Main | In Other News | Security Roundup | Tips of the Trade |
Security Roundup
- SGI released a pair of patches to its Advanced Linux Environment (ALE): One addresses recent OpenSSL vulnerabilities; the other sweeps up a number of other vulnerabilities Red Hat (on which SGI’s ALE is based) recently cleaned up.
- A number of vendors have patched ethereal, which was recently found to have numerous buffer overflows and the potential to run malicious code, including
Mandrake,
Red Hat,
Netwosix, and
Gentoo. - Gentoo, Red Hat, and Mandrake all patched a bug in the Squid caching proxy server that could allow users to access restricted URLs from behind Squid.
Tips of the Trade
Most Unix aficionados have a passing familiarity with the tee command: If you’re building a pipe of assorted filters, it’s sometimes useful to let the information flowing through that pipe “tee” off into a file before moving through a particular filter. If, for example, you’re searching an error log for a particular piece of information but first narrowing the contents of the log down with cut, you might want to run the cut data out into a separate file before proceeding to a very limiting grep.
Tee’s shortcoming is that it’s limited to writing to files: There’s no way to tee the data stream into another filter, which is sometimes useful if you want to assign a variable based on a very specific piece of data in the stream but want the bulk of that stream to continue through the pipe for further processing.
Fortunately, someone recognized that deficiency and provided a little Perl magic to work around it in the form of tee2, a script that acts pretty much like tee but can include a piped filter in a tee-out of data.
If you save that script, make sure to check the “shebang” line (the first line, which identifies the interpreter in which the script will be run). It points to /usr/local/bin/perl, and it left out the leading “!”.
The script includes syntax samples in the comments.
(Thanks, Ed Heil for catching that.)
>> To Main
>> To Other News