Mirror Mirror On The Wall

[$] Implementing fully immutable files

Fri Apr 19 14:57:00 2019
lwn.net

Like all Unix-like systems, Linux implements the traditional protection bits controlling who can access files in a filesystem (and what access they have). Fewer users, perhaps, are aware of a set of additional permission bits hidden away behind the chattr and lsattr commands. Among other things, these bits can make a file append-only, mark a file to be excluded from backups, cause a file's data to be automatically overwritten on deletion, or make a file immutable. The implementation of many of these features is incomplete at best, so perhaps it's not surprising that immutable files can still be changed in certain limited circumstances. Darrick Wong has posted a patch set changing this behavior, implementing a user-visible behavioral change that he describes as "an extraordinary way to destroy everything".

#categories

Security updates for Friday

Fri Apr 19 12:45:00 2019
lwn.net

Security updates have been issued by Fedora (atomic-reactor and osbs-client), openSUSE (libqt5-qtbase, lxc, tar, wget, and xmltooling), Scientific Linux (java-1.8.0-openjdk and java-11-openjdk), SUSE (php5), and Ubuntu (znc).

#categories

docbook2mdoc-1.0.0 released

Fri Apr 19 10:15:00 2019
undeadly.org

After doing active development on it for about a month, i just released version 1.0.0 of the DocBook to mdoc converter, docbook2mdoc(1). The OpenBSD port was updated, too. In a nutshell, docbook2mdoc was brought from experimental status to an early release that can be considered mostly usable for production, though no doubt there are still many rough edges. That's why i called it 1.0.0 and not 1.1.1.

Read more…

#categories

[$] Tracking pages from get_user_pages()

Thu Apr 18 16:01:00 2019
lwn.net

As has been recently discussed here, developers for the filesystem and memory-management subsystems have been grappling for years with the problems posed by the get_user_pages() mechanism. This function maps memory into the kernel's address space for direct access by the kernel or peripheral devices, but that kind of access can create confusion in the filesystem layers, which may not be expecting that memory to be written to at any given time. A new patch set from Jérôme Glisse tries to chip away at a piece of the problem, but a complete solution is not yet in view.

#categories

Ubuntu 19.04 (Disco Dingo) released

Thu Apr 18 13:34:00 2019
lwn.net

Ubuntu 19.04, code named "Disco Dingo", has been released, along with the following flavors: Ubuntu Budgie, Kubuntu, Lubuntu, Ubuntu Kylin, Ubuntu MATE, Ubuntu Studio, and Xubuntu. "The Ubuntu kernel has been updated to the 5.0 based Linux kernel, our default toolchain has moved to gcc 8.3 with glibc 2.29, and we've also updated to openssl 1.1.1b and gnutls 3.6.5 with TLS1.3 support. Ubuntu Desktop 19.04 introduces GNOME 3.32 with increased performance, smoother startup animations, quicker icon load times and reduced CPU+GPU load. Fractional scaling for HiDPI screens is now available in Xorg and Wayland. Ubuntu Server 19.04 integrates recent innovations from key open infrastructure projects like OpenStack Stein, Kubernetes, and Ceph with advanced life-cycle management for multi-cloud and on-prem operations, from bare metal, VMware and OpenStack to every major public cloud." More information can be found in the release notes.

#categories

OpenSSH 8.0 released

Thu Apr 18 13:11:00 2019
lwn.net

OpenSSH 8.0 has been released with a bunch new features and some bug fixes, including one for a security problem: "This release contains mitigation for a weakness in the scp(1) tool and protocol (CVE-2019-6111): when copying files from a remote system to a local directory, scp(1) did not verify that the filenames that the server sent matched those requested by the client. This could allow a hostile server to create or clobber unexpected local files with attacker-controlled content. This release adds client-side checking that the filenames sent from the server match the command-line request, The scp protocol is outdated, inflexible and not readily fixed. We recommend the use of more modern protocols like sftp and rsync for file transfer instead."

#categories

Security updates for Thursday

Thu Apr 18 12:58:00 2019
lwn.net

Security updates have been issued by CentOS (polkit), Gentoo (dovecot, libseccomp, and patch), openSUSE (aubio, blktrace, flac, lxc, lxcfs, pspp, SDL, sqlite3, and xen), Red Hat (java-1.8.0-openjdk, java-11-openjdk, and rh-maven35-jackson-databind), Scientific Linux (java-1.8.0-openjdk), Slackware (libpng), SUSE (python, python3, sqlite3, and xerces-c), and Ubuntu (ntfs-3g).

#categories

[$] Business models and open source

Wed Apr 17 19:02:00 2019
lwn.net

One of the more lively sessions that was held at the 2019 Legal and Licensing Workshop (LLW) was Heather Meeker's talk on open-source business models and alternative licensing. As a lawyer in private practice, Meeker worked on a number of the alternative licenses that were drafted and presented over the last year or so. But she is also part of a venture capital (VC) firm that is exclusively investing in companies focused on open source, so she has experience in thinking about what kinds of models actually work for those types of businesses.

#categories

<<<