Anonymous Reader writes, “This week, the most interesting articles include ‘Securing Sendmail with TLS,’ ‘CERT
Guide to System and Network Security Practices,’ and Learning with nmap.’ Also this
week, there are several interesting cryptography articles including Delayed Report on
Encryption Flaws to Be Presented,’ and ‘So much for secure e-mail.’ ” It’s at

http://www.linuxsecurity.com/articles/forums_artic le-3529.html.

Haus of Shogo has an interview with Ben Hermans, of Hyperion Entertainment, which announced that its port of Monolith’s Shogo: Mobile Armor Division to Linux has gone
gold.

Posted at LinuxSecurity.com: “Sdbsearch.cgi is Perl script which is part of the sdb package of SuSE Linux
was found vulnerable by using untrustworthy client input (HTTP_REFERER).
By exploiting this trust an attacker could force the sdbsearch.cgi script
to open a malicious keylist file which includes keywords and filenames.
By replacing the filename in the keylist file with the Perl pipe followed
by arbitrary shell commands the sdbsearch.cgi would execute these commands
when trying to open these ‘filenames’.
Note, that the attacker needs local access to the machine to store the
keylist file on the server running sdbsearch.cgi. Misconfigured ftp
accounts, trojan tar balls or RPM files could also be used.”

Slashdot readers discuss a commentary from Open Source evangelist Eric S. Raymond. “Tim asserts that the most fundamental software freedom is the freedom to choose any license you want for
the software you write. Kuhn and Stallman reply ‘Unstated, but clearly implied, is that one person or
corporation chooses the rules to impose on everyone else.’ ”

From commentary at ZDNet: “It looks like the now-infamous case of until recently jailed Russian software
developer Dmitry Sklyarov was just the beginning of a broader trend to cast IT professionals in
the role of info cop. Software developers like Sklyarov and even help desk and system
administration workers, it appears, are being deputized to enforce ill-conceived laws aimed at
perceived Web-borne threats to society.”

From PR Newswire: As part of a continuing
commitment to expand and enrich Linux-enabled networks, DataDirect Networks
has announced SAN DataDirector compatibility with Cisco’s 5420 iSCSI Fibre
Channel to Ethernet router. The Fibre Channel SAN DataDirector makes it
simple to provide servers, workgroups and clusters with high performance
parallel access to centralized storage pools. Using the SAN DataDirector in
conjunction with Cisco’s 5420 router enables an easy, cost-effective way to
network Linux clusters to high performance storage through IP networks.

ZDNet has a short item saying that Caldera International announced that Shoppers
Drug Mart, Canada’s largest pharmacy chain, will use Caldera’s UnixWare 7 operating
system combined with the company’s Linux Kernel Personality and SilverStream
Application Server software to coordinate computing services throughout the chain’s
800 stores. More from InternetNews.com.

From PR Newswire: Rainmaker Systems Inc. (Nasdaq: RMKR) a leading outsource provider of
Internet-enabled sales and marketing services, today announced that it has
successfully launched its services for
Caldera International, Inc. (Nasdaq: CALD). Rainmaker is selling and renewing
support and maintenance contracts for Caldera’s award winning UNIX and Linux
Operating System product lines in North America.

Slashdotters discuss the latest clash between the Free Software and Open Source communities. The original post and accusation is at LinuxProgramming.com. More commentary at Advogato.org.

Consulting Times interviews Caldera International CEO Ransom H. Love: “Love took a more conciliatory tone to douse the flames
directed at him by Richard M. Stallman and others in the free/open source community, but
stood his ground on the importance of bringing commercial solutions to Linux. He took pains to explain his assertion that while the GPL is an incredibly successful development
model, it was never intended as a business one.”