Bill Page wrote:
>
> I am sorry that this is a bit off the usual topic of FriCAS as such...
>
> On 23 March 2013 14:01, Waldek Hebisch <[email protected]> wrote:
> >
> > Yes. You can see error message. The line:
> >
> > AttributeError: isBibliographyExportable
> >
> > seem to be key. Also, I saw some messages about problems
> > loading CMFBibliographyAT.
> >
>
> My first suspicion is that this might be a Python version related
> issue. Some parts of Zope and ZWiki use legacy features of Python
> that are discarded in new versions of Python.
Currently wiki still uses Python 2.4.
> >> Having this old VM accessible only behind an Apache proxy
> >> running on an up to date current version of Linux seemed like more
> >> than adequate protection from the hostile Internet to me.
> >
> > Both Ubuntu and wiki software.
>
> Where you successful at upgrading both of these? I have to admit that
> I am interested in using newer versions but it just never seemed like
> a priority to me.
ATM not. Currently changes are mostly preparation for real upgrade...
>
> > Running wiki in VM gives reasonable
> > protection for host so I decided to run it. However thinking
> > that this is "only a VM" is wrong IMHO:
> >
>
> Using VirtualBox (and most other VM host packages) makes it relatively
> easy and cheap to keep regular snapshots. These days I usually use
> XEN on SuSE Linux with BTRFS for VM storage. BTRFS has some nice
> snapshot features.
I am not sure about "cheap" part. VirtualBox clearly states that
making snapshots is fast, but they slow down normal machine
operation. Also, by their nature snapshots contain irrelevant
stuff which means bigger volume. Also, IIUC VirtualBox snapshots
are stored bundled with hard disk image which makes them of
limited use for backups. Maybe you meant "export" from
VirtualBox?
> > ...
> > - It is good to have several lines of defence. If attacker breaks
> > one the other may limit damage and allow faster detection and
> > recovery from breakin.
> >
>
> I think that usually one should first seriously evaluate the level of
> risk both in terms of magnitude of consequences and the probability of
> a successful attack compared to the level of effort required to
> prevent it. But you might have other motivations for wanting to do
> this, e.g. educational.
I am affraid that currently effort to get root inside VM is trivial.
So, only thing which prevents such breakin is obscurity. Obscurity
means that VM is unlikely to get rooted by a bot, but if we ever
get attention of wannabe human black hat, then system inside VM
would give up. I would like to make this a bit harder and I think
that this is possible with reasonable effort.
>
> You are right. But it seems to me that the best "backup" for this
> sort of application is in fact replication. If several co-operating
> instances of the site exist on the Internet than all that is necessary
> to backup the site is to periodically synchronize page content. There
> is a simple and effective Zope tool for doing this called Zsyncer
> which works any Zope-based application.
Yes, I know. But carring VM with Zope for backup still is clumsy.
--
Waldek Hebisch
[email protected]
--
You received this message because you are subscribed to the Google Groups
"FriCAS - computer algebra system" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/fricas-devel?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
