oreilly.comSafari Books Online.Conferences.


Adventures, Self-Signing, Passwords, and Permissions

by chromatic
Linux Newsletter for 02/10/2003

It's Monday again, and that means another Linux newsletter. (Strangely enough, it means your fearless editor wants another weekend--expect a report from Dan Sugalski on last week's Perl 6 design meeting.)

Howard Wen's had a fit of nostalgia lately. Sure, he's enjoying a plum assignment to seek out all that's new and interesting in Linux gaming, but this week, it's back to the past. Remember the golden age of adventure games? Two companies come to mind: Sierra On-Line and LucasArts. A project called FreeSCI is making it possible to run the old Sierra games on modern machines. Read more in FreeSCI: Rebuilding Sierra's Classic Quests. (Watch for an interview with FreeSCI developers soon.)

Dru Lavigne's always chasing down something interesting. This time, her latest column dares you to post your latest password in our Talkback section. Is she crazy, or just confident that One-Time Passwords have their advantages? You decide.

Speaking of trust, SSL is pretty important if you're doing trustworthy things over the Internet. Of course, going through the hassle of proving yourself to a public Certificate Authority can be annoying. Fortunately, OpenSSL gives you the means to create your own certificate. As he writes about in his new O'Reilly book, Linux Server Hacks, Rob Flickenger demonstrates Creating Your Own CA. (At the risk of sounding biased, this is a fantastic book.)

PHP folks rejoice, John Coggeshall is still around and kicking. This week, he explores Unix File Permissions. Just because you can create a file or directory in PHP doesn't mean your program knows what to do with it--or that other people can't do bad things with it. The Unix permission scheme is simple, once you get to know it.

To subscribe to the Linux newsletter (or any O'Reilly Network newsletters), visit and select the newsletters you wish to receive in your user profile (you'll need to log in with your existing O'Reilly Network account -- if you don't yet have an account, you'll need to create one).

To change your newsletter subscription options, please visit and click the"Manage My Newsletters" link. For assistance, send email to

It'd be difficult to get through the day without pushing OSCON 2003 proposals again. Your naive and trusting editor has agreed to referee some PostgreSQL talks, so brainstorm, write, and submit proposals! Rest assured that, since the deadline is this Saturday, next week's newsletter will beg, plead, and cajole you to do something entirely different! Look forward to it!

All the best,

Technical Editor
O'Reilly Network and Linux DevCenter Top Five Articles Last Week

  1. FreeSCI: Rebuilding Sierra's Classic Quests
    Few publishers were as important to adventure games as the venerable Sierra On-Line. Their King's Quest, Space Quest, and Leisure Suit Larry series paved the way for other fine installments. Though Sierra has moved on, their games live on through the FreeSCI project. Howard Wen explores how FreeSCI lets you play your favorite old games -- and, just maybe, create new ones.

  2. Securing Systems with chroot
    Recently, support was added to the NetBSD Operating System to run the Network Time Protocol Daemon (ntpd) under an unprivileged user ID in a chroot jail. In the first of two articles, Emmanuel Dreyfus explains buffer overflows -- a typical Unix security flaw, then explains a chroot jail and the motivation for running a program in it.

  3. One-Time Passwords
    You've replaced telnet with ssh. You've instituted password- checking utilities, and you rotate passwords monthly. Still feeling paranoid? Dru Lavigne's got the answer -- one time passwords. This alternate authentication method for FreeBSD means your security won't be jeopardized even if someone sniffs your password.

  4. Creating Your Own CA
    Rob Flickenger, author of O'Reilly's recently released Linux Server Hacks, shows you how to establish your own SSL Certificate Authority using OpenSSL and a utility called

  5. Systrace Policies
    NetBSD and OpenBSD have an interesting new system policy manager called systrace. With the proper policies, system administrators can control which system calls can be made and how. Michael Lucas explains how this works and how to understand -- and write -- a good policy file.

Return to the list of Linux Newsletters.

Return to the Linux DevCenter.

Linux Online Certification

Linux/Unix System Administration Certificate Series
Linux/Unix System Administration Certificate Series — This course series targets both beginning and intermediate Linux/Unix users who want to acquire advanced system administration skills, and to back those skills up with a Certificate from the University of Illinois Office of Continuing Education.

Enroll today!

Linux Resources
  • Linux Online
  • The Linux FAQ
  • Linux Kernel Archives
  • Kernel Traffic

  • Sponsored by: