Adventures, Self-Signing, Passwords, and Permissionsby chromatic
Linux Newsletter for 02/10/2003
It's Monday again, and that means another Linux newsletter. (Strangely enough, it means your fearless editor wants another weekend--expect a report from Dan Sugalski on last week's Perl 6 design meeting.)
Howard Wen's had a fit of nostalgia lately. Sure, he's enjoying a plum assignment to seek out all that's new and interesting in Linux gaming, but this week, it's back to the past. Remember the golden age of adventure games? Two companies come to mind: Sierra On-Line and LucasArts. A project called FreeSCI is making it possible to run the old Sierra games on modern machines. Read more in FreeSCI: Rebuilding Sierra's Classic Quests. (Watch for an interview with FreeSCI developers soon.)
Dru Lavigne's always chasing down something interesting. This time, her latest column dares you to post your latest password in our Talkback section. Is she crazy, or just confident that One-Time Passwords have their advantages? You decide.
Speaking of trust, SSL is pretty important if you're doing trustworthy things over the Internet. Of course, going through the hassle of proving yourself to a public Certificate Authority can be annoying. Fortunately, OpenSSL gives you the means to create your own certificate. As he writes about in his new O'Reilly book, Linux Server Hacks, Rob Flickenger demonstrates Creating Your Own CA. (At the risk of sounding biased, this is a fantastic book.)
PHP folks rejoice, John Coggeshall is still around and kicking. This week, he explores Unix File Permissions. Just because you can create a file or directory in PHP doesn't mean your program knows what to do with it--or that other people can't do bad things with it. The Unix permission scheme is simple, once you get to know it.
To subscribe to the Linux newsletter (or any O'Reilly Network newsletters), visit https://epoch.oreilly.com/account/default.orm and select the newsletters you wish to receive in your user profile (you'll need to log in with your existing O'Reilly Network account -- if you don't yet have an account, you'll need to create one).
To change your newsletter subscription options, please visit https://epoch.oreilly.com/account/default.orm and click the"Manage My Newsletters" link. For assistance, send email to
It'd be difficult to get through the day without pushing OSCON 2003 proposals again. Your naive and trusting editor has agreed to referee some PostgreSQL talks, so brainstorm, write, and submit proposals! Rest assured that, since the deadline is this Saturday, next week's newsletter will beg, plead, and cajole you to do something entirely different! Look forward to it!
All the best,
ONLamp.com and Linux DevCenter Top Five Articles Last Week
FreeSCI: Rebuilding Sierra's Classic Quests
Few publishers were as important to adventure games as the venerable Sierra On-Line. Their King's Quest, Space Quest, and Leisure Suit Larry series paved the way for other fine installments. Though Sierra has moved on, their games live on through the FreeSCI project. Howard Wen explores how FreeSCI lets you play your favorite old games -- and, just maybe, create new ones.
Securing Systems with chroot
Recently, support was added to the NetBSD Operating System to run the Network Time Protocol Daemon (ntpd) under an unprivileged user ID in a chroot jail. In the first of two articles, Emmanuel Dreyfus explains buffer overflows -- a typical Unix security flaw, then explains a chroot jail and the motivation for running a program in it.
You've replaced telnet with ssh. You've instituted password- checking utilities, and you rotate passwords monthly. Still feeling paranoid? Dru Lavigne's got the answer -- one time passwords. This alternate authentication method for FreeBSD means your security won't be jeopardized even if someone sniffs your password.
Creating Your Own CA
Rob Flickenger, author of O'Reilly's recently released Linux Server Hacks, shows you how to establish your own SSL Certificate Authority using OpenSSL and a utility called CA.pl.
NetBSD and OpenBSD have an interesting new system policy manager called systrace. With the proper policies, system administrators can control which system calls can be made and how. Michael Lucas explains how this works and how to understand -- and write -- a good policy file.
Return to the list of Linux Newsletters.
Return to the Linux DevCenter.