THE MAGAZINE OF USENIX & SAGE October 2001 • 26 • Number 6

inside:

THE by Peter H. Salus

& The Advanced Computing Systems Association & The System Administrators Guild the bookworm

by Peter H. Salus concludes with a section on supporting utilities and an excellent index. (NB: If Peter H. Salus is a you just want to use a database, this member of the ACM, REVIEWED IN THIS COLUMN the Early English Text is not for you. If you are a pro- Society, and the Trol- lope Society, and is a grammer with at least some knowledge life member of the of databases, this book is for you.) American Oriental Society. He is Chief Berkeley DB is a good book on a first- BERKELEY DB Knowledge Officer at Sleepycat Software, Indianapolis, IN: New Rid- Matrix.Net. He owns rate, open source database. The only ers, 2001. Pp. 664. neither a dog nor a cat. criticisms I have are of the volume’s pro- ISBN 0-7357-1064-3. duction: first of all, the page numbers in [email protected] PEER-TO-PEER: HARNESSING THE the table of contents bear only a tangen- POWER OF DISRUPTIVE The USENIX Conference in Boston tial relationship to the actual chapters TECHNOLOGIES (luckily, the index was done by reliable finally convinced me that folks read this ANDY ORAM, ED. column. Oh, I’m not trying to be coy: software); secondly, two figures have Sebastopol, CA: O’Reilly, 2001. Pp. 432. ISBN 0-596-00110-X. whenever there’s a glaring error, I hear their labels reversed. it. But as I walked the exhibit floor in The folks at Sleepycat Software have BEYOND CHAOS Boston, people I hardly knew (or didn’t done a great job: Margo, Keith, Mike, LARRY L. CONSTANTINE, ED. know) would ask me about this book Mike, and whoever else was involved in Boston, MA: Addison-Wesley, 2001. and that. It’s really flattering. So is the this, my compliments. Pp. 416. ISBN 0-201-71960-6. response I’ve had to my call for more CERT GUIDE TO SYSTEM AND NET- reviewers. I now have a group of volun- Being Disruptive WORK SECURITY PRACTICES teers who will be doing reviews. Just Over the past 5000 years, most media JULIA H. ALLEN how many and how frequently will be a have functioned on a one-to-many basis. Boston, MA: Addison-Wesley, 2001. Pp. 447. ISBN 0-201-73273-X. function of the topics they have an inter- The massive temple inscriptions, the est in and what gets sent in by the myr- imposing stelae of the Babylonian, A SYSTEM ADMINISTRATOR’S GUIDE iad publishers. Egyptian, and Persian empires bear testi- TO AUDITING mony to the beginnings of this: “I, Dar- GEOFF HALPRIN I am especially pleased that I’ve found Short Topics In System Administration, 6. ius, great king, king of kings...’’ begins volunteers in Canada, , and Berkeley, CA: USENIX Association for SAGE, column 1 in Behistun (parodied by Shel- Italy, spreading our scope geographi- 2000. Pp. 52. ISBN 1-880446-21-9. ley in “Ozymandias” [1818]). The sacred cally. books of all religions are proclamations And now for the autumn’s books. from the few to the many. So, in more recent centuries, the book, magazine or Berkeley DB newspaper publisher, the radio and the Databases are important. Embedded sys- TV broadcaster all operate on a one-to- tems are important. The Berkeley data- many basis. base is the most widely used embedded database system in the world. The more From its very beginnings, the Internet we use embedded databases (as every has broken this model: every machine time you employ Netscape or order a on the Net peers with every other. Even book from Amazon.com or use a hand- when there were but a dozen or a few held device), the more important under- hundred hosts, there was no notion of standing them becomes. publisher/source and passive receiver. As we’re now at over 150 million machines Berkeley DB is divided into two parts: on the Net, “closing down’’ the publisher the first, pp. 1–242, is a reference manual or broadcaster (a popular pastime of of great value; the second, pp. 243–632, oppressive regimes) has become truly is the API manual. The latter details the impossible. APIs for C, C++, Java, and Tcl. The book

October 2001 ;login: 91 By and large viruses or worms or DDoS CERT’s Practices attacks are just annoyances, pranks. But With input from a large number of folks for over 150 countries, the Internet has at the SEI and at CERT, Julia Allen has become a road to news that does not produced a simple, practical guide to pass through government control, a protecting your system(s) from unau- method for nearly anyone to both send thorized intrusions. My guess is that and receive at will. many readers of this column will find Andy Oram has put together an anthol- the book too simple, but it seems to me ogy of pieces on technological, legal, that with the Internet and systems grow- financial, and social repercussions of ing at a furious rate, the number of peer-to-peer Internet communication. experienced sysadmins is waxing far too This goes far beyond SETI on the one slowly. There are thus a number of folks hand and Gnutella on the other. The who need a milder, more basic mere existence of anonymous remailers approach. There are also a number of (even after Julf Helsingius shut his people who work in environments down) frightens the thought police. where the highest levels of management don’t understand the details. Here is a Publius tells us about trust. Red Rover book that carries CERT’s authority to tells us about really low-tech distribu- hammer them with. tion. The book contains 19 essays and an afterword. A Major Omission Like any anthology, the quality is I owe Geoff Halprin an apology. It’s a uneven. But it’s worth (and year since his SAGE booklet appeared, thinking) about. and I’ve neglected it. I could offer excuses, but instead, I’ll just give him a Software Development few flattering lines. For four years, Larry Constantine There are all sorts of jokes about how ran/edited/wrote a “forum’’ in Software dull auditors are. Computer auditing has Development magazine. Forty-five of the never, I admit, appeared a fascinating columns (by a large variety of folks) topic to me. But Halprin’s 50 pages con- have been collected in Beyond Chaos. vinced me that the “rigorous examina- Most of the essays are interesting and, tion of a system’’ together with the thanks (I suspect) to by Larry “identification of shortfalls in compli- and the magazine’s staff, quite readable. ance or practices’’ and the “organized I found several very illuminating; a few repair’’ of the system are indeed very (in retrospect) seem just worthless; but important. Good job, Geoff. And, again, the just over 400 pages are great for my apologies for taking so long to print reading on a flight, at the beach, or these few words. wherever. The essays are brief and thus the volume can be read in snippets. I found it heartening to realize that Aris- totle is still relevant today. Larry states (Chapter 31): “The artist learns how to paint by painting.’’ Aristotle wrote: “He who learns to play the harp learns to play it by playing it’’ (Metaphysics 1049b31f). There’s something similar in the Nicomachean Ethics 1103a32–34. John Boddie’s Chapter 10 is a keeper.

92 Vol. 26, No. 6 ;login: