Category Archives: Linux

First Identity Selector in a Linux Distribution: DigitalMe in OpenSUSE 11.1

As my last post shows, I’ve been thinking a lot lately about the evolution of identity services over time. I’m currently researching and thinking about how identity services should integrate with the emerging cloud computing paradigm. However, sometimes we get working in the daily grind, the months and years go by, and we can miss significant milestones, like this one:

geekoWhen OpenSUSE 11.1 was released on December 18th 2008, it included the DigitalMe identity selector in the main repository.

I guess it could be said that OpenSUSE 11.0 was the first Linux distribution to support an identity selector, but it wasn’t in the main repository when 11.0 was released, so I’m going with OpenSUSE 11.1.

digitalme logoWhat this means is that users of OpenSUSE 11.1 can install and run DigitalMe as easily as Firefox or Open Office or any other package. Just open up the package manager, search for digitalme and install. There are actually two packages that start with digitalme. One is the identity selector itself and the other is the Firefox addon. If you install the digitalme-firefox package, the selector is installed automatically. And you are automatically notified of updates!

Thanks to Andrew Hodgkinson for making DigitalMe happen, and getting it packaged for OpenSUSE!

(Andy, I think you may be due to update your blog. Your regular rate of one post every 1.5 years appears to have slowed.)

As always, thanks to the Higgins project for hosting most of the source code used to build digitalme, and for their support and collaboration.

A familiar hacker visits my home network

My oldest son is away at college. He’s finishing his senior year and deciding what to do next. I’m very proud of him, but sometimes I can’t help compare his life to mine. To earn money for living expenses during college, I had jobs washing dishes, changing oil, stocking shelves and eventually moving all the way up to cashier at Smith’s Food King. Good times. My son has had summer jobs programming for Berkeley Data Systems (Mozy) and this little Internet startup named Google. During the school year, he works on Linux boxes for the astronomy department at his school. His jobs sound like a huge amount of fun to me, and I think he has enjoyed them, but he takes things so seriously sometimes. Sigh. At that age, I did too.

I keep expecting to get traditional letters (or at least emails) from him asking for money, but instead I received this email last week:

so, sorry i haven't called recently, as i miss talking to you.

nevertheless, i thought it would be a good idea to let you know that
your server machines are all completely rootable

on bub, the code /home/jtolds/vmsplice-exploit will give you root on
nearly every 2.6 kernel machine
/home/jtolds/disable-vmsplice-if-exploitable will disable the vmsplice
code in memory by overwriting the first line of the vmsplice function
calls with the RET assembly command
I ran that on bub since it's network accessible

you may want to install new kernels or recompile or something.

if you don't and do reboot bub, you should run the exploit disabler again

love you! talk to you soon
-jt

I would have used the phrase “RET assembly instruction” instead of “RET assembly command”. Assembly ain’t no scripting language. I’m not sure what they are teaching kids in school these days.

I have, of course, upgraded my Linux kernels on the machines in question.