Security Alerts, Your Own Subversion Client, Twisted Python, and Exult-imaby chromatic
Linux Newsletter for 04/28/2003
Good evening (-0700 GMT) and welcome to another Linux newsletter. We're continuing our exploration of the best, brightest, and most unique corners of the Linux and open source development worlds.
As is his bi-weekly wont, Noel Davis brings us another Security Alerts column. This week's remote vulnerabilities include
Xinetd, Oracle Application Server 11 and 11i,
and Ximian Evolution. Don't wait, check now!
New author Garrett Rooney takes some time out from hacking Perl and Subversion to bring you Using the Subversion Client API, Part 1. One of the nicest features of the Subversion project's design is that it's easy to link to the client library in your application. That's right, you can have modern, powerful versioning for nearly free. This first of two articles explains the basics. (Your editor has been playing with a Perl bindings for Subversion and it's fairly easy.)
Stephen Figgins, the always-clever Python columnist, spent some time with the Twisted developers at PyCon last month. He's written up his thoughts on the framework in Twisted Python and he has some interesting plans for further articles on the subject.
To subscribe to the Linux newsletter (or any O'Reilly Network newsletters), visit https://epoch.oreilly.com/account/default.orm and select the newsletters you wish to receive in your user profile (you'll need to log in with your existing O'Reilly Network account -- if you don't yet have an account, you'll need to create one).
To change your newsletter subscription options, please visit https://epoch.oreilly.com/account/default.orm and click the"Manage My Newsletters" link. For assistance, send email to
Howard Wen continues his exploration of the new, old, and interesting in Linux gaming by profiling the Exult project. Ultima 7 is widely regarded as a watershed event in computer RPGs (your editor confesses a fascination with the venerable Wasteland, however). U7--and its sequel, Serpent Isle--are no longer lost to the past. Armed with the original game data files, Exult lets you enjoy U7 on several common operating systems. Read more in Exult: The Open Age of Ultima.
This week also saw the second excerpt from the third edition of Practical Unix & Internet Security. This week, a snippet from Chapter 16 gives Tips on Writing Network Programs. As with last week, the best security guideline is "think twice, code once."
It's long been popular to add scripting capabilities to large software packages, but software has a way of expanding way beyond its authors' original intentions. Language design is hard, and very few embedded languages have the power and flexibility to grow with their users.
What's really interesting is the merger of a proprietary package (Oracle) with an open source package (Perl) to solve a problem. Thanks to Horwitz, it's now possible to bring the full power of Perl--and CPAN--to bear on stored procedures.
I hope projects like Parrot will make it easy to embed a fast, flexible interpreter with support for mature, capable languages. Let one thousand domain-specific languages bloom, but let them first start from good foundations.
Until next week,
ONLamp.com and Linux DevCenter Top Five Articles Last Week
Secure Programming Techniques
In this first installment in a multipart series of excerpts from Practical Unix & Internet Security, 3rd Edition, you'll find tips and general design principles to code by that will help you avoid security-related bugs. And check back to this space over the next few week for additional tips, all selected from Chapter 16 on "Secure Programming Techniques."
Soldiers Renege on Hackers
O'Reilly author and UNIX old-timer Ian Darwin comments on DARPA cutting funding to the OpenBSD project.
A Primer on Python Metaclass Programming
Classes and objects are simple, right? Once you really get it, isn't that all there is? Well, no--there's a whole class of advanced object-oriented techniques to make your code simpler, stronger, and more elegant. This week, David Mertz explains metaclasses--the building blocks of classes. Though the examples are in Python, the ideas translate to many other languages.
The Dynamic Duo of PEAR::DB and Smarty
It can be difficult to separate business logic and formatting in PHP. There are several good templating solutions, though, including the popular and powerful Smarty. Joao Prado Maia demonstrates how to use Smarty with a database back end through the PEAR::DB library.
Noel Davis looks at buffer overflows in Snort and SheerDNS, and problems in Xinetdvixie-cron, Oracle E-Business Suite FNDFS, xfsdump, Ximian Evolution, GtkHTML, kdegraphics, and psbanner.
Return to the list of Linux Newsletters.
Return to the Linux DevCenter.