5.3-pre1, adds a scheduler update, and throws in a few other fixes. Update: it appears that there is a problem with the new ATA driver which can hang systems. Andre is recommending not using 2.5.3-pre1 until he can get a fix out. The current stable kernel release is still 2.4.17. The 2.4.18 prepatch is up to 2.4.18-pre4; it is restricted to the sorts of fixes and updates one would expect to see in a stable series. Those looking for a bit more adventure in a 2.4 prepatch may be interested in Alan Cox's return to the "ac" business: 2.4.18-pre3-ac2. This prepatch is more development oriented, with goodies like Rik van Riel's reverse mapping virtual memory, 32-bit UID quota support, and, yes, Andre Hedrick's ATA patches. The Linux IDE/ATA subsystem. The current Linux ATA (IDE) subsystem is a crucial piece of code. After all, it is responsible for handling I/O to and from the disks that are used on the vast majority of Linux systems; there are good reasons for wanting it to work reliably. So it can be unsettling to hear that subsystem called an unmaintainable hack, complete with the occasional "kooky kludge," and liable to corrupt data. Especially when the person speaking this way is Andre Hedrick, the ATA subsystem's maintainer. According to Andre, the ATA code's problem comes from its long history. The code has been slowly evolved, with ever more complex patches being applied to make it work with new hardware. Any real attempt at design, says Andre, fell by the wayside in the 2.1 series (when the driver was made to support all architectures) and has been absent since. Rigorous testing and validation of the ATA drivers has not been done. There is, in fact, a known (rare) situation, involving the failure of a DMA transfer, that can corrupt data on the disk. Finally, the current driver does not support a fair amount of modern hardware and its new command modes. What's needed, it is said, is a massively reworked ATA driver which has been redesigned from the beginning, has been verified to work in all situations, and which supports current and future hardware. Andre, of course, has such a driver - and has for some time. This code boasts a fairly impressive set of features:
For 2.4, the main sticking point would appear to be the size and nature of the patch - 350KB for the 2.4.16 version. Since the patch completely reworks the internals of a vital kernel subsystem, people are understandably a little nervous about it. This large patch does not fit into the slow, evolutionary nature of much kernel development; it can not be broken up into small, simple patchlets. In recognition of the natural reluctance to include a patch of this nature, the patch is designed (1) to allow the use of the old code paths when so instructed, and (2) to be selectable as a separate configuration option. Even so, Linus never wanted to include it. Marcelo Tosatti, the current 2.4 maintainer, does intend to include the patch in the future, when it has seen some more testing. On the 2.5 side, the block I/O work got in first. Andre suggests that it might have been better to merge in a proven and verifiable ATA layer before thrashing the upper block I/O layers, but that is not how it happened. Now that the block changes have stabilized (for now), the ATA patch has been slipped in. Barring unforeseen problems, it should be a part of the 2.5.3 release. Part of the problem, though, has been with Andre's approach to communication with the rest of the kernel developers. He tends at times toward volume and defensiveness, and has managed to annoy a number of people. Linus essentially refused to deal with him for a while, telling him to work through Jens instead (though that situation has since improved). Difficult personalities are not hard to come by in free software development communities, but it remains true that it can be harder to get your code included if you are hard to work with. In any case, the situation seems close to a resolution. The code will see wide testing in both the 2.4-ac and 2.5.x kernels, and it should eventually find its way into the 2.4 kernel as well. Now it must be time to get one of those 160GB disks... Nailing down initramfs. Part of the 2.5 plan for some time has been the merging of Alexander Viro's initramfs patch. This patch was covered on this page last August; it creates an initial ramdisk containing user-space code which completes the boot process. The contents of this ramdisk are appended to the kernel image itself. The idea is to move boot-time code out of the kernel entirely and to allow greater control over the system initialization process. One question that is being considered now is: what, exactly, will people want to put in the initramfs image? Greg Kroah-Hartman has been polling people on this question as a way of figuring out what sort of C library will be required. Some of the things that have come up include:
All this leads to the question of how the ramdisk image will be built, and where the code will live. Some of the code (such as that which finds and mounts the root filesystem) comes straight from the kernel, and seems to be tightly tied to it. Perhaps it should remain part of the kernel distribution. On the other hand, very few people think that busybox should be added to the kernel tree. So the kernel build process is probably going to have to get a little more complicated. Some kernel initramfs code will have to be merged in with other utilities which are maintained externally, and the whole mess will become the bootable kernel image. This one may take a little while to straighten out. Those who are curious about what the initramfs image will actually look like can go to the draft specification of the initramfs buffer format. Alan Cox also let slip another part of the plan for initramfs; this one is proving a little more controversial. It seems that kernel modules will go into the initramfs image as well. In fact, there will no longer be such a thing as a compiled-in driver; all kernels will have to load drivers (and other components) as modules from the initramfs. Not everybody likes this idea. Many people build kernels with no loadable module support at all, and wish to continue doing so. Their reasons include:
If one accepts that security is a non-issue and that the performance problems can be solved, and seeing that the plan is to treat even nailed-down hardware as if it were hot-pluggable, this change seems fairly likely to happen. Expect the 2.5 kernel to look rather different from its predecessors. Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
January 17, 2002 For other kernel news, see: Other resources: |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Distributions page. Note: The list of Linux distributions has moved to its own page.
|
DistributionsPlease note that security updates from the various distributions are covered in the security section. News and EditorialsDistribution List Update - Deleting distributions. Work on an updated LWN Distributions Page continues. We have always been very conservative about deleting distributions from this list. However links that cannot be found, or that go to sites that are clearly not Linux distributions anymore, aren't helping anyone. But before we nuke these distributions from our list permanently, we would like to ask our readers to let us know if they have any updated information. The Definite Linux site is still very much Linux oriented, but it didn't look like there was a Definite Linux distribution available. Also the Timpanogas Research site, former home of Ute-Linux, is there, but Ute-Linux is not. Same with CoolLogic's Coollinux. Then there were the distributions whose websites clearly went elsewhere than to a Linux distribution. Accordingly we bid adieu to cLIeNUX, eXecutive Linux, ix86 Linux, Linux Pro Plus, Project Ballantain, and spyLinux. Other distributions with unaccessible web sites include Alzza Linux, aXon Linux, Cafe Linux, easyLinux, FTOSX, Jurix, LinuxEspresso, LinuxPPP, LoopLinux, OpenClassroom, Stataboware, Trinux, Turkuaz, and WholeLinux. These too are slated for deletion unless someone can tell us of a valid website for them. Distribution NewsDebian News. Debian GNU/Linux 2.2r5 has been announced. This is a minor, bugfix release consisting mostly of security fixes, but there are a few other updates rolled in as well. Here's the Debian Weekly News for January 9. Covered topics include a new set of "Debian on CD" pages, the Debian development process, unfixable bugs, the 2.2r5 release process, and more. Debian fans going to Linux.conf.au will want to arrive a couple days early. There will be a Debian mini-conference during the two days preceding Linux.conf.au in Brisbane, Australia. FreeBSD development moves to FreeBSD Mall. Wind River, which acquired the FreeBSD team when it picked up BSDi, has announced that the sponsorship of that team has been transferred to the FreeBSD Mall. In preparation for the upcoming FreeBSD 4.5 release a testing guide has been released identifying areas in need of additional testing. Mandrake Linux Community Newsletter. The January 15 Mandrake Linux Community Newsletter is out. Therein you'll find tips for trading MandrakeSoft on the OTC market, goodies for MandrakeClub members to download, the business case of the week, and more. Red Hat News. Werner Puschitz has contributed this HOW-TO on Oracle 9i EE Installation on Red Hat Linux 7.1 and on Red Hat Linux 7.2. Slackware News. There have been changes to some packages in Slackware on Intel. See the ChangeLog for details. There are security issues with some of these, (see this week's Security page for details). Users of Slackware's stable branch should check out that ChangeLog as well. Yellow Dog Linux Bug Fix Updates. Yellow Dog has updates available for pmud and yup. Minor Distribution updates2-Disk Xwindow Linux System. The 2-Disk Xwindow Linux System released version 1.2rc05 beta. Embedded Coyote Project 'Wolverine' Alpha 1. The first product based on the Embedded Coyote Linux distribution has been released for alpha testing. Wolverine is a firewall and VPN server that is designed to be run on minimal hardware while still providing enterprise class security, reliability, and performance. Mindi-Linux. Mindi-Linux released version 0.52 on January 9, 2002. Mindi builds boot/root disk images using your existing kernel, modules, tools and libraries. Trinity Rescue Kit. Last week we introduced the Trinity Rescue Kit, and the response from LWN readers encouraged some further development. So here is an announcement for TRK 0.4, the next version of this bootable CDROM distribution. Distribution ReviewsSuSE 7.3 offers solid server reach and desktop usability (ZDNet). ZDNet reviews SuSE Linux 7.3. "Companies seeking a desktop alternative will find SuSE 7.3 well prepared. Desktop setup is highly automated and can be performed across a network, if desired." Distribution Watch: A Month Later with Linux-Mandrake 8.1 (LinuxPlanet). Here's a review of Mandrake Linux 8.1 Gaming Edition on LinuxPlanet. "In my first review of Mandrake Linux 8.1, I did not get much farther than the initial setup and playing around with all the fancy new toys. Once that first look was finished, however, I had to get my machine up to my home office standards. For me, that means talking to the Internet, talking to my printers, and talking to the other machines on my network, including Windows and Mac machines." Section Editor: Rebecca Sobol |
January 17, 2002
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Development page. |
Development projectsNews and EditorialsArch, a substitute for CVS. Tom Lord compares the current state of open source development to early automotive assembly lines, and focuses in on CVS as a software development component that is showing its age. Tom is the author of arch, an alternative to the CVS versioning system.
CVS is a bottleneck in our infrastructure. On the one hand, CVS does something incredibly useful: it helps multiple maintainers coordinate changes software. On the other hand, CVS is very limiting: for the most part, it helps only the people who have write access to a repository. Anyone else offering changes still has to go the `diff/patch' route, relying on one of the maintainers to turn patch sets into CVS transactions.
Arch is designed to solve a number of problems that have come to plague CVS users as projects get bigger and harder to manage. The list of improvements includes:
In addition to porting arch to other platforms, there are a number of development areas that are in need of work, pitch in and lend a hand if you can. CVS will no doubt continue to be useful for a long time, but arch promises to remove some of the bottlenecks in the development of large open-source projects. Subversion. Another free versioning system that has been brought to our attention is Subversion, see this Linux Journal article for a review. Subversion is undergoing active development, the 0.8 version was released January 15, 2002. Subversion features an Apache-BSD style license. Subversions.gnu.org, however, is the name of a CVS server for the GNU project. (Thanks to Steven G. Johnson) Audio ProjectsCow C++ library does wavs. Cow is a set of C++ classes for graphing and playing audio data. The current version is cow-0.0.2. Cow is distributed with a GPL license. Ecasound 2.0.4 released. A new version of the Ecasound multi-track audio processor tool has been released. This version features bug fixes for LADSPA plugins and ALSA 0.9 and new documentation. DocumentationLDP Weekly News. The January 15, 2002 edition of the Linux Documentation Project Weekly News is available. This week features a discussion of a new, but optional Wiki style interface for editing documentation A number of new and updated documents are also listed. ElectronicsNew Icarus Verilog snapshot. The gEDA site lists a new snapshot of the Icarus Verilog electronic simulation language compiler. This is mainly a bugfix release, see the release notes for the details. Embedded SystemsDiet libc 0.13. A new release of diet libc is available. Diet libc is a small version of the C library that is designed for embedded Linux applications. Silicon Penguin updates. The Silicon Penguin embedded Linux site lists a number of new software packages in the applications, tools, libraries, drivers, graphics, and distributions sections. Embedded Linux Newsletter. The LinuxDevices.com Embedded Linux Newsletter for January 10 is out, with the usual roundup of interesting happenings from the embedded Linux community. January Embedded Linux Journal online. The January 2002 issue of the Embedded Linux Journal is now online, by way of LinuxDevices.com. Mail SoftwareMahogany 0.64 released. A new version of the Mahogany mail client is available. Version 0.64 features new IMAP and POP features. Network FrameworksOpenPKG 1.0 released. Ralf S. Engelschall has announced the release of OpenPKG 1.0. OpenPKG is a new package management system designed to allow the software on a network of heterogeneous systems to be managed as a single virtual platform. It has the potential to make life much easier for administrators of large networks. (Thanks to Giorgio Zoppi). Network ManagementFirst MaraDNS beta release. The first beta release of MaraDNS, a new DNS server written with security in mind, has been announced. Web-site DevelopmentZope Members News. The latest from the Zope Members News includes an announcement of Zope 2.5 beta4, examination of ZDataQueryKit, a look at the ZOD Zope Documentation Tool, and more. Bricolage Content-Management and Publishing System (use Perl). Bricolage is a Perl based content-management and publication system. The usePerl site comments on the new 1.2.0 version. |
January 17, 2002
|
|
Desktop DevelopmentWeb BrowsersGaleon 1.1.2 released. Version 1.1.2 of the Galeon web browser is available. This release includes bug fixes, better auto completion, gestures, better IE favicon support, and more. Desktop EnvironmentsThis week's GNOME Summary. The GNOME Summary for January 12 is out. Covered topics include new features in Nautilus, GUADEC 3 ("Everything from tree widgets presentations to talks on how to code when drinking lots of Guinness is welcome"), GNOME 2.0 status, and more. Evolution 1.0.1 Released. Version 1.0.1 of Evolution has been announced by the Ximian folks. This release resolves some minor issues with the 1.0 release and improves stability and functionality. People of KDE: Lubos Lunak. This week's People of KDE features Lubos Lunak, developer of KHotKeys. GamesWorldForge Game Project Status. The WorldForge Game Project site features a recent project status report. Progress continues in a number of areas. GUI PackagesTutorial on coding with Python and Glade. Robert Laing has put together a tutorial on programming GNOME applications using Glade and Python. Design Patterns in Qt (O'Reilly). Matthias Kalle Dalheimer, covers Design Patterns with Qt in an O'Reilly article. "Qt has the concept of signals and slots. This is a system that allows for component-based programming: Components can define signals that they emit under certain conditions and that have a defined list of parameters. Components can also define slots, which are nothing but ordinary C++ methods marked up with some preprocessor magic to be a slot." Office ApplicationsAbiWord Weekly News. A whole flood of AbiWord Weekly News editions came out this week, see issue #75, issue #76, issue #77, and issue #78 for all of the latest project status and info. The AbiWord development team is on a mission to find and fix as many bugs as they can. MiscellaneousThis week in DotGNU. This Week in DotGNU for January 12 is out with a summary of the latest developments in the DotGNU project. Among other things, the summary includes new projects to develop a DotGNU business plan and a C# application server. |
Desktop Environments GNOME GNUstep KDE XFce XFree86 Window Managers Afterstep Enlightenment FVMW2 IceWM Sawfish WindowMaker Widget Sets GTK+ Qt |
|
Programming LanguagesC++Initial gnomemm 2 release (C++ binding). The first releases of the gnomemm libgnome*mm libraries for GNOME2 have been announced. The libraries form the foundation for a GNOME2 C++ SDK. CamlCaml Weekly News for January 15, 2002. The latest Caml Weekly News is out. Topics include English translations of development docs, a packaging tool, an mlgmp bugfix release, pa_ocaml, editing mp3 tags from OCaml, and more. This week on the Caml Hump. This week's Caml Hump looks at Mp3tag, a library containing functions to read or write mp3 tags, and pa_ocaml, a modified version of the ocamllex lexer generator. HaskellGlasgow Haskell Compiler version 5.02.2. A new version of the Glasgow Haskell Compiler has been released. Version 5.02.2 features a number of memory bug fixes. GHC is released under a BSD-style license. JavaUsing and Writing Java Servlets (Linux Journal). The Linux Journal features an introductory article by Petr Sorfa on Java Servelets. " In this article, I discuss the viability of using Java programs (servlets) with a web server. A servlet is a Java application that performs a task that may generate a dynamic web page or process input from a web page form." Diagnosing Java Code: Depth-first visitors and broken dispatches (IBM developerWorks). Eric E. Allen discusses Java's depth-first visitors on IBM's developerWorks. "Allen discusses how it's possible to increase the terseness of your code through the use of depth-first visitors, a variant on the Visitor pattern." PerlCreating Custom Widgets (O'Reilly). Steve Lidie shows how to write widgets with Perl and Tk. "In this Perl/Tk article, I'll discuss balloon help, photos and widget subclassing. Help balloons can be attached to widgets, menu items, and, as we'll see here, individual canvas items." PHPPHP Weekly Summary for January 14, 2002. The January 14, 2002 PHP Weekly Summary looks at past and upcoming PHP conferences, a CORBA interface called Universe, cURL support, new extensions for SOAP and OpenGL, and more. PythonPython 2.1.2 released. Guido van Rossum has announced the release of Python 2.1.2 - a bug fix release for the Python 2.1 series. This week's Python-URL. Here's Dr. Dobb's Python-URL for January 14 with the latest from the Python development community. This week features Python 2.1.2c1, Pyreverse-0.1, XPipe, the Reptile Web Server, Python GUIs, IPy, Roundup 0.4.0b1, and more. The latest from the Daily Python-URL. This week, the Daily Python-URL features articles on Bookland, a tool that generates ISBN and ISMN bar codes, PDFMap, a utility for generating maps in PDF format, the PyTraffic game, The HAP Python remote debugger, a refactoring browser known as Bicycle Repair Man, and more. RubyThe latest from the Ruby Garden. The latest items on the Ruby Garden look at adding an fsync method to the IO class and adding Java/c++ type method overloading to Ruby. The Ruby Weekly News also covers a number of Ruby projects. Tcl/TkThis week's Tcl-URL. Dr. Dobb's Tcl-URL for January 15, 2002 is out with the usual roundup of interesting stuff from the Tcl/Tk development community. XMLWeb Services Acronyms, Demystified (O'Reilly). Pavel Kulchenko defines a bunch of Web Services acronyms in an O'Reilly article. "More than twenty acronyms related to Web services came to light during 2001, and in this article I present a quick guide to the protocols and the specifications behind them, including a description of how they relate to each other and where each sits on the Web services landscape." Working XML: Compiling XPaths (IBM developerWorks). Benoit Marchal continues his series on HC, the Java-based Handler Compiler (HC) project for SAX parsing. The HC Project is nearing its alpha release. MiscellaneousNew Open64 compiler suite release. A new release of the Open64 C, C++, and Fortran90/95 compiler suite for the IA64 architecture is available. Jext 3.1pre1 available. Version 3.1pre1 of the Jext programmer's editor is available. This release features changes to the core code, API, and GUI, as well as a few bug fixes. Section Editor: Forrest Cook |
Language Links Caml Caml Hump Tiny COBOL Erlang g95 Fortran Gnu Compiler Collection (GCC) Gnu Compiler for the Java Language (GCJ) Guile Haskell IBM Java Zone Jython Free the X3J Thirteen (Lisp) Use Perl O'Reilly's perl.com Dr. Dobbs' Perl PHP PHP Weekly Summary Daily Python-URL Python.org Python.faqts Python Eggs Ruby Ruby Garden MIT Scheme Schemers Squeak Smalltalk Why Smalltalk Tcl Developer Xchange Tcl-tk.net O'Reilly's XML.com Regular Expressions |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Commerce page. |
Linux and BusinessIDC: Linux is cheaper than Unix. Microsoft isn't the only one who can play this game: Red Hat has bought itself an IDC study showing that Linux has a "45-80% lower total cost of ownership" than Unix on RISC systems. Korea migrates 120K civil servants to Linux desktop. HancomLinux reports that the Korean government is moving almost a quarter of its workers to Linux desktop systems. By standardising on Linux and HancomOffice, the Korean government expects to make savings of 80 per cent, compared with buying Microsoft products.
Lineo spins off hardware businesses. Lineo has announced the completion of the process of spinning off all those hardware businesses it acquired in the Bubble Days. Gone are Availix, uCdimm, and SnapGear, leaving the company focussed on embedded software. Lineo has also picked up a new $3 million investment from an unspecified source. MandrakeSoft now trading in the U.S. OTC market. Here's a news flash from MandrakeSoft stating that the company's stock is now trading on the U.S. OTC market under the symbol MDKFF. A presentation to the World Bank on free software. Here is the text of a presentation by Tony Stanco to the World Bank's annual "InfoDev" meeting. "It may surprise some of you that Open Source/Free Software is not just about developing great software. It is also an international social movement that touches on the fundamental human rights of freedom and democracy." Red Hat filing 10-Q (Quarterly Report). Here is Red Hat's quarterly SEC filing for those interested in the details of how the company is doing. "During the three months ended November 30, 2001, the Company purchased 1,937,900 shares of its common stock at a total cost of $6.7 million." Linux Stock Index for January 10 to January 16, 2002.
The high for the week was 33.57 Press Releases:Open Source Products
Proprietary Products for Linux
Linux PC Hardware
Products With Linux Versions
Linux At Work
Books & Documentation
Training and Certification
Partnerships
Personnel & New Offices
Other
Section Editor: Rebecca Sobol. |
January 17, 2002
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Linux in the news page. |
Linux in the newsRecommended ReadingNorwegian authorities indict creator of DeCSS (CNN). CNN has an article on the indictment of Jon Johansen. "With the DVD CCA's failed attempt to prosecute Johansen already on the record, it remains to be seen how successful the Norwegians will be at trying the teen. Representatives for the EFF have stated that the indictment sprouts from increased pressure from Hollywood and have said that they do not believe the case will stand under the Norwegian justice system." DVD hacker Johansen indicted in Norway (Register). Here's an article in The Register about the indictment of Jon Johansen. "Despite the lawsuits, [EFF attorney Robin] Gross says that Johansen, who now works for a software company, is respected in Norway. She notes that he was awarded Norway's Karoline Prize given each year to a Norwegian student who receives top grades and makes a contribution to society. Gross says the EFF plans to coordinate protests and a letter-writing campaign similar to that which lobbied for the release of Russian programmer Dmitry Sklyarov." Bride of UCITAstein (InfoWorld). Here's an InfoWorld "Gripe Line" article about the new UCITA draft. "For certain, any of the alternative proposals would have been better than the language the committee came up with -- apparently out of thin air -- for the free software amendment. The amendment the committee approved doesn't appear to benefit much of anyone, except maybe Microsoft. Just a coincidence, I'm sure." USB 2 arrives in Linux test version (News.com). Even News.com reports on development kernel releases anymore. The article talks about the new features in 2.5.2, but misses the inconvenient problem with swapfiles not working. "Linux may have lost its allure as a get-rich-quick scheme for would-be entrepreneurs, but the largely volunteer programming community that advances the core software is still functioning." U.S. Census Bureau Reaps Awards from MySQL-based Web Sites. According to the MySQL site, the U.S. Census Bureau has been using the MySQL database as well as other open-source software to develop a number of web sites. "In fact, one of the MySQL-run sites won the prestigious Census Bureau's Director's Award for Innovation in 2001, and the Bureau's web development team, which is led by Rachael LaPorte Taylor, senior technology architect for FedStats.gov at the Census Bureau, and Lisa Nyman, senior Internet technology architect, has begun serving as informal open-source consultants to their entire organization (of over 5,000 employees)." UK fails to exploit open source (vnunet). vnunet says that the U.K. isn't using enough free software. "But key findings from in-depth interviews with 30 IT professionals, representative of a cross section of public and private organisations, identified key concerns as: uncertainty over what open source is; uncertainty over support and what the liabilities might be; lack of clear marketing positioning for products; and difficulties in identifying the right products for a given requirement" Out the Windows (US News). The US News site has an introductory article about desktop Linux which is surprisingly positive. "As it nears a settlement in a U.S. antitrust suit, the software giant seems to have crushed all formal resistance to its dominance of desktop computing. But it has a guerrilla war on its hands, fought by the small but growing band of PC users who have forsaken Microsoft. They are opting for the only alternative other than switching to Apple's Macintosh: the decade-old Linux." (Thanks to Robert K. Nelson). Ten Resolutions For Better Computing In 2002 (InformationWeek). Fred Langa has some New Year's resolutions: "I think it's time for all Windows users to have a 'Plan B' in mind: Begin exploring alternatives to Microsoft products. The free or low-cost Linux operating system is one obvious Windows alternative." (Thanks to M. Leo Cooper). We can put an end to Word attachments (NewsForge). Richard Stallman writes about Word format attachments on NewsForge. "If you think of the document you received as an isolated event, it is natural to try to cope with it on your own. But when you recognize it as an instance of a pernicious systematic practice, it calls for a different approach. Managing to read the file is treating a symptom of a chronic illness. To cure the illness, we must convince people not to send or post Word documents." (LWN has had a policy of not accepting proprietary formats since the beginning). CompaniesMS obtains Lindows subscriber info (ZDNet). Here's a fun twist in the Lindows trademark lawsuit, as covered in ZDNet. "'We feel obligated to disclose to you that we were compelled to disclose your e-mail address to Microsoft during the discovery process as well as the content of many of your messages sent to us,' wrote Lindows founder Michael Robertson in a message on the company's Web site." (Thanks to Sean E. Walton). The Lindows Alternative (IT-Director). Here's an IT-Director article about Lindows. "Since when did users pay $99 for a beta release of an Open Source product? This begs the question of how much we will have to pay for the finished article. LindowsOS is being aimed at small businesses so we must presume that the price will not go too high and that we will be able to download one copy and use it multiple times." SuSE buys off trademark extortionist (Register). The Register has a strongly-worded article on the resolution of the trademark suit against SuSE. "Because crayon is a generic term it seems implausible that SuSE would have lost the suit had it gone to court. But of course the inability to distribute its product while the case was pending would have been a preposterous price to pay for vindication." BusinessFind High Tech in the Bargain Basement (Business 2.0). Business 2.0 likes the 'free beer' aspect of open source. "Forget the zealots. Open-source software isn't ready to take over the world just yet. But it can be had for free, and in this economy, free is good." The Natural Resource View of Open Source Profit (TroubleShooting Professional). TroubleShooting Professional looks into how to make money with free software. "In fact Open Source more resembles an abundant, self renewing natural resource. Imagine it as a fast growing weed. You don't make money by selling abundant weeds -- you make money using them." ReviewsSimputer: Ultra-cheap Linux laptop (ZDNet). ZDNet has discovered the Simputer. "The Simputer will be powered by Linux, and have an easy-to-use interface comprising mainly icons and graphics on its high-resolution 240 x 320-pixel touch screen. For users who are illiterate, the device also supports text-to-speech capability and will be able to provide voice feedback in local languages, according to specifications provided by Encore Software." New European Linux PDA shows up at CeBIT (LinuxDevices). LinuxDevices.com has an article about yet another Linux PDA. "According to Adrian Steinmann of Invair, the device, called the Filewalker, was designed to be able to be operated with one hand and weighs a mere 0.2 lbs and is small but somewhat thick, at 3.4 x 2.2 x .74 in." Keeping in Sync (Byte). Byte plays with the InterMezzo filesystem. "Wouldn't it be nice if my Linux box automagically always kept in sync with my desktop or my file server whenever the LAN became visible? Guess what. As of kernel 2.4.15, doing just that has become as easy as clicking on the right box when configuring the kernel before compilation." The kernel of pain (LinuxWorld). Here's a LinuxWorld story from somebody who has not been having fun with the 2.4 kernel. "The 2.2 kernels may not handle large SMP machines as well, they may not handle large amounts of memory well (only 2 gigabytes), and they may have a practical limit of 2 gigabytes on a single file, but the 2.2. kernels don't crash or cause phone calls at 5:00 AM. Moreover, the 2.2 kernels don't make customers unhappy that they chose Linux as their server solution." (Thanks to Lance Jones). InterviewsInterview: Rik van Riel (linux.html.it). Here's an interview with kernel hacker Rik van Riel on the linux.html.it site. "With Linus out of the way, I can make a good VM. I no longer have to worry about what Linus likes or doesn't like. This is mostly important for intermediary code, where some of the 'ingredients' to a VM are in place and others aren't yet in place. Such code can look ugly or pointless if you don't have the time to look at the design for a few days, so Linus tends to remove it ... even though it is needed to continue with development." There is also a version in Italian available. Interview: Alan Cox (KernelTrap). KernelTrap has posted an interview with Alan Cox. "The 2.4-ac tree turned out very well. It was never something I set out to make a big thing but it ended up being used as the base for most 2.4 vendor released kernels. That was a big thing, not just for the code quality, but also because it showed everyone is still working together. 2.4-ac was built out of patches from many places, and I think almost every vendor, put together by someone at Red Hat and in various variant forms shipped by many other companies." Interview: Gnumeric project leader Jody Goldberg (DesktopLinux). DesktopLinux.com has an interview with Jody Goldberg, leader of the Gnumeric project. "The desktop is an evolving target, we are getting there quickly. There are already many users whose needs are met by open alternatives. That number will continue to grow. That is the beauty of open source, it can continue to improve and expand as long as people are interested in it." Interviews: Michael Meeks and Damien Sandras. The Free and Open Source Software Developers Meeting (FOSDEM) site has a couple more interviews with its speakers. The first is with Ximian hacker Michael Meeks. "Well - there are huge amounts of changes in Gnome 2.0; mostly we will be shortish on user visible changes, unless you're part of the 2/3rds of the world that couldn't read the typography before in your native language, or if you like your text right to left. Of course - there are other improvements, speedups, reduced memory usage, cleaned up and more robust libraries, a powerful accessibility framework for impaired users, the ability to use the Glib Object model in non-GUI apps etc. etc." Then, there is this discussion with Damien Sandras, author of GnomeMeeting. "I will not detail all the things that we plan to implement into GnomeMeeting because it will be part of the talk. But the most interesting things are: the ability to make 'n to n' conference calls, support for answering machines, CU30 codec support, Gnome 2.00 port, and perhaps a Windows port." A 'Speed Bump' vs. Music Copying (Business Week). Business Week interviews Edward Felten. " For someone like me -- I do computer-security research -- I now have this complicated, vague law [the DMCA] in my head all the time. Whenever I'm going to open my mouth to talk about technology, I have to think if it's safe, or do I have to call my lawyer. At the very least, it scares people away from topics that most need to be discussed." MiscellaneousFull Nelson: Postcards from the Ledge (TechWeb). TechWeb prints some of its weirder letters. "Linux is not ready for the Enterprise. There is not a single voice-controlled app for any of the mission-critical functions of the Enterprise. Conspicuously absent are warp core control, phaser bank activation, interstellar navigation, transporter operation and the all-important self-destruct sequence. Until these and thousands of other important apps are written and deployed, Linux will just be a toy in the Enterprise." Section Editor: Forrest Cook |
January 17, 2002 |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Announcements page. |
AnnouncementsResourcesTranslate.org.za supports South African Languages. Translate.org.za is working on the translation of various open-source software projects into eleven South African languages. They are currently working on Mozilla and KDE and plan on enhancing the OpenOffice suite. Eventslinux.conf.au schedule posted. The schedule for the upcoming linux.conf.au (Brisbane, February 6 to 9) has been posted. There is an interesting set of speakers from Australia and beyond; we wish we were going to be there. See also the Debian mini-conference immediately preceding the main event. GUAD3C - Call For Papers. The GNOME Gnotices site mentions a call for papers for the third annual GNOME Users and Developers European Conference 2002 in Seville, Spain from April 4- 6th, 2002. LPI exams at Linux World. The Linux Professional Institute will be holding Linux exams at the Linux World in New York City on Thursday January 31, and Friday February 1, 2002. A 50% discount will be available. aRts/KDE Video Roadmap Meeting. Join the aRts and KDE developers in an IRC discussion of the future of video and KDE. The discussion will take place on Saturday, January 26, 2002 at 21:00 GMT. The Tenth International Python Conference. The Python Refereed Paper Track listing is available for the Tenth International Python Conference on February 5 and 6, 2002 in Alexandria, Virginia. Mini developers' meetings at FOSDEM. The Free Software and Open Source Developers Meeting (Brussels, February 16 and 17) has an announcement on its web site that the event will include developers' meetings for the KDE, GNOME, PHP, Mozilla, and GNUStep projects. The return of the Ottawa Linux Symposium. Once again, the Ottawa Linux Symposium will be held in, surprisingly, Ottawa. This year, however, the event is happening a little earlier: June 26 to 29. The call for papers has just gone out for those who would like to present at the event; the submission deadline is, according to the announcement, February 30th, but we would recommend getting yours in by the 28th. Events: January 17 - March 14, 2002.
Additional events can be found in the LWN Event Calendar. Event submissions should be sent to lwn@lwn.net in a plain text format. Section Editor: Forrest Cook. |
January 17, 2002 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software AnnouncementsHere are this week's Freshmeat software announcements. Freshmeat now offers the announcements sorted in two different ways: The Alphabetical List and Sorted by license |
Our software announcements are provided courtesy of FreshMeat
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Linux History page. |
This week in Linux historySix years ago: a company called Pacific HiTech (now known as Turbolinux) hawked its latest product: the January '96 Linux Monthly CDROM. It included, among other things, a Python.org snapshot, the 1.3.45 kernel, Postgres95, and the latest Debian boot and root disks. Five years ago: Pacific HiTech released its new product: "Turbo Linux Red Hat 4.0". The "Turbo Linux" distribution has, of course, come a long way since then... Three years ago (January 21, 1999 LWN): ZDNet looked at what Pacific HiTech had in mind: Coming out in March will be Pacific HiTech's new TurboLinux Enterprise Server 3.0, bundled with numerous apps, including five licenses for the Oracle 8 database. [CEO Cliff] Miller, eyeing the higher-end corporate marketplace, is mulling over a starting price of several thousand dollars. Well, it was a nice idea... Samba 2.0 was released after a long development period. Such was the stability of that release that, three years later, much of the world is still running happily with 2.0.10 (though a 2.2 release is also available). The "Windows refund" movement got started after a couple of Linux users managed to get their money back for the (unused) Windows software that came with their new computers. Corel sold its Netwinder division to a company called Hardware Canada Computing - since renamed Rebel.com. The current development kernel was 2.2.0pre8 - one of the last steps in the path to the 2.2.0 release. Debian 2.1 ("slink") went into "deep freeze" prior to its official release - which was, of course, longer in coming than expected. TurboLinux 3.0.1 was released. It was the first version of TurboLinux to be sold as a boxed set. Two years ago (January 20, 2000 LWN): The first serious enforcement of the Linux trademark came about, in the form of a shutdown of an auction of 250 Linux domain names. These names included useful domains like "LinuxOnSteriods.com" and "ScreaminLinux.com." Alas, Linus shut down the auction and those names remain unused. Linuxcare filed for its initial public offering of stock; interested folks can read our summary of that filing. This IPO never happened, of course, due to a combination of unfriendly markets and internal troubles at Linuxcare. The development kernel release was 2.3.39. It became increasingly apparent that a 2.4.0 release was not going to happen anytime soon after Linus let in a number of major changes. Debian 2.2 ("potato") went into code freeze: "The code freeze for the next Debian release, code named "potato", has begun", says Richard Braakman, current Debian Release Manager. He expects the freeze process to take about two months. 2.2 was actually released in August... Linux-Mandrake 7.0 was released, as was Red Hat 6.1 for the Alpha architecture. The world finally found out what Transmeta was up to. Turbolinux announced the closing of a $57 million funding round. One year ago (January 18, 2001 LWN): The 'Ramen Worm' attacked Red Hat-based systems that weren't up-to-date on some security updates. Linuxcare and Turbolinux made an agreement to merge. This never happened. Lineo withdrew its intended initial public offering (IPO) of stock, which had been filed in May 2000. In another sign of the times, VA Linux Systems put out another warning that earnings would not be up to expectations. Linus was accepting only bug fix patches on the recently released 2.4 kernel. Thus some people were rather surprised to see a whole new filesystem (ReiserFS) show up in 2.4.1-pre4. Helix Code changed its name to Ximian. IBM and The National Center for Supercomputing Applications (NCSA) at University of Illinois at Urbana-Champaign, claimed to have created the worlds fastest Linux supercomputers in academia when NCSA installed two IBM Linux clusters, containing more than 600 IBM eServer xSeries systems running Red Hat Linux. Section Editor: Rebecca Sobol. |
January 17, 2002
LWN Linux Timelines |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Letters page. |
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. |
January 17, 2002 |
From: Mark J Cox <mjc@redhat.com> To: lwn@lwn.net Subject: mutt example in LWN Date: Thu, 10 Jan 2002 11:07:33 +0000 (GMT) "before sneering too hard. Linux distributors have done a good job at rushing out fixes for the remotely exploitable vulnerability in the widely-used mutt mailer. That vulnerability is, of course, a buffer overflow problem." Hiya; Although there are other examples of remotely exploitable vulnerabilities, the mutt vulnerability you cite is a bad example. In this case, according to the mailing lists, a remote attacker can cause a NULL to be written to an arbitrary space in memory. I think it's unlikely that this could be crafted to give remote access to a machine. Also, unlike the windows overflow, for the mutt vulnerability to write this NULL to arbitrary memory it requires an attacker to send a crafted mail message that is read by the root user running a vulnerable version of mutt. Given all this, it's not a particularly serious vulnerability. Good software design can stop buffer overflows altogether. Apache was desgined to have a resiliant pool-based memory management system, and in the history of Apache 1.3 there have been no vulnerabilities due to buffer overflows or that are particularly serious. See http://www.apacheweek.com/features/security-13 Cheers, Mark -- Mark Cox / Red Hat Europe / OpenSSL / Apache Software Foundation mjc@redhat.com //// T: +44 798 061 3110 //// F: +44 845 333 9533 | ||
From: Zooko <zooko@zooko.com> To: lwn@lwn.net Subject: automatically prevent buffer overflows without giving up C/C++ Date: Thu, 10 Jan 2002 06:30:08 -0800 Folks: I'm surprised you didn't mention libsafe: http://www.research.avayalabs.com/project/libsafe/ I haven't used it yet, but apparently it can be applied at program-load time to *object* code without needing access to the source code, and it prevents all buffer overflow attacks. Why isn't this standard equipment on every Linux distribution? Possibly because it is new and people don't know about it yet. Possibly because it imposes some tiny performance penalty. Regards, Zooko --- zooko.com Security and Distributed Systems Engineering --- | ||
From: Sid Boyce <sboyce@blueyonder.co.uk> To: letters@lwn.net Subject: RE: It is time to be done with buffer overflows Date: Thu, 10 Jan 2002 15:33:43 +0000 I have been using "libsafe" (supplied by Lucent technologies) since version 1, version 2 offers protection, not only against buffer overflows, but format strings. I don't know how effective libsafe is; there was a dismissive/hostile response to it from SuSE, along the lines that it did not offer comprehensive protection. In my own experience, I had one application I compiled here that just did not run and on examination of /var/log/warn, I discovered the problem was a buffer overflow, I emailed the author and it was fixed in a day by issue of an updated source release. Then there was IBM's JDK-1.3 which similarly failed and I went back to using Blackdown's Java. I wonder if the reluctance to deploy libsafe is thought to be an easier course to follow than perhaps to deliver applications that may simply not run and for the distributions to have to deal with those i.e it's easier to deal with a problem the customer hasn't seen, but that could be disastrous, than to deal with a "XYZ doesn't work here" call from many of your customers. Regards -- Sid Boyce ... hamradio G3VBV ... Cessna/Warrior Pilot Linux only shop | ||
From: "John D. Hardin" <jhardin@impsec.org> To: lwn@lwn.net Subject: Re: 1/10/02 Front Date: Wed, 9 Jan 2002 21:44:55 -0800 (PST) "It is time to be done with buffer overflows." Surely you've heard of Immunix and the StackGuard compiler? While not a cure for buffer overflows, it makes their existence less of a critical problem during the time the code is undergoing security audit. -- John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/ jhardin@impsec.org pgpk -a jhardin@wolfenet.com 768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 | ||
From: bryanh@giraffe-data.com (Bryan Henderson) To: letters@lwn.net Subject: buffer overruns - helpful tool Date: Thu, 10 Jan 2002 14:36:18 -0800 Your editorial last week talks about the annoyance of buffer overruns prevalent on Linux systems, and how the heavy use of C makes them common. Indeed, programming to avoid buffer overruns in C is monotonous, and I really don't blame anyone for ignoring that possibility in a large work of free software. Until it is practical to do all code in high level languages, though, I have a suggestion to avoid buffer overruns in C: asprintf(). asprintf() is a surprisingly little-used GNU C library routine. It's special to the GNU library, so you can use it only in Linux-only code. But if you can limit yourself to Linux, asprintf() makes C programming almost as easy as in a string language, and saves you from having to think about buffer overruns. asprintf() is just like sprintf(), except that it allocates the space for the result string. So your buffer is never too small. The only thing you have to do, reminding yourself that you'd still rather be using a high level language, is free the memory after you use the string. (The next best thing, for code that must run without the benefit of the GNU C library, is the now prevalent feature of snprintf() where it tells you how much space your result _would have_ required when it doesn't fit in the space you provided. You can use that to do a separate malloc() and make your own asprintf().) Also, make liberal use of macros like this: #define STRSCPY(A,B) \ (strncpy((A), (B), sizeof(A)), *((A)+sizeof(A)-1) = '\0') This makes it painless to copy a string from B to A without any possibility of overrunning your A array. -- Bryan Henderson Phone 408-621-2000 San Jose, California | ||
From: Andrzej Kukula <akukula@min.pl> To: letters@lwn.net Subject: Buffer overflows Date: Fri, 11 Jan 2002 12:57:45 +0100 There are at least one good technique of writing code that doesn't contain any buffer overflows. You may see it in qmail server and other programs written by prof. Daniel Bernstein (http://cr.yp.to). It's based on very simple yet powerful string library called "stralloc", and requires very high coding discipline. Let me remind that since the first qmail release in 1996, no-one found any buffer overflow in it, despite the fact that there was a money prize (see http://cr.yp.to/qmail/guarantee.html). There's also very secure DNS server from prof. Bernstein, "tinydns", which is also based on this library. The library has many advantages: - strings are binary - this means that there may be \0s in the middle, - string length is limited only by memory, - library is mature - contains complete orthogonal set of functions for string manipulation, - library is portable across UN*X. Download qmail and see examples of good engineering! I can hardly imagine programmers rewriting their apps to use "stralloc", I just want to say that the stralloc library, together with other libraries from prof. Bernstein, is a very good foundation to write error-free programs. Regards, Andrzej Kukula | ||
From: Lars Wirzenius <liw@iki.fi> To: letters@lwn.net Subject: Buffer overflows in C Date: 11 Jan 2002 17:33:41 +0200 You will probably get a pile of letters suggesting this, but just in case you don't: Buffer overflows are, indeed, a common problem with C programs. It is just too darn easy to mismanage memory allocation when doing string processing in C. If switching to a more highlevel language is not an option, one can still improve things while staying with C. The key is to avoid using raw C character arrays (whether allocated statically or dynamically) directly, and instead use an abstraction layer. A simple one is implemented in the Glib library; see http://developer.gnome.org/doc/API/glib/glib-strings.html for a description. Glib also includes some functions to help deal with normal C strings but hide many allocation details in functions; see http://developer.gnome.org/doc/API/glib/glib-string-utility-functions.html. Using either of these should help reduce buffer overflows a bit. I wrote a somewhat more ambitious abstraction for the Kannel project; see http://liw.iki.fi/liw/octstr.txt for one version of the interface. The trouble with this approach was that pretty much everything related to string processing had to be re-implemented, since none of the standard libraries would deal with my abstraction. (Actually, we gave up and implemented a way to access the raw C character array within the abstraction to be able to use certain parts of the standard library.) It is my opinion that even using a limited and incomplete abstraction, such as any of the above, will help reduce buffer overflows tremendously. In fact, they even make programming easier and more fun, since you don't have to worry about minute details of memory allocation every time you process a string. (Myself, I prefer to use a higher level language when possible, but the huge numbers of tools that will work with C, but not with, say, Python, does not always make this practical.) -- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty not safety." -- Benjamin Franklin, 1759 | ||
From: Miles Elam <withheld on request> To: letters@lwn.net Subject: Modern C++ doesn't have the same problems Date: Fri, 11 Jan 2002 15:07:08 -0800 While legacy C++ may have had as hard of a time fighting the dreaded buffer overflow as the language upon which it was originally based, modern C++ implementations have done much to help the programmer avoid such oversights. Case in point, if you see the following in C++ char *foo; foo = (char*)malloc(12); strcpy( foo, "Hello" ); strcat( foo, " World" ); int length = strlen( foo ); free( foo ); or such relics from C as strcmp, realloc, qsort, etc. then you will eventually have problems. In modern, standard C++ you will more likely see the following std::string foo; // foo.reserve( 12 ); // Optional if you want to avoid memory reallocation and keep up with the C version foo = "Hello"; foo += " World"; int length = foo.size(); And if you were to compile these, you would find little measurable difference (if any) in code size or speed. Go ahead! I dare you! And note that if the former were reading a user-generated string, a buffer overflow exploit is quite likely without extra runtime checks and overhead. The C++ version has no similar problem, and you don't have to explicitly bother with the heap, dynamic memory allocation, and the dreaded memory leak when deallocating memory. All of the speed and (almost) none of the headaches. Standard C++ was ratified in 1998. Lumping C and C++ together is as outdated and wrongheaded as saying Linux has no support whatsoever for USB devices. After all, it was true in 1998, and there are still plenty of installations out there that still don't support USB. I hate to be a language bigot, and I truly believe that C, Java, C++, Perl, Python, et al have their own niche and their own set of strengths and weaknesses. But the longer the belief that C++ is C with extra unnecessary complexity is allowed to stand, the longer die-hard C programmers who refuse to use something "slower" will avoid it and its protection against the buffer overflow attack. A good article on this topic is Bjarne Stroustrup's "Learning Standard C++ as a New Language" (http://www.research.att.com/~bs/new_learning.pdf) As a counterargument against the "just be more careful in C," being careful all of the time is not realistic. How many times have we accidentally dropped a plate while doing the dishes or locked ourselves out of the car or house? People are fallable and therefore, so is the software created by people. C++ is a logical "other language" for people to move toward if they already know C. It follows a closer programming model than a language like Java with its JVM and fundamentally different focus. Don't criticize C++ too unfairly. And while I'm here, I'd like to mention that all copies of "Practical C++ Programming" published by O'Reilly should be used for kindling. It's about time they came out with a new edition. Too many people buy that book on the good name of the publisher only to be forever turned off the language for the worst reasons. - Miles Elam | ||
From: "Dan Maas" <dmaas@dcine.com> To: <letters@lwn.net> Subject: Buffer overflows Date: Sat, 12 Jan 2002 19:50:31 -0500 "...anybody contemplating a new development should think long and hard about using an implementation language that is inherently resistant to buffer overflows. Many such languages exist (consider Python, Perl, Ruby, Java, etc.)..." One must keep in mind that while these languages are indeed resistant to buffer overflows, this very feature makes them vulnerable to memory-exhaustion denial-of-service attacks. (since the language runtime presumably allocates additional memory when strings need to grow longer). e.g. a C programmer might write: char *a, *b, c[100]; sprintf(c, "%s%s", a, b); /* potential overflow! */ while a Python programmer might write: c = a + b # no chance of overflow, but allocation of space for c could fail if a and b are large and memory is exhausted In other words, no language runtime can automatically eliminate the class of bugs that results from trusting input too much. The programmer cannot avoid spending time and effort to ensure that the code handles malicious input gracefully (e.g. by using snprintf() in C, or wrapping the Python statement in a 'try' block to catch memory exceptions). Regards, Dan | ||
From: Adam C Powell IV <hazelsct@mit.edu> To: letters@lwn.net Subject: Buffer overflows and hardware/software diversity Date: Tue, 15 Jan 2002 12:39:35 -0500 To the editor: Thank you for your excellent editorial on buffer overflows (1/10/02 main page), in which you rightly decry the unfortunately common buffer overflow problems in both open and proprietary software. You offer as solutions thorough auditing of code and more widespread use of languages which do not suffer from this problem (though these alternative languages are only as secure as their implementations). I do not know the details, but from what I have heard certain kernel modifications such as can be found in NSA SELinux can offer additional protection. I would like to offer one more solution which we in the Free Software community (and Linux in particular) are in a unique position to use: security by platform diversity. When a buffer overflow problem is reported, the first exploits are (almost) always written for i386 and compatibles. Those of us who run Linux on PowerPC, Alpha, Sparc, ARM and other platforms are thus inherently immune to takeover via those particular exploits. And though it is possible for an attacker to write other exploits for these alternative platforms, it is certainly not easy to do so. Debian in particular shines as a cross-platform distribution: potato was released for six platforms, and there are eleven platforms with at least 7000 packages in woody (Alpha, ARM, HPPA, IA-32, IA-64, M68k, MIPS, MIPSel, PowerPC, S/390, Sparc, with over 5000 packages for Hitachi SuperH in unstable). Having watched the demise of the once-mighty but closed-source Amiga, having seen Apple declare obsolescence of generation after generation of old Mac hardware, and Microsoft abandon platform upon platform for (planned) Windows NT support, having heard Sun's recent announcement of the end of Solaris/x86, I can quite confidently state than nowhere in the proprietary world will there ever be anything close to the level of platform diversity that we have in our community. The classic cycle of "closed-source -> not maintained -> abandoned -> insecure -> dead" simply does not exist in our world: as long as there are user/developers on a given platform, it will survive and even thrive with thousands of software upgrades and new releases every year. There are of course limitations to security by hardware diversity. One is that running, say, wu-ftpd on ARM protects the machine from hostile takeover using a wu-ftpd i386 buffer overflow exploit, but does not protect it from a server crash or other DoS use of the exploit. Another is that it may not be easy to translate an exploit to a different processor architecture, but for a good assembly coder, it's not *that* hard either, once the exploit is known. So this could in a way be considered a form of "security by obscurity" which buys hours' or days' worth of time (cf. your piece a few months ago on potential lightning worms which propagate across the entire 'net in 15 minutes) but does not *guarantee* protection. Software diversity, on the other hand, does provide such a guarantee against these weaknesses. For example, whereas Microsoft ships just one (notoriously insecure) http server, Debian has *nine* in unstable, along with multiple ftpds and two sshds, and the default mail transport agent is *not* sendmail. In addition to Linux, Debian has Hurd in an advanced state, and even experimental FreeBSD, Darwin/MacOSX, and (shudder) Win32 ports in the works for kernel diversity. Viewed in this light, the GNOME/KDE/GNUStep etc. diversity gives more strength to our community than just the competitive stimulus which they provide -- not to mention Netscape4/Mozilla/Konqueror/Galeon, KMail/Evolution/NSMail/Mutt/Balsa, etc. All of this diversity makes life very difficult for even a truly gifted cracker who wants to bring down the free software community, and reduces to highly improbable your prediction that the Linux community will suffer a catastrophic security problem in 2002 on the scale of those which afflicted Microsoft in 2001 (and 2000 and 1999 and...). So diversity of hardware can offer protection from hostile takeover via buffer overflows, at least for a time. Software diversity does even better, by limiting the machines (or users within a machine) which can be compromised to those which run the vulnerable implementation of a given service. In this light, the monocultures of Microsoft and even Apple and Sun make those companies treacherously vulnerable to catastrophic consequences of buffer overflows, as we have seen. On a smaller scale, this calls into question RedHat's decision to no longer provide a "complete operating system" for Alpha, and Rebel.com's switch from ARM to i386-compatible Crusoe in the Netwinder firewall/server product line. It is unfortunate that many of the architecture ports exist mainly to service legacy machines: with even Alpha and in some ways IA-32 scheduled for phaseout, only IA-64, PowerPC, Sparc, S/390 and perhaps ARM and SuperH remain under active development. Then again, nowhere outside the Free Software community is any software maker positioned to take advantage of even half of this wonderful plethora of hardware, and even legacy hardware platforms will remain quite capable of meeting security-sensitive server and router/firewall needs for a great many users for the indefinite future -- but only if they run Free Software! -- -Adam P. GPG fingerprint: D54D 1AEE B11C CE9B A02B C5DD 526F 01E8 564E E4B6 Welcome to the best software in the world today cafe! <http://lyre.mit.edu/%7Epowell/The_Best_Stuff_In_The_World_Today_Cafe.ogg> | ||