I remember reading about this in the 1991 release of "Practical Internet and Unix Security," from O'Reilly back in 1991. I'm pretty sure they even gave examples. They also laid out a number of suggestions to mitigate risk, including not specifying the current path, ".", in the root user's path so they must explicitly type the location of an executable script, and so on.
They also pointed out that some well-behaved shells eliminate certain ease-of-use-but-exploitable features when it detects that a privileged user is running it, and even on systems where that's not the standard, the default.bashrc or equivalent files often set up aliases for common commands that disable features like wildcard matching, or color codes (which could be used if you're very tricky, to match a filename color to the background color of the screen, among other things), the path restriction listed above, and many many others.
It's really hard to secure shell accounts on systems, no matter how you try. Is this article just proof that the current generation of unix admins is rediscovering this? Should I be shaking my fist and telling the kids to get off my lawn? This was old news 2 over decades ago.
I know if the government abused the people's trust, I'd try to blow the whistle. Sounds like he's the real BOFH deal to me.
I mean I know JPL-NASA is riddled with fraud, I'm just waiting for the real internal nasty docs to get released.
Time to re-invent and fix our own shit. The USA is a laughing stock. We have Nuclear test sites which are on the brink of failure, sites devastated by natural disasters we ignore. Our Nation continues to get raped via its resources and the people are being raped of their Constitutional rights.
Obama, where are all these "Green Jobs" at? So far nothing absolutely NOTHING has been done to help the American people in my life-time, where the corporate greed continues to spawn it's seed everywhere.
Alternative Energy? Fixing the farm-land, inventing medical marvels, etc. What about that shit? Oh wait, we're going to lobby with Silicon Valley and give Amazon kudos for warehouse plants? Give me a fucking break.
US Govt = Big Fucking Fail
Kudos to VW for this achievement.
However, I'll keep on driving my 1982 diesel Westfalia. For me, the driving experience is better:)
For one, I never have to worry about speeding;)
I learned on Linux and Solaris (x86/SPARC) when I was 15, and I'm now 32 still using both (do the math).
A saying was told me to growing up, "Use the Proper Tool for the Job" which varies person to person, BUT for me SPARC and Solaris is the right tool. I see the OpenSource community as a great community. My WHOLE stack runs on OpenSource software. I beta-test/develop MUCH of my stuff on either Linux or OSX.
But when it comes to the production OS, I'm not some blanketed Linux bigot. I'm an *NIX Admin and an Architect at heart.
Professionally I'm a CTO (I do everything from programming php / data-center / network / DBA / UNIX / security / etc.) for an internet-based start-up that runs Solaris 10 and used SPARC CoolThread hardware in production. Baffled why? For a few reasons:
When I did a cost analysis of my time & the company's money vs Intel offerings and SPARC I eventually came away with these main points.
1.) SPARC hardware is still WAY superior with remote management than any x86 POS I've ever managed. The ALOM on a SPARC and a serial cable from my Mac works EVERY time. When I worked in past shops managing thousands of Linux Dells and HP's we had nothing but issues with ILOs from the hardware and OS side. Just pure donkey shit.
When you're a start-up buying used hardware it is a great way to cut cost where investors/owners LOVE. Frankly SPARC hardware in my experience can keep on chugging where those HPs and Dells are falling apart right and left. I don't have time to be fucking with hardware when I'm running the show of a million hats.
2.) LONG-term stability with Solaris 10 and maybe Solaris 11 (still evaluating) is a necessity to me. I work for a crazy ass mad-scientist type who does EVERYTHING custom. He's worse than the scientists that I worked with back at JPL-NASA. He has software that's been running for a decade, and the software/application I write with him now he wants to work years down the road as well. That means, I don't need to worry about a yum or apt get update that blows away some part that is critical to ONLY us and I gotta figure WTF happened. The OS is a critical back-bone element where I've seen "Linux dependency hell" fuck me so many times and cost me so many hours, that I PREFER building my own Solaris 10 packages and Solaris 11 (still in testing for me) packages (Yes, I'm a REAL UNIX admin no these lazy wanders) without worries that the OS will be compromised by something lame. In the long-run I have more freedom to enjoy time with my doggies.
When you work for a company that builds custom crap that. Everything it talks to regarding the OS needs to work without question. I have always have had that with Solaris SPARC and with Support till 2018 or extended 2021 by then I should be retired from the gig! But I KNOW nothing funky will happen with the OS while I'm working here. For each new x86 hardware update for Linux, it's a whole new 'testing' to make sure it doesn't blow up the OS on the next reboot. Never had that with SPARC of maintained properly.
With that long-term support and marriage to the hardware I know the relationship is TIGHT, that can be VERY useful when you're concerned with down the road support or integration. Dell or HP does a hardware update and the RedHat or Debian kernel or images haven't been added, then you gotta do a post image. FUCK THAT NIGHTMARE! SPARC WORKS end of story.
3.) Threads! NOTHING compares to SPARC when it comes to multiple threads and what not. My T2000's running 32 cores make damn good web-servers. They also save space in the rack as well!
4.) Virtualization is WAY superior than KVM or VMWare. I've used many of the OpenSource VM solutions and frankly non compare to the control that I can do with either LDOMs or Solaris Containers/zones.
5.) ZFS yeah, Linux we hear your promises of a bad-ass filesystem, I'm still waiting.
So, is Oracle and SPARC dead? Popularity may go down, that's normal, but it's not "dead" to anyone who has a reason/purpose to use the OS/hardware offered.
The world isn't one big LAMP stack.
Again, I'm not *against* Linux, I use it for development and personal shit all day. However, I'm not a blind follower either.
I've been working on UNIX/SysAdmin/InfoSec/development/DBA since I was 15 back in 95. Dealing with various politics, Good O' Boys club, racism, sexism, budget issues, morons in management, unrealistic deadlines, and pager calls, merges, buy-outs, hacks, and illegal operations of company polices (of some major corporations). I realized I was anti-social, hated what I did, the tech controlled my life, and I felt I lost myself into the world of consumer America. I thus, now treat it as a job and nothing else, I since feel liberated and am expanding my mind.
How to adjust with a pay cut? Simple, don't be a techy nerd and flaunt your American cash everywhere. I've embraced being a minimalist. I have one laptop, I reduced my living expenses as minimalistic as possible (I read books & music than pay for T.V.) walk and take public transit. This has made me interact with people more. I realized working 8hrs a day and coming home I didn't need to pay $60 for a constant connection. I thus, use my phone's connection if I needed the net at home (iphone tethering rocks). I have budgeted my money to live close to bare bones with a percentage for going out and having a few luxuries (dinner out, movie rental, etc. money for occasions NOT materialistic items).
The remainder? It goes into a 5yr plan that in five years I have enough saved where I can pay myself to go to college full-time to change careers and be introduced into a new circle of people of what I'm interested in. On the other hand, if I wanted to change into another career that saved money would help as a 'buffer'.
It just takes dedication and a plan and sticking to both. If you're serious you'll make it happen. As for myself I hope for when I'm 35, I have a new fun filled adventure:) Hopefully one I'm not burnt out on.
As another posted pointed out:
"You can be good at something, but you may not necessarily like it or be passionate about it anymore"
Having worked for the LA Times (aka Tribune) I can say this. Chicago has no clue what the hell is going on. They sure as hell have no direction for making money (other then focusing on broadcast). The Times are in the dark most the time. It's a shame, because there is a great amount of talent at the times.
I can only speak of the IT department where I worked. However, from what I have seen LA Times interactive division will likely be gone before long.
We mentioned a ton of ways to make money, only to be shuffled back and forth management. The usual outcome was "Ummm talk to x then y then z and then we'll spend six months discussing it".
Monolithic companies in a old mindset giving up on the net. That's it in a nutshell.
I build SysV Solaris packages all the time for my company. Places like Blastwave (for Sun Packages), or RPMs for LINUX Distro's always tend to throw dependences you don't want. I like controling the software install I make. I usually find it easier to build my own package, do a checkinstall, preinstall, postinstall, request, and depend script and tah-dah! Deployment package in the macking totally customized for the intended purpose. Which can be cookie cutted.
Depending on your needs, you may not mind installing EVERY fscking RPM for a dependency, but I prefer controlling every aspect. Not ot mention building specific optmization for our Opteron / SPARC servers.
I've been building x86 and Opteron Solaris machines for ages. I've also done it for Linux & FreeBSD. However, EVERY Dell Server I've EVER used has sucked a huge donkey-dick! I fucking loath those POSes!
It's nice to see Sun hitting the x64 market harder with these new boxes. I've played with a few and they're NICE! My only bitch is SCSI, but easily modified.
Dell can rott in hell
I haven't touched Windows 'myself' as a desktop since 1995. I used Linux for a few, then went FreeBSD now use Solaris religiously. I can do EVERYTHING I did in windows. Music, Movies, Art, etc.
Oh, yeah I'm not a gamer, but that's what PS2s are for.
However, you 'can' live your life 'without' windows. I've been doing it over a decade now.
Comments are just that 'comments' who gives a crap if there's curse words or odd stuff? As long as it works and the developer wants to give in insight screw it! If the comments make sense and have some comical/curse words so be it. I rather see code with personality then someone who was straight chalk board.
Slashdot Mirror
Youâ(TM)re not your you fucking moron
I remember reading about this in the 1991 release of "Practical Internet and Unix Security," from O'Reilly back in 1991. I'm pretty sure they even gave examples. They also laid out a number of suggestions to mitigate risk, including not specifying the current path, ".", in the root user's path so they must explicitly type the location of an executable script, and so on.
They also pointed out that some well-behaved shells eliminate certain ease-of-use-but-exploitable features when it detects that a privileged user is running it, and even on systems where that's not the standard, the default .bashrc or equivalent files often set up aliases for common commands that disable features like wildcard matching, or color codes (which could be used if you're very tricky, to match a filename color to the background color of the screen, among other things), the path restriction listed above, and many many others.
It's really hard to secure shell accounts on systems, no matter how you try. Is this article just proof that the current generation of unix admins is rediscovering this? Should I be shaking my fist and telling the kids to get off my lawn? This was old news 2 over decades ago.
I know if the government abused the people's trust, I'd try to blow the whistle. Sounds like he's the real BOFH deal to me. I mean I know JPL-NASA is riddled with fraud, I'm just waiting for the real internal nasty docs to get released. Time to re-invent and fix our own shit. The USA is a laughing stock. We have Nuclear test sites which are on the brink of failure, sites devastated by natural disasters we ignore. Our Nation continues to get raped via its resources and the people are being raped of their Constitutional rights. Obama, where are all these "Green Jobs" at? So far nothing absolutely NOTHING has been done to help the American people in my life-time, where the corporate greed continues to spawn it's seed everywhere. Alternative Energy? Fixing the farm-land, inventing medical marvels, etc. What about that shit? Oh wait, we're going to lobby with Silicon Valley and give Amazon kudos for warehouse plants? Give me a fucking break. US Govt = Big Fucking Fail
That's called "life" yo. Just now figuring that out?
Kudos to VW for this achievement. However, I'll keep on driving my 1982 diesel Westfalia. For me, the driving experience is better :)
For one, I never have to worry about speeding ;)
I learned on Linux and Solaris (x86/SPARC) when I was 15, and I'm now 32 still using both (do the math).
A saying was told me to growing up, "Use the Proper Tool for the Job" which varies person to person, BUT for me SPARC and Solaris is the right tool. I see the OpenSource community as a great community. My WHOLE stack runs on OpenSource software. I beta-test/develop MUCH of my stuff on either Linux or OSX.
But when it comes to the production OS, I'm not some blanketed Linux bigot. I'm an *NIX Admin and an Architect at heart.
Professionally I'm a CTO (I do everything from programming php / data-center / network / DBA / UNIX / security / etc.) for an internet-based start-up that runs Solaris 10 and used SPARC CoolThread hardware in production. Baffled why? For a few reasons:
When I did a cost analysis of my time & the company's money vs Intel offerings and SPARC I eventually came away with these main points.
1.) SPARC hardware is still WAY superior with remote management than any x86 POS I've ever managed. The ALOM on a SPARC and a serial cable from my Mac works EVERY time. When I worked in past shops managing thousands of Linux Dells and HP's we had nothing but issues with ILOs from the hardware and OS side. Just pure donkey shit.
When you're a start-up buying used hardware it is a great way to cut cost where investors/owners LOVE. Frankly SPARC hardware in my experience can keep on chugging where those HPs and Dells are falling apart right and left. I don't have time to be fucking with hardware when I'm running the show of a million hats.
2.) LONG-term stability with Solaris 10 and maybe Solaris 11 (still evaluating) is a necessity to me. I work for a crazy ass mad-scientist type who does EVERYTHING custom. He's worse than the scientists that I worked with back at JPL-NASA. He has software that's been running for a decade, and the software/application I write with him now he wants to work years down the road as well. That means, I don't need to worry about a yum or apt get update that blows away some part that is critical to ONLY us and I gotta figure WTF happened. The OS is a critical back-bone element where I've seen "Linux dependency hell" fuck me so many times and cost me so many hours, that I PREFER building my own Solaris 10 packages and Solaris 11 (still in testing for me) packages (Yes, I'm a REAL UNIX admin no these lazy wanders) without worries that the OS will be compromised by something lame. In the long-run I have more freedom to enjoy time with my doggies.
When you work for a company that builds custom crap that. Everything it talks to regarding the OS needs to work without question. I have always have had that with Solaris SPARC and with Support till 2018 or extended 2021 by then I should be retired from the gig! But I KNOW nothing funky will happen with the OS while I'm working here. For each new x86 hardware update for Linux, it's a whole new 'testing' to make sure it doesn't blow up the OS on the next reboot. Never had that with SPARC of maintained properly.
With that long-term support and marriage to the hardware I know the relationship is TIGHT, that can be VERY useful when you're concerned with down the road support or integration. Dell or HP does a hardware update and the RedHat or Debian kernel or images haven't been added, then you gotta do a post image. FUCK THAT NIGHTMARE! SPARC WORKS end of story.
3.) Threads! NOTHING compares to SPARC when it comes to multiple threads and what not. My T2000's running 32 cores make damn good web-servers. They also save space in the rack as well!
4.) Virtualization is WAY superior than KVM or VMWare. I've used many of the OpenSource VM solutions and frankly non compare to the control that I can do with either LDOMs or Solaris Containers/zones.
5.) ZFS yeah, Linux we hear your promises of a bad-ass filesystem, I'm still waiting.
So, is Oracle and SPARC dead? Popularity may go down, that's normal, but it's not "dead" to anyone who has a reason/purpose to use the OS/hardware offered.
The world isn't one big LAMP stack.
Again, I'm not *against* Linux, I use it for development and personal shit all day. However, I'm not a blind follower either.
I've been working on UNIX/SysAdmin/InfoSec/development/DBA since I was 15 back in 95. Dealing with various politics, Good O' Boys club, racism, sexism, budget issues, morons in management, unrealistic deadlines, and pager calls, merges, buy-outs, hacks, and illegal operations of company polices (of some major corporations). I realized I was anti-social, hated what I did, the tech controlled my life, and I felt I lost myself into the world of consumer America. I thus, now treat it as a job and nothing else, I since feel liberated and am expanding my mind. How to adjust with a pay cut? Simple, don't be a techy nerd and flaunt your American cash everywhere. I've embraced being a minimalist. I have one laptop, I reduced my living expenses as minimalistic as possible (I read books & music than pay for T.V.) walk and take public transit. This has made me interact with people more. I realized working 8hrs a day and coming home I didn't need to pay $60 for a constant connection. I thus, use my phone's connection if I needed the net at home (iphone tethering rocks). I have budgeted my money to live close to bare bones with a percentage for going out and having a few luxuries (dinner out, movie rental, etc. money for occasions NOT materialistic items). The remainder? It goes into a 5yr plan that in five years I have enough saved where I can pay myself to go to college full-time to change careers and be introduced into a new circle of people of what I'm interested in. On the other hand, if I wanted to change into another career that saved money would help as a 'buffer'. It just takes dedication and a plan and sticking to both. If you're serious you'll make it happen. As for myself I hope for when I'm 35, I have a new fun filled adventure :) Hopefully one I'm not burnt out on.
As another posted pointed out:
"You can be good at something, but you may not necessarily like it or be passionate about it anymore"
Now that's a productive way to encourage Electric hybrids! WTF is wrong with these morons.
Fucking hilarious!
Totally dig! Bravo! Great use of gender & feminism spin-off! Not to mention compy talk is always hot haha
Instead maybe people are getting out into the real world and socializing! I'm dreaming right? No couldn't be...
Fucking hilarious!
Having worked for the LA Times (aka Tribune) I can say this. Chicago has no clue what the hell is going on. They sure as hell have no direction for making money (other then focusing on broadcast). The Times are in the dark most the time. It's a shame, because there is a great amount of talent at the times. I can only speak of the IT department where I worked. However, from what I have seen LA Times interactive division will likely be gone before long. We mentioned a ton of ways to make money, only to be shuffled back and forth management. The usual outcome was "Ummm talk to x then y then z and then we'll spend six months discussing it". Monolithic companies in a old mindset giving up on the net. That's it in a nutshell.
I build SysV Solaris packages all the time for my company. Places like Blastwave (for Sun Packages), or RPMs for LINUX Distro's always tend to throw dependences you don't want. I like controling the software install I make. I usually find it easier to build my own package, do a checkinstall, preinstall, postinstall, request, and depend script and tah-dah! Deployment package in the macking totally customized for the intended purpose. Which can be cookie cutted. Depending on your needs, you may not mind installing EVERY fscking RPM for a dependency, but I prefer controlling every aspect. Not ot mention building specific optmization for our Opteron / SPARC servers.
I've been building x86 and Opteron Solaris machines for ages. I've also done it for Linux & FreeBSD. However, EVERY Dell Server I've EVER used has sucked a huge donkey-dick! I fucking loath those POSes! It's nice to see Sun hitting the x64 market harder with these new boxes. I've played with a few and they're NICE! My only bitch is SCSI, but easily modified. Dell can rott in hell
I haven't touched Windows 'myself' as a desktop since 1995. I used Linux for a few, then went FreeBSD now use Solaris religiously. I can do EVERYTHING I did in windows. Music, Movies, Art, etc. Oh, yeah I'm not a gamer, but that's what PS2s are for. However, you 'can' live your life 'without' windows. I've been doing it over a decade now.
Solaris 10 is free and there's always OpenSolaris which functions fine now to.
Solaris is as free as any other OpenSource OS now.
Hell, Solaris 10 commercial from Sun is FREE to use in any enviroment.
Comments are just that 'comments' who gives a crap if there's curse words or odd stuff? As long as it works and the developer wants to give in insight screw it! If the comments make sense and have some comical/curse words so be it. I rather see code with personality then someone who was straight chalk board.
Actually, you "can" use it with ANY Daemon, you have to write the SMF youself and import it.
I've used it with PostgreSQL, Postfix, Apache (1&2), Sendmail, Syslog etc you name it it's been done.
Learn to 'use the docs' and you'll know the force.
You can talk shit and get paid for it? Sounds like most Management positions....
Seriously didn't anyone expect this other then me? LOL
:) )
It's Micro$oft which means "Give a little and we'll let you rape us!"
Just don't use Windows, take a stand (No, not a Linux advocate just anything OTHER then M$ advocate
Since Solaris 7 (1996/97) has had journaling for awhile as well.