oreilly.comSafari Books Online.Conferences.


Kernel Vulnerabilities, Text Chat, Custom Error Pages, and Chroot Magic

by chromatic
Linux Newsletter for 02/18/2003

Welcome to a President's Day-delayed version of the Linux newsletter. (For those of you not in the United States, that means "Three-Day Weekend".) Here's a recap of ONLamp and Linux articles this past week.

First up, Noel Davis has another Security Alerts column. This time, there's a potential filesystem corruption bug in Linux kernels 2.4.10 through 2.4.18. (On the other hand, it looks like there may be a 2.4.21 soon.) Other vulnerabilities cover Kerberos, Spam Assassin, and Window Maker.

Relative newcomer Robert Bernier is taking a trip through some of the forgotten areas of sysadmin lore. Rather than submit to monolithic, all-in-one packages, he wants to solve problems in a Unixy fashion. His first attempt is Secure Chat with YTalk and SSH. (An astute reader points out that there's still quite a bit of trust going on. Good to remember.)

Speaking of trust (and reusing a segue from last week), the perpetually smart Emmanuel Dreyfus returns with the second half of his article on chrooting ntpd. This week, he explains the magic NetBSD added to libc to make this possible. Not everyone thinks this approach is the right one, but there are a lot of advantages to this idea. What did the NetBSD team decide? Read and find out.

Part of the fun of programming is making Easter Eggs. What better place than in an error message? While your editor would never suggest venting your frustration by calling users unpleasant names, he does like creativity. David Sklar, "PHP Cookbook" coauthor, offers Custom Error Pages with PHP and Apache, a guide to handling missing pages graciously--or at least, with wit. (Your author suggests haiku.)

To subscribe to the Linux newsletter (or any O'Reilly Network newsletters), visit and select the newsletters you wish to receive in your user profile (you'll need to log in with your existing O'Reilly Network account -- if you don't yet have an account, you'll need to create one).

To change your newsletter subscription options, please visit and click the"Manage My Newsletters" link. For assistance, send email to

The next two weeks are already starting to take shape. In particular, look for a FreeSCI developer interview, an analysis of Linux and Wall Street, and a look at SimPy. (You might also find Tim O'Reilly's latest weblog thought-provoking: The Human Face of Microsoft, in which he argues that getting to know thoughtful, intelligent, and decent human beings makes it harder to demonize their organization.)

By the way, did you know we have daily recipes for MySQL, PHP, and Python now? They're linked from the MySQL Articles page, the PHP Dev Center, and the Python Dev Center. Enjoy!

Until next Monday,

Technical Editor
O'Reilly Network and Linux DevCenter Top Five Articles Last Week

  1. Linux Kernel Problems
    Noel Davis looks at problems in the Linux kernel, Kerberos, dchp3, the Blade encoder, WebSphere Advanced Server, SpamAssasin, OpenBSD's chpass, Red Hat Linux 8.0's kernel-utils package, w3m, Window Maker, and HPUX's wall.

  2. Creating Your Own CA
    Rob Flickenger, author of O'Reilly's recently released Linux Server Hacks, shows you how to establish your own SSL Certificate Authority using OpenSSL and a utility called

  3. One-Time Passwords
    You've replaced telnet with ssh. You've instituted password- checking utilities, and you rotate passwords monthly. Still feeling paranoid? Dru Lavigne's got the answer -- one time passwords. This alternate authentication method for FreeBSD means your security won't be jeopardized even if someone sniffs your password.

  4. Custom Error Pages with PHP and Apache
    Turn your "Page Not Found", or "404" messages into more than just bland error reports. Serve an alternate page based on the name of the page that was not found, create a page on the fly from a database, or send an email about the not-found page to a webmaster. David Sklar, coauthor of PHP Cookbook, shows you how, using PHP and Apache.

  5. Speeding up Linux Using hdparm
    Instantly double the I/O performance of your disks or, in some cases, show 6 to 10 times your existing throughput!

Return to the list of Linux Newsletters.

Return to the Linux DevCenter.

Linux Online Certification

Linux/Unix System Administration Certificate Series
Linux/Unix System Administration Certificate Series — This course series targets both beginning and intermediate Linux/Unix users who want to acquire advanced system administration skills, and to back those skills up with a Certificate from the University of Illinois Office of Continuing Education.

Enroll today!

Linux Resources
  • Linux Online
  • The Linux FAQ
  • Linux Kernel Archives
  • Kernel Traffic

  • Sponsored by: