More File Integrity, More PHP Security, More Binary Compatibility, and Cheap IP Takeoverby chromatic
Linux Newsletter for 04/07/2003
Hello, and welcome to the latest installment in the continuing saga of the Linux newsletter. This week, we've published several good articles for your perusal.
First off, Dru Lavigne concludes her look at file integrity utilities in File Integrity and Anti-DDoS Utilities. Though
tripwire is well worth investigating, other solutions include
yafic. If you'd like to know when things change on your system, perhaps without your prior knowledge, here's how.
As promised, Clancy Malcom's Ten Security Checks for PHP, Part 2 has been published. As with part one, he explains five types of vulnerabilities that can occur and how to fix them. (John Coggeshall will go into more depth on these issues in upcoming PHP Foundations columns.)
Emmanuel Dreyfus returns with the penultimate article in his IRIX Binary Compatibility series. This week, he takes a look at several secret features related to share groups. Along the way, he explains far more about the NetBSD virtual memory subsystem than he intended. Read more in IRIX Binary Compatibility, Part 6. (Emmanuel will likely explore Mac OS X binary compatibility next.)
To subscribe to the Linux newsletter (or any O'Reilly Network newsletters), visit https://epoch.oreilly.com/account/default.orm and select the newsletters you wish to receive in your user profile (you'll need to log in with your existing O'Reilly Network account -- if you don't yet have an account, you'll need to create one).
To change your newsletter subscription options, please visit https://epoch.oreilly.com/account/default.orm and click the"Manage My Newsletters" link. For assistance, send email to
Finally, Rob Flickenger, author of "Linux Server Hacks," demonstrates a very simple, easy way to monitor the health of a server and stand in for it on failover. If you're running round-robin DNS with several servers, you might use the hacks in Cheap IP Takeover to ensure that service goes uninterrupted.
In the months leading up to OSCON, we're focusing on interesting stories from tutorial and session speakers. This week's speaker is Autrijus Tang, on Cross-Platform Packaging and Development with PAR. PAR is an amazing tool for distributing and deploying Perl applications. In Autrijus' own words:
The result is a package that deals with three of the most common needs of Perl programmers--determining the dependency tree needed for some code to run; deploying cross-platform compiled libraries; and shipping binary versions of their scripts without Perl being present on the target system.
Next week, we'll examine upgrading NetBSD; using Python with Apache; and separating logic from content in PHP.
ONLamp.com and Linux DevCenter Top Five Articles Last Week
Cheap IP Takeover
Rob Flickenger offers a scheme for monitoring the health of a server that lets another server take it over if it fails, using ping, bash, and a simple network utility. Just another sample of the hacks you'll find in Rob's hot-selling O'Reilly book, Linux Server Hacks.
What's New in Python 2.3?
Will the forthcoming Python 2.3 invalidate what you learn from O'Reilly's recently released Python in a Nutshell? Is it worth upgrading to 2.3, or should you stick to 2.2 as long as possible? This article, by Alex Martelli, the author of Python in a Nutshell, answers these questions with a look at the changes and improvements in the new version, including reviews of the new modules 2.3 has to offer.
Building an Address Book with OpenLDAP
LDAP's most sensible example is, perhaps, managing contacts throughout a company. There aren't many good examples of this, however. Dustin Puryear wants to change that. In this article, he demonstrates how to build and populate a company-wide LDAP address book.
Ten Security Checks for PHP, Part 2
The same global access that makes web apps useful means that you have to keep on top of security. Though it's easy to create sites in PHP, it's not immune to sloppy coding. Clancy Malcolm explains how to recognize and fix five potential security holes with PHP in the second of two articles.
Checking System Integrity with tripwire
In a secure system, everything has its place. If something's out of place, you'll know it. Dru Lavigne explains how tripwire, the file integrity utility, can monitor your system for anomalies.
Return to the list of Linux Newsletters.
Return to the Linux DevCenter.