Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Comment: Re:Spamming daemon packed inside ELF binary (Score 1) 170

It wouldn't be the first time I've seen malware installed via compromised wordpress. Wordpress has had more than a few vulnerabillities over the years and most people who install it just forget about it after and never install security updates. To top it off, wordpress has a web accessible world writeable folder so any exploit easily becomes shell level access.

On the plus side, most of the spammers never even try to gain root.

+ - UMG v Grooveshark settled, no money judgment against individuals

Submitted by NewYorkCountryLawyer
NewYorkCountryLawyer writes: UMG's case against Grooveshark, which was scheduled to go to trial Monday, has been settled. Under the terms of the settlement (PDF), (a) a $50 million judgment is being entered against Grooveshark, (b) the company is shutting down operations, and (c) no money judgment at all is being entered against the individual defendants.

Comment: Re: Is that proven? (Score 1) 440

by gmack (#49555407) Attached to: Debian 8 Jessie Released

And then slow devices cause the server to fail to start correctly every time? There is a reason that so many init.d startup scripts had sleep statements. It makes sense to argue that the timeout is too long but it make no sense that things shouldn't wait for things they depend on. That's the whole point of "dependency based booting", most of the systemd alternatives do the exact same thing.

Comment: Re:Here we go again. (Score 4, Interesting) 304

by gmack (#49547703) Attached to: Microsoft, Chip Makers Working On Hardware DRM For Windows 10 PCs

I have yet to see a good Linux blu-ray player. The result is that I simply rip the blu-ray with makemkv and then run the result through handbrake to bring the size down a bit. This has the added advantage that my quad core xbmc box ($110 CAD) lets me browse though my movie collection on my NAS using my remote and that's far less effort than swapping discs. This also came in handy when I was in Spain and Amazon sent me the US region movie instead of the EU region movie and the blasted thing wouldn't play in my EU locked blu ray player.

Comment: Re:systemd rules!!! (Score 2) 487

by gmack (#49547105) Attached to: Ubuntu 15.04 Released, First Version To Feature systemd

I can't tell if you are stupid or just a troll but I'll respond anyways. One of Systemds improvements is that it handles process (apache etc)reloads. One advantage to this, is that things are now restarted in the exact same environment (path, variables, CWD etc) as when the system is booting. The next advantage is that networking restart no longer needs to be run with nohup when done remotely, it just works now instead of dropping the interface and then dying.

This means that if say, a webdev or a junior admin makes a typo in a daemon and it fails to start you can now just use journalctl to see the output that previously went to console.

Less often(usually when I'm doing the initial setup), are things like iscsi, glusterfs etc that choked hard under the old init system and still need a bit (although easier) tweaking with systemd.

Comment: Re:Upstart or Systemd? (Score 1) 487

by gmack (#49546505) Attached to: Ubuntu 15.04 Released, First Version To Feature systemd

What is happening is that Systemd is waiting for either the daemon to come up, or a timeout before it continues. If you wait about 5 minutes, the boot will resume. (which I agree is an annoyingly long default) The downside of doing things the way they were before was that if something was slow to mount, the system would blindly continue which is why I've seen a ton of boot scripts with sleep statements in them.

Comment: Re:systemd is a bad joke (Score 1) 487

by gmack (#49546467) Attached to: Ubuntu 15.04 Released, First Version To Feature systemd

The people that know the difference between AT&T and BSD flavors, especially after the 4.4 Tahoe lawsuit know that you don't just add stuff for politics's sake. For example, Sendmail took a ton of revisions before it was secure.

Sendmail took a ton of revisions before it was secure because it wasn't written with security in mind. Qmail, Postfix and Exim haven't had any near the number of problems sendmail had.

And we are all going to relearn this lesson with systemd, with one large code blob running as root (breaking the philosophy from decades of UNIX state that you run stuff as root as little as possible), so this means one large remote root exploit waiting to happen... and all it takes is a weakness on the ports systemd listens to.

This is just FUD.
1 Systemd is modular with components running with each componant running with the least amount of privilate to do it's job.
2. The network components not a part of the core project and are very optional.
3. I have yet to see any distro enable the network components at all, let alone by default.

So, production systems now have this major chunk of nascent code that is going to be a bonanza for the blackhats. All we have is to cross fingers and hope that the systemd coders at least paid lip service to security... but if something as mature as OpenSSL can fall, it only is a matter of time before systemd gets hit and hit hard, since AFAIK, there are no experts familiar with secure/defensive programming coding systemd.

As far as you know? I have already seen audits of the code for both correctness and security.

Oh well. Oracle Solaris can be easily moved to, and it isn't open source... but it has stood the test of time when it comes to security.

The same Solaris who dumped sysv bootup scripts a few years back in favor of their shiny new system that's very similar to systemd? Good plan!

Comment: Re:Upstart or Systemd? (Score 1) 487

by gmack (#49545113) Attached to: Ubuntu 15.04 Released, First Version To Feature systemd

It worked.. except when it didn't. I should not have to hack my init scripts just because I have iSCSI or Clustered Fileystem mounts. Init was made in a time when the boot dependencies are more flat and don't do well at all when your setup requires network+daemon before the filesystem can be mounted.

Hacking's just another word for nothing left to kludge.

Working...