Linux

Linux Kernel Git Repositories Add 2-Factor Authentication (Linux.com)

Linux Weekly News - k, 2014-08-19 19:47
Linux.com takes a look at using 2-factor authentication for commit access to kernel git repositories. "Having the technology available is one thing, but how to incorporate it into the kernel development process -- in a way that doesn't make developers' lives painful and unbearable? When we asked them, it became abundantly clear that nobody wanted to type in 6-digit codes every time they needed to do a git remote operation. Where do you draw the line between security and usability in this case? We looked at the options available in gitolite, the git repository management solution used at kernel.org, and found a way that allowed us to trigger additional checks only when someone performed a write operation, such as "git push." Since we already knew the username and the remote IP address of the developer attempting to perform a write operation, we put together a verification tool that allowed developers to temporarily whitelist their IP addresses using their 2-factor authentication token."
Kategóriák: Linux

The New Features Of The Linux 3.17 Kernel

LinuxToday - k, 2014-08-19 19:45
Kategóriák: Linux

PHP 5.3 Hits End-of-Life

LinuxToday - k, 2014-08-19 18:45
Kategóriák: Linux

Security advisories for Tuesday

Linux Weekly News - k, 2014-08-19 17:16

CentOS has updated nss-util (C7: incorrect wildcard certificate handling), nss-softokn (C7: incorrect wildcard certificate handling), and nss (C7: incorrect wildcard certificate handling).

Fedora has updated kernel (F19: multiple vulnerabilities) and samba (F19: remote code execution/privilege escalation).

Oracle has updated nss, nss-util, nss-softokn (OL7: incorrect wildcard certificate handling).

Red Hat has updated qemu-kvm (RHEL6: multiple vulnerabilities).

Scientific Linux has updated qemu-kvm (SL6: multiple vulnerabilities).

SUSE has updated flash-player (SLED11 SP3: multiple vulnerabilities).

Ubuntu has updated openssl (10.04 LTS: regression in previous update).

Kategóriák: Linux

Coghlan: Why Python 4.0 won't be like Python 3.0

Linux Weekly News - k, 2014-08-19 16:47
Python core developer Nick Coghlan seeks to dispel worries that an eventual Python 4.0 release will be as disruptive as 3.0 was. "Why mention this point? Because this switch to 'Unicode by default' is the most disruptive of the backwards incompatible changes in Python 3 and unlike the others (which were more language specific), it is one small part of a much larger industry wide change in how text data is represented and manipulated. With the language specific issues cleared out by the Python 3 transition, a much higher barrier to entry for new language features compared to the early days of Python and no other industry wide migrations on the scale of switching from 'binary data with an encoding' to Unicode for text modelling currently in progress, I can't see any kind of change coming up that would require a Python 3 style backwards compatibility break and parallel support period."
Kategóriák: Linux

An md/raid6 data corruption bug

Linux Weekly News - k, 2014-08-19 16:15
Neil Brown, the MD maintainer, has sent out an alert for a bug which, in fairly abnormal conditions, can lead to data loss on an MD-hosted RAID6 array. "There is no risk to an optimal array or a singly-degraded array. There is also no risk on a doubly-degraded array which is not recovering a device or is not receiving write requests." RAID6 users will likely want to apply the patch, though, which is likely to show up in the next stable kernel update from distributors.
Kategóriák: Linux

The Time to Recommend Linux & FOSS Is Now

LinuxToday - k, 2014-08-19 15:45
Kategóriák: Linux

OpenMandriva Lx: Not the KDE You Knew

LinuxToday - k, 2014-08-19 13:45
Kategóriák: Linux

Linux 3.17 rc1

LinuxToday - k, 2014-08-19 03:45
Kategóriák: Linux

Build Gentoo tutorial

LinuxToday - k, 2014-08-19 03:45
Kategóriák: Linux