LinuxDevCenter.com
oreilly.comSafari Books Online.Conferences.

advertisement


Going (mostly) Extreme, PHP Black Hattism, Declaring Your Intents, and Keeping Secure

by chromatic
Linux Newsletter for 08/04/2003

Welcome to the Linux newsletter, a weekly trawl through articles and happenings in Linux and open source developments. Here's what's new on ONLamp.com since last time:

Noel Davis kicked off the week with a little paranoia-inducing piece called Kernel Problems. Linux 2.4 kernel problems have been discovered that might allow local exploits and remote denial-of-service attacks. As well, Apache 2, Oracle's Extproc, nfs-utils, and PhpGroupware have potential remote exploits. Please check your versions and upgrade as soon as possible.

David Mertz, scary "Advanced OOP" columnist, takes a short detour from advanced OOP techniques to discuss the idea of Declarative Programming and Mini-Languages. Some problems are easier to solve by declaring facts rather than detailing procedures. Languages such as Prolog and Make use this to their advantage. David explains the how and why of declarative programming and gives pointers to several projects that will allow you to do such things in Python.

PHP Foundations columnist John Coggeshall continues through his PHP Paranoia series. In PHP Security, Part 1, he gives three common mistakes in thinking about securing PHP code and demonstrates how a common example idea can be exploited. Remember, when you're programming, change the color of your hat and ask if you're really secure.

To subscribe to the Linux newsletter (or any O'Reilly Network newsletters), visit https://epoch.oreilly.com/account/default.orm and select the newsletters you wish to receive in your user profile (you'll need to log in with your existing O'Reilly Network account -- if you don't yet have an account, you'll need to create one).

To change your newsletter subscription options, please visit https://epoch.oreilly.com/account/default.orm and click the"Manage My Newsletters" link. For assistance, send email to

Finally, your editor believes that Extreme Programming is a valuable process for developing software. It doesn't apply everywhere, though, and it certainly doesn't fit every team. There's still plenty to learn from XP, though. Five Lessons You Should Learn From Extreme Programming explains the goals behind the practices—goals almost every programming team and project needs to address. (Yes, this article promotes the recently released Extreme Programming Pocket Guide. You can enjoy the article without buying a book, though your manager might like a copy.)

In the weblog world, your editor and Andy Lester both point to Piers Cawley's The Fine Art of Complexity Management. Good stuff! Tim O'Reilly dishes out some Good Insights into Washington Lobbying. William Grosso drops names for a possible California Governor from High Tech.

That's all for this week. Next week, we'll talk to a real snake charmer.

Until then,

chromatic
chromatic@oreilly.com
Technical Editor
O'Reilly Network

ONLamp.com and Linux DevCenter Top Five Articles Last Week

  1. Five Lessons You Should Learn from Extreme Programming
    Extreme Programming (XP) is yet another popular idea gaining press. It adapts the best ideas from the past decades of software development. Whether or not you adopt XP, it's worth considering what XP teaches. chromatic, author of Extreme Programming Pocket Guide, offers five lessons you should learn from Extreme Programming.

  2. Advanced OOP: Declarative Programming and Mini-Languages
    While much of the "popular" programming world describes problems in terms of how to solve them, declarative programming describes problems in terms of what's known about them. David Mertz explores existing declarative languages and gives examples of declarative programming in Python.

  3. Video Playback and Encoding with MPlayer and MEncode
    No consumer Linux box is complete without the ability to play digital video files. Until recently, this was difficult -- the codecs weren't freely available or distributable. MPlayer seeks to change this. KIVILCIM Hindistan introduces MPlayer and demonstrates some of its features.

  4. PHP Security, Part 1
    If you have users, you'll undoubtedly have bad guys trying to break things. As a PHP developer, it's your responsibility to make sure your code is secure. John Coggeshall demonstrates one common PHP error that can leave you vulnerable, and he explains how to think like a bad guy to prevent these mistakes in the first place.

  5. Defending Your Site Against Spam, Part 2
    Dru Nelson recently had spammers attempt to attack his network, but this time, he didn't notice until he checked the logs. Why? He's using qmail and Trustic. Read on to find out how they can protect you from unwanted e-mail.


Return to the list of Linux Newsletters.

Return to the Linux DevCenter.




Linux Online Certification

Linux/Unix System Administration Certificate Series
Linux/Unix System Administration Certificate Series — This course series targets both beginning and intermediate Linux/Unix users who want to acquire advanced system administration skills, and to back those skills up with a Certificate from the University of Illinois Office of Continuing Education.

Enroll today!


Linux Resources
  • Linux Online
  • The Linux FAQ
  • linux.java.net
  • Linux Kernel Archives
  • Kernel Traffic
  • DistroWatch.com


  • Sponsored by: