NEWS
Samba Vulnerability Patched But Risk Is Bigger
The world barely recovered from the havoc caused by WannaCry ransomware before a new vulnerability was found in the open source Samba networking utility.
According to Samba.org, "All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it."
In pure open source tradition, the patch was released immediately, and most Linux distributions have pushed it into their repository.
The real-world situation is more grim than it appears. First, it's not a new bug. The bug has been lurking around for the past seven years, since version 3.5.0 was released in 2010. It exposes a serious problem in the Linux world: It doesn't have enough eyeballs to make all bugs shallow.
The second problem that makes this bug more problematic is that the open source reimplementation of Microsoft's SMB protocol, which was the culprit in the WannaCry ransomware, is used in every single product that offers any kind of file-sharing capability.
If you have a NAS device, media streaming box, or any device that offers file storage and sharing capability, then it's more than likely running Samba server on it. Despite running a Linux-based distribution, these devices are not designed for automatic updates and don't offer users an easy interface to update the packages.
At the same time, in most cases, vendors have no incentive to keep the devices patched, which leaves them vulnerable. If you are aware of this bug and you are running one of these devices, there is literally nothing you can do to fix it, other than unplugging it from the server. The best course of action is to keep an eye on the support site of the product and look for any updates. If updates are available, install them immediately.
Red Hat Announces OpenShift.io
Red Hat has created a cloud native developer tool called OpenShift.io, announced at Red Hat Summit, Boston.
The platform is based on Kubernetes, a Linux Foundation-hosted open source project. Built from Eclipse Che, fabric8, and Jenkins technologies, OpenShift.io provides developers with application development tools and the environments they need.
According to Red Hat, "OpenShift.io, combined with OpenShift Online, provides an integrated approach to DevOps, including all the tools a team needs to analyze, plan, create and deploy services."
The platform was created for team collaboration and offers real-time stack analysis, which helps development teams better detect critical vulnerabilities and uncommon usage patterns.
OpenShift.io enables developers to use the entire platform without a requirement to install anything locally, and their applications are built into Linux containers by default.
OpenShift.io also includes a free subscription to the Red Hat Developer Program, a no-cost Red Hat Enterprise Linux developer subscription, Red Hat JBoss Enterprise Middleware, and other Red Hat technologies. OpenShift.io is available in a limited developer preview.
Microsoft Bakes Linux into Windows Server
Microsoft is graduating to become a Linux vendor. It started with Microsoft introducing WSL (Windows Subsystem for Linux) for Windows 10, which was the company's attempt to help developers using Windows 10 manage their Linux machines on Azure cloud.
The company then worked with Docker not only to create Docker for Windows, but also to bring Docker containers to Linux servers, allowing customers to run more than 900,000 Linux containers on Windows Servers.
Now Microsoft is baking WSL into Windows Server. According to a Microsoft blog, "This unique combination allows developers and application administrators to use the same scripts, tools, procedures and container images they have been using for Linux containers on their Windows Server container host."
With Bash on Ubuntu for Windows Servers, IT professionals can now use *nix utilities on their Windows servers to manage Linux containers.
With this move, Microsoft is moving closer toward becoming a Linux provider. It must be noted that Microsoft already uses Linux as a core piece in its Azure cloud. The operating system for Azure Networking Switch runs on a Linux kernel.
MORE ONLINE
ADMIN HPC
http://hpc.admin-magazine.com/
SquashFS * Jeff Layton
In my life experience, I have found that people like to keep pretty much every piece of data that's ever crossed their hard drive.
Parallel I/O for HPC * Jeff Layton
Amdahl's law says that your application will only go as fast as its serial portion. As the application is run over more processors, the decrease in run time gets smaller.
ADMIN Online
http://www.admin-magazine.com/
Highly Available Hyper-V in Windows Server 2016 * Marc Grote
Most of the new features in Windows Server 2016 relate to Hyper-V. Microsoft has introduced numerous changes to make the product even more interesting to companies that have not used virtualization or are running an older version of Hyper-V.
Digital Signatures in Package Management * Tim Schürmann
Many distributions develop, test, build, and distribute their software via a heterogeneous zoo of servers, mirrors, and workstations that make central management and protection of the end product almost impossible.
Installing .NET on Linux * Thorsten Scherf
To understand .NET fully, it is a good idea to look at past events. Development on the NGWS included work on a framework that was officially released in 2002 as .NET 1.0.
« Previous 1 2
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
SUSE Renames Several Products for Better Name Recognition
SUSE has been a very powerful player in the European market, but it knows it must branch out to gain serious traction. Will a name change do the trick?
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.
-
Fedora KDE Approved as an Official Spin
If you prefer the Plasma desktop environment and the Fedora distribution, you're in luck because there's now an official spin that is listed on the same level as the Fedora Workstation edition.
-
New Steam Client Ups the Ante for Linux
The latest release from Steam has some pretty cool tricks up its sleeve.
-
Gnome OS Transitioning Toward a General-Purpose Distro
If you're looking for the perfectly vanilla take on the Gnome desktop, Gnome OS might be for you.
-
Fedora 41 Released with New Features
If you're a Fedora fan or just looking for a Linux distribution to help you migrate from Windows, Fedora 41 might be just the ticket.
-
AlmaLinux OS Kitten 10 Gives Power Users a Sneak Preview
If you're looking to kick the tires of AlmaLinux's upstream version, the developers have a purrfect solution.