|Page 1||Page 2|
|In Other News||Tips of the Trade|
- Sun patched a vulnerability in the passwd program found in Solaris 8 & 9. The vulnerability could give a local unprivileged user root privileges.
- A buffer overflow in the popular scripting language Python has been patched in Debian and
- A buffer overflow in libxml has patches from Mandrake, OpenPKG, Trustix, Gentoo
Linux, and Debian.
- Debian patched wu-ftpd to solve a buffer overflow and a permissions
- Hewlett-Packard has patched a “highly critical” remote exploit in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24) and in HP Tru64 UNIX 5.1A PK6(BL24).
- A privilege escalation bug in the Linux kernel was discovered. The bug affects kernel versions 2.4.24, 2.4.23, and 2.6.2. Newer versions of the kernel are available.
Tips of the Trade
A few months ago we put rsync forward as a great over-the-network backup option that has the benefit of conserving bandwidth by saving only changed files. rsync is great at what it does, but one thing it doesn’t do is synchronize in more than one direction, meaning that you can either push a directory into an archive, overwriting changed files, or you can pull an archive down.
Thus, you can’t really use it to keep a pair of archives up to date with each other.
Enter unison, which uses the rsync algorithm in such a way that when it’s presented with a pair of archives, it seeks to update both of them based on changes to each. Consequently, if files in archive “A” on a workstation were changed, and files have changed in archive “B” on a server, unison sorts out which files should be copied from the server to the workstation and vice versa.
As with rsync, unison is able to use ssh as a tunnel, meaning data is passed over the network in a safe and encrypted fashion. This makes it good for wireless road-warriors as well as people in the relatively safe confines of a hardline network. In addition, the developers provide a Windows version alongside the easily compilable version available for Unix variants (including OS X).
A few things worth noting:
- unison has the ability to create exclude lists and profiles, making it possible to create a wide variety of well-tuned unison scripts sensitive to specific backup needs (such as limiting the kinds of files a user syncs when he or she is doing so over a slow dialup vs. a faster wireless connection).
- unison, while compiling and working under OS X, doesn’t yet recognize OS X’s resource forks. Those using unison on a Mac, should stick to simple files and will probably want to install fink to get at the libraries they’ll need to build unison.
- unison offers build options for a GUI under Unix systems with the gtk+ libraries installed.