LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
업데이트: 4분 58초 지남
토, 2023/04/01 - 1:02오전
The Mozilla project
celebrates
25 years of existence.
A lot has changed since 1998. Mozilla is no longer just a bold
idea. We’re a family of organizations — a nonprofit, a public
benefit-corporation, and others — that builds products, fuels
movements, and invests in responsible tech.
And we’re no longer a small group of engineers in Netscape’s
Mountain View office. We’re technologists, researchers, and
activists located around the globe — not to mention tens of
thousands of volunteers.
But if a Mozillian from 1998 stepped into a Mozilla office (or
joined a Mozilla video call) in 2023, I think they’d quickly feel
something recognizable. A familiar spirit, and a familiar set of
values.
금, 2023/03/31 - 11:49오후
As a general rule, the purpose behind mounting a filesystem is to make that
filesystem's contents visible to the system, or at least to the mount
namespace where that mount occurs. For similar reasons, it is unusual to
mount one filesystem on top of another, since that would cause the contents
of the over-mounted filesystem to be hidden. There are exceptions to
everything, though, and that extends to mounted filesystems;
a
"tucking" mechanism proposed by Christian Brauner is designed to hide
mounted filesystems underneath other mounts — temporarily, at least.
금, 2023/03/31 - 11:40오후
Security updates have been issued by Debian (joblib, json-smart, libmicrohttpd, and xrdp), Fedora (thunderbird and xorg-x11-server-Xwayland), Mageia (dino, perl-Cpanel-JSON-XS, perl-Net-Server, snort, tigervnc/x11-server, and xapian), SUSE (curl, kernel, openssl-1_0_0, and shim), and Ubuntu (glusterfs, linux-gcp-4.15, musl, and xcftools).
목, 2023/03/30 - 11:36오후
The X.Org project has
announced a vulnerability in its X server and Xwayland (CVE-2023-1393).
This issue can lead to local privileges elevation on systems where the X
server is running privileged and remote code execution for ssh X forwarding
sessions.
[...] If a client explicitly destroys the compositor overlay window (aka COW),
the Xserver would leave a dangling pointer to that window in the CompScreen
structure, which will trigger a use-after-free later.
That has led to the release of xorg-server 21.1.8, xwayland 22.1.9, and xwayland 23.1.1.
목, 2023/03/30 - 11:31오후
The kernel's hierarchical maintainer model works quite well from the
standpoint of allowing thousands of developers to work together without
(often) stepping on each others' toes. But that model can also make life
painful for developers who are trying to make changes across numerous
subsystems. Other possible source of pain include changes related to
licensing or those where maintainers don't understand the purpose of the
work. Nick Alcock has managed to hit all of those hazards together in his
effort to perform what would seem like a common-sense cleanup of the
kernel's annotations for loadable modules.
목, 2023/03/30 - 11:01오후
Greg Kroah-Hartman has announced the release of the
6.2.9,
6.1.22,
5.15.105, and
5.4.239 stable kernels. The latter (5.4.239)
has single patch to fix the permissions of a selftest file, while the other
three have a lengthy list of important fixes throughout the kernel tree.
목, 2023/03/30 - 10:50오후
Security updates have been issued by Debian (xorg-server and xrdp), Fedora (mingw-python-certifi, mingw-python3, mingw-zstd, moodle, python-cairosvg, python-markdown-it-py, redis, xorg-x11-server, and yarnpkg), Slackware (mozilla and xorg), SUSE (grub2, ldb, samba, libmicrohttpd, python-Werkzeug, rubygem-rack, samba, sudo, testng, tomcat, webkit2gtk3, xorg-x11-server, xstream, and zstd), and Ubuntu (linux, linux-aws, linux-dell300x, linux-kvm, linux-oracle, linux-raspi2, linux-aws-5.4, linux-azure-5.4, linux-gcp-5.4, linux-hwe-5.4,
linux-ibm-5.4, linux-oracle-5.4, linux-raspi-5.4, linux-gke, linux-gke-5.15, linux-ibm, linux-kvm, php-nette, and xorg-server, xorg-server-hwe-18.04, xwayland).
목, 2023/03/30 - 10:04오전
The LWN.net Weekly Edition for March 30, 2023 is available.
목, 2023/03/30 - 7:27오전
The fourth and final keynote for
Everything Open 2023 was given
by Professor Rebecca Giblin of the Melbourne Law School, University of
Melbourne. It revolved
around her recent book,
Chokepoint Capitalism,
which she wrote with Cory Doctorow; it is "a book about why creative
labor markets are rigged — and how to unrig them". Giblin had planned
to be in Melbourne to give her talk in person, but "the universe had other
plans"; she got delayed in Austin,
Texas by an unexpected speaking slot at the
South by
Southwest (SXSW)
conference, so she gave her talk via videoconference from there—at
nearly midnight in Austin.
수, 2023/03/29 - 11:58오후
Immutable Linux distributions are on the rise recently, with multiple
popular distributions creating their own immutable versions.; it
could be
one of the trends of 2023, as
predicted. While many of these immutable
distributions are focused on server use, there are also some that offer a
desktop experience.
OpenSUSE MicroOS
Desktop is one of them, with a minimal
openSUSE Tumbleweed as the
base operating system and applications running as
Flatpaks or in containers. In its daily use,
it feels a lot like a normal openSUSE desktop. Its biggest benefit is
availability of the newest software releases without sacrificing system
stability.
수, 2023/03/29 - 10:46오후
Curl maintainer Daniel Stenberg
expresses
some frustrations with the vulnerability notification policies
maintained by the distros mailing list.
The week before we were about to ship the curl 8.0.0 release, I
emailed the distros mailing list again like I have done so many
times before and told them about the upcoming six(!)
vulnerabilities we were about to reveal to the world.
This time turned out to be different.
Because of our updated policy where the fixes were already
committed in a public git repository, the distros mailing list’s
policy says that if there is a public commit they consider the
issue to be public and thus they refuse to accept any embargo.
What they call embargo I of course call heads-up time.
The kernel project has run into similar
issues in the past.
수, 2023/03/29 - 10:34오후
Security updates have been issued by Debian (unbound and xorg-server), Fedora (stellarium), Oracle (kernel), SUSE (apache2, oracleasm, python-Werkzeug, rubygem-loofah, sudo, and tomcat), and Ubuntu (git, kernel, and linux-hwe-5.19).
수, 2023/03/29 - 3:33오전
Canonical recently
announced
that it will no longer ship
Flatpak as
part of its default installation for the various
official Ubuntu flavors,
which is in keeping with the practices of the core Ubuntu distribution. The
Flatpak package format has gained popularity among Linux users
for its
convenience and ease of use. Canonical will focus exclusively on its own
package-management system,
Snap. The
decision has caused
disgruntlement
among some community members, who felt like the distribution was making
this decision
without regard for its users.
화, 2023/03/28 - 10:23오후
Security updates have been issued by Debian (dino-im and runc), Fedora (qemu), Red Hat (firefox), SUSE (chromium, containerd, docker, kernel, and systemd), and Ubuntu (graphicsmagick, linux-azure, linux-gcp, linux-oem-5.14, linux-oem-5.17, linux-oem-6.0, linux-oem-6.1, and node-url-parse).
월, 2023/03/27 - 11:10오후
The
open()
system call offers a number of flags that modify its behavior; not all
combinations of those flags make sense in a single call. It turns out,
though, that the kernel has responded in a surprising way to the
combination of O_CREAT and O_DIRECTORY for a long time.
After a 2020 change made that response even more surprising, it seems
likely that this behavior will soon be fixed, resulting in a rare user-visible
semantic change to a core system call.
월, 2023/03/27 - 11:08오후
Version 5.0 of the GnuCash accounting tool is out. Changes include a
number of investment-tracking improvements, better completion in the
register window, a reworked report-generation system, and more.
월, 2023/03/27 - 11:06오후
Security updates have been issued by Debian (libreoffice and xen), Fedora (chromium, curl, and xen), Red Hat (kernel, kernel-rt, kpatch-patch, and thunderbird), Scientific Linux (thunderbird), Slackware (tar), SUSE (apache2, ceph, curl, dpdk, helm, libgit2, and php7), and Ubuntu (firefox and thunderbird).
월, 2023/03/27 - 1:00오후
Linus has released
6.3-rc4 for testing.
"Things are looking pretty normal for this time of the release
process."
토, 2023/03/25 - 4:31오전
Matthew Garrett
looks at
the recent disclosure of GitHub's private host key, how it probably
came about, and what a better approach to key management might look like.
The main problem is that client tooling just doesn't handle this
well. OpenSSH has no way to do TOFU for CAs, just the keys
themselves. This means there's no way to do a git clone
ssh://git@github.com/whatever and get a prompt asking you
to trust Github's CA. Instead, you need to add a @cert-authority
github.com (key) line to your known_hosts file by hand, and since
approximately nobody's going to do that there's only marginal
benefit in going to the effort to implement this
infrastructure. The most important thing we can do to improve the
security of the SSH ecosystem is to make it easier to use
certificates, and that means improving the behaviour of the
clients.
금, 2023/03/24 - 11:28오후
Support for shadow stacks on the x86 architecture has been long in coming;
LWN
first covered this work in 2018. After
five years and numerous versions, though, it would appear that
user-space shadow stacks on x86 might just be supported in the 6.4 kernel
release. Getting there has required a few changes since we last
caught up with this work in early 2022.
페이지