Merge branch 'master' of https://github.com/LCTT/TranslateProject

2025-01-28 23:20:10 +08:00 · 2013-10-15 10:48:52 +08:00 · 2013-10-15 10:48:52 +08:00 · 5948a0fff4
commit 5948a0fff4
parent 703eee30db 34571844d9
5 changed files with 12 additions and 161 deletions
--- a/Backdoor.md
+++ b/Backdoor.md
@ -1,45 +0,0 @@
 A Look Back at the Linux Kernel Backdoor
 ================================================================================
 With all of the recent concern over the US government’s National Security Agency (NSA) some of the attention has turn to the possibility of backdoors. For those of you unfamiliar with the term, a backdoor is an intentional vulnerability in an operating system or software that allows otherwise unauthorized users to gain access to the system. Back in 2003 someone attempted to insert a backdoor into the Linux kernel. Though caught, it illustrates how seemingly innocuous changes can introduce vulnerabilities and the importance of tractability in source control.
 The code, first described by Corbet in an [LVN.Net article][1], was disguised to look like a parameter validation check in the [wait4][2] function.
    if ((options == (__WCLONE|__WALL)) && (current->uid = 0))
    retval = -EINVAL;
 Normally it would have no effect, but if the calling program intentionally passed in invalid values the second part of the if expression would execute. This part would set the program’s user id (current->uid) to 0, which is the root user in Linux.
 At first glance it looks like a simple typo. Developers often accidentally write ‘=’ when they mean to write ‘==’. But when you consider that the wait4 function shouldn’t have anything to do with the user id it becomes clear that this was intentional.
 Corbet explains how this caught,
 > Every change in the CVS repository includes backlink information tying it to the equivalent BitKeeper changesets. The changes in question lacked that information, and thus stood out immediately.
 > 
 > An attempt to make a change in this way is suspicious, to say the least, so there was a lot of interest in what the attempted change was.
 The attack used to insert the backdoor was again the CVS clone of the BitKeeper repository. He continues,
 > The CVS repository is generated from BitKeeper, it is not a path for patches to get into the BitKeeper repositories. So the code in question could only affect users who were working from the CVS repository. Kernels used by distributors probably do not come from that repository, and, as this incident has shown, illicit code can only remain there for so long before being detected.
 Imagine, if you will, if someone tried this attack in a code base without the controls and scrutiny that the Linux kernel team employed. How would you protect yourself if a seemingly innocent line of code could be inserted anywhere and effectively create a backdoor?
 One option would be to create your own “kernel” inside the application. Only this code could can changes flags such as the user’s roles and permissions. All other code only gets a read-only view of the user permission object so that they cannot easily give the user root access.
 Under this model, the code “current->uid = 0” simply wouldn’t compile. Instead one would have to either directly alter the application’s security module, which would be watched much more closely, or resort to tricks using reflection. And reflection code would of course be far more noticeable than a simple assignment.
 If the language supports it, an even better option is to make the user’s permission set entirely immutable. This would further constrain the places where a successful attack may reside to just where the permission set is created.
 These should be augmented with restrictions on the source control server. Rather than running them wide open, the ability to promote code into main branches should restricted to as few people as possible. And security sensitive code should be entirely locked down by default, with edit permissions only granted on a case by case basis. The exact way this be implemented depends on whether one is using distributed or centralized source control and the specific product.
 Ultimately techniques such as this will fail if code changes are not audited before they reach production. These can only reduce the likelihood such an audit will miss something.
 --------------------------------------------------------------------------------
 via: http://www.infoq.com/news/2013/10/Linux-Backdoor
 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译，[Linux中国](http://linux.cn/) 荣誉推出
 译者：[译者ID](https://github.com/译者ID) 校对：[校对者ID](https://github.com/校对者ID)
 [1]:https://lwn.net/Articles/57135/
 [2]:http://linux.die.net/man/2/wait4
--- a/sources/Debian
+++ b/sources/Debian
@ -1,4 +1,4 @@
-Debian 7.2 "Wheezy" Officially Released
+【SCUSJS翻译中】Debian 7.2 "Wheezy" Officially Released
 ================================================================================
 **The Debian project announced the immediate availability for download of the second maintenance release of the Debian 7 Linux operating system.**
@ -27,4 +27,4 @@ via: http://news.softpedia.com/news/Debian-7-2-quot-Wheezy-quot-Officially-Relea
 [1]:http://www.debian.org/News/2013/20131012
 [2]:http://cdimage.debian.org/debian-cd/7.1.0/i386/iso-dvd/debian-7.1.0-i386-DVD-1.iso
-[3]:http://cdimage.debian.org/debian-cd/7.1.0/amd64/iso-dvd/debian-7.1.0-amd64-DVD-1.iso
+[3]:http://cdimage.debian.org/debian-cd/7.1.0/amd64/iso-dvd/debian-7.1.0-amd64-DVD-1.iso
--- a/sources/Install
+++ b/sources/Install
@ -1,4 +1,4 @@
-Install Rhythmbox 3.0 In Ubuntu 13.10 Or 13.04
+【SCUSJS翻译中】Install Rhythmbox 3.0 In Ubuntu 13.10 Or 13.04
 ================================================================================
 Rhythmbox 3.0 was released more than a month ago, bringing an improved user interface, Python 3 support for the plugins and more. Unfortunately, the new version didn't make it into Ubuntu 13.10, but there's a PPA you can use to install it (also available for Ubuntu 13.04).
@ -45,4 +45,4 @@ via: http://www.webupd8.org/2013/10/install-rhythmbox-30-in-ubuntu-1310-or.html
 [1]:http://ftp.acc.umu.se/pub/GNOME/sources/rhythmbox/3.0/rhythmbox-3.0.news
 [2]:http://www.webupd8.org/2012/08/rhythmbox-third-party-plugins-ubuntu-ppa.html
 [3]:http://www.webupd8.org/2013/08/rhythmbox-coverart-browser-plugin-gets.html
-[4]:http://xpressubuntu.wordpress.com/2013/10/06/how-to-install-rhythmbox-3-0-in-saucy/
+[4]:http://xpressubuntu.wordpress.com/2013/10/06/how-to-install-rhythmbox-3-0-in-saucy/
--- a/sources/Wireless
+++ b/sources/Wireless
@ -1,107 +0,0 @@
 Wireless Aside, Cr OS Linux Delivers the Best of Two Worlds
 ===========================================================
 **It is easy to be misled about exactly what Cr OS is. This open source OS project first debuted in 2009 as Chrome OS Linux. Last September its developers changed the name to Cr OS Linux. Even with a recent name change for this distro, it can be mistaken for other Linux OS projects that resemble Google's Chrome OS. Think Chromebook here.**
 The [Cr OS Linux][1] distribution is an interesting blend of the Cinnamon desktop with a special edition of the Chromium Web browser.
 The approach Cr OS Linux (pronounced "Cros Linux") takes gives you a taste of Linux Mint with a chaser of a not-quick pure Google Chrome OS.
 Cr OS is a fully functional Linux distro. It has its own repository and package manager to provide software updates.
 I was generally pleased with Cr OS. Its lightweight design does not have many of the advanced features that tend to bog down Linux Mint, but the Cinnamon desktop definitely provides a Minty look and feel.
 ![img](http://www.linuxinsider.com/images/article_images/78918_620x200.jpg "Cr OS Linux workspaces.") 
 Cr OS Linux uses GNOME scaling effects to depict workspaces.
 The only serious impediment is its high rate of incompatibility with wireless hardware. If all you need is a solid Linux OS for your desktop computer, Cr OS could be an ideal choice. If you also want to use it on laptops, however, chances are it will not connect to your wireless card.
 ###WiFi Woes
 I loaded the live DVD onto three different laptops I use regularly. Each one was built by a different but well-known laptop maker.
 All connected to the Internet via cable just fine. None made the wireless connection. Cr OS failed to spot the wireless card.
 This is a recurring problem with one of my laptops, but I can almost always get a wireless connection from at least one of the other two.
 ###No Chrome OS Clone
 It is easy to be misled about exactly what Cr OS is. This open source OS project first debuted in 2009 as Chrome OS Linux. Last September its developers changed the name to Cr OS Linux.
 Even with a recent name change for this distro, it can be mistaken for other Linux OS projects that resemble Google's Chrome OS. Think Chromebook here.
 The developer's intent was to build a free Linux Live CD distribution around the revolutionary Google Chrome (Chromium) Web browser and based on the openSUSE operating system. That is what Cr OS Linux is.
 Unlike the Chrome OS Project, however, Cr OS is more than just a browser-based OS.
 ###First Impressions
 Cr OS is a Linux distro that gives you the best of two worlds. The combination of a traditional Linux desktop based on Cinnamon with a tweaked Chromium Web browser is awesome.
 Cr OS installs with the InSync beta 10 client for Google Drive. This essentially turns the generic Chromium Web browser that is the basis of Google Chrome into the Chrome browser.
 I can log into my Google account and have Chromium sync all of the Google apps so I get the appearance of actually running the Google Chrome browser. Even the Chrome store is connected to the Google Store in the browser.
 So, if you use the Google Chrome browser and like the Cinnamon desktop, the Cr OS is very satisfying indeed.
 ###Software Galore
 Cr OS has an impressive installed software base. This makes it much more flexible than Google Chrome OS, with all the limitations it imposes.
 You can use your standard Linux apps and supplement the software with your favorite Google apps online via the Chromium browser linked to your Google account.
 Cr OS does not install the latest versions of every application, but at least I did not have to add the key programs I expect to find in a Linux distro. Among the apps provided are the Banshee 2.4 media player, Shotwell 0.12 photo manager, GIMP 2.8 image editor, LibreOffice 3.5 office suite, Wine 1.5 Windows emulator, Cheese 3.4 webcam app and the Pidgin 2.10 instant messenger.
 ###Under the Hood
 Cr OS is no slouch in the engine department, either. It has a Dashboard with social toolbar and a very functional Control Center.
 Powering this distro release is Linux kernel 3.6.5 and the Cinnamon 1.6.6 desktop environment. The Chromium 24.0.1290 Web browser is the stock offering.
 ###Getting It
 The download process for Cr OS is horrible. You can choose to pay for a Gold membership account for really fast download speed, or you can choose the regular download option for free, go through a 60-second wait with gotcha verification and then a very slow (353 minutes) download.
 The download service is provided by depositfiles.com. The Cr OS website has almost no information about the community or company providing the software. The site gives you the option to go to its Google+ page, but until you agree to add them to your Circles, you get no information from there either.
 You can also choose to download the live DVD version or the install-to-USB-drive portable version. The live download is 826 MB. The USB download is a 976 MB tar.gz file (3.9 GB unpacked).
 ###A Better Source
 An alternative is [here][2] at the [SuSE][3] Studio affiliate website. You still need to set up an account, however, unless you have Google or other affiliated log-ins.
 The download speeds are not throttled back here, however, so the complete download is much quicker. The download speed still depends on your service provider and other factors, but no USB installation download was available.
 Either way, you may still sense some branding confusion. Cr OS Linux is not affiliated with Google Chrome, other than the tie-in with the Insync integration.
 The splash screen sports the Google red, green and yellow colored circle. The two-tone blue Chromium icon sits on the desktop panel, however.
 ###Bottom Line
 If the wireless connectivity issue does not affect you, Cr OS is a solid Linux distro. It offers an uncluttered Cinnamon desktop environment with a tweaked-out version of the Chromium Web browser.
 Cr OS is not as mainstream as other Linux distros, but its unique approach may be just what you need to enjoy a more pure Linux experience.
 ###Want to Suggest a Linux Application for Review?
 Is there a Linux software application you'd like to suggest for review? Something you love or would like to get to know?
 Please send your ideas to me at jack.germain@newsroom.ectnews.com, and I'll consider them for a future Linux Picks and Pans column.
 And use the Talkback feature below to add your comments!
 via: http://www.linuxinsider.com/story/Wireless-Aside-Cr-OS-Linux-Delivers-the-Best-of-Two-Worlds-78918.html
 本文由 [LCTT][] 原创翻译，[Linux中国][] 荣誉推出
 译者：[暮霭加][] 校对：[校对者ID][]
 [LCTT]:https://github.com/LCTT/TranslateProject
 [Linux中国]:http://linux.cn/portal.php
 [译者ID]:http://linux.cn/space/译者ID
 [校对者ID]:http://linux.cn/space/校对者ID
 [1]:http://getchrome.eu/
 [2]:https://susestudio.com/a/jMOVxa/cr-os-linux
 [3]:http://www.novell.com/linux
--- a/translated/How
+++ b/translated/How
@ -1,16 +1,18 @@
-如何在终端命令行测试你的网速
+如何使用终端命令行测试你的网速
 ================================================================================
 ![](http://img.gawkerassets.com/img/190w8luc8u8jjjpg/original.jpg)
-你可能知道关于互联网[速度测试][1],它可以在你的浏览器里进行.这里给展现一个更简单的方法,你可以在你的树莓派或者家用服务器通过终端做同样的事.
+你可能了解互联网[速度测试][1],它可以在你的浏览器里进行.Make Tech Easier教程给我们展示了如何在终端窗口中做同样的事情，非常适合你的树莓派或家用服务器.
 打开一个终端,运行下面命令:
    wget -O /dev/null http://speedtest.wdc01.softlayer.com/downloads/test10.zip
-使用[wget][2]命令从远程仓库服务器测试下载一个10MB文件.当文件下载完成,速度会显示在终端,你就可以知道你正在连接的网络速度有多快了
+使用[wget][2]命令从远程仓库服务器测试下载一个10MB文件.当文件下载完成,速度会显示在终端,你就可以知道你正在连接的网络速度有多快了.
-任何linux PC(译者注:一般,我们所说的PC是指'IBM PC兼容机',此架构中的中央处理器采用英特尔或超微等厂商所生产的中央处理器)能够运行wget命令.[Windows][3]和[Mac][4]用户需要下载这个程序,但是功能不多不少完全一样.点击链接可以读到更多.
+任何linux PC(译者注:一般,我们所说的PC是指'IBM PC兼容机',此架构中的中央处理器采用英特尔或超微等厂商所生产的中央处理器)能够运行wget命令.[Windows][3]和[Mac][4]用户需要下载这个程序,但是功能差不多是一样的.点击链接可以了解更多.
 [怎样从终端测试你的网速][5] | Make Tech Easier
 --------------------------------------------------------------------------------
@ -18,9 +20,10 @@ via: http://lifehacker.com/how-to-test-your-internet-speed-with-a-terminal-comma
 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译，[Linux中国](http://linux.cn/) 荣誉推出
-译者：[flsf](https://github.com/flsf) 校对：[校对者ID](https://github.com/校对者ID)
+译者：[flsf](https://github.com/flsf) 校对：[Caroline](https://github.com/carolinewuyan)
 [1]:http://www.speedtest.net/
 [2]:http://lifehacker.com/161202/geek-to-live--mastering-wget
 [3]:http://gnuwin32.sourceforge.net/packages/wget.htm
 [4]:https://www.macupdate.com/app/mac/33951/wget
 [5]:http://www.maketecheasier.com/quick-tips/test-internet-connection-speed-from-terminal