To help detect corruption in the postings, Rich has ported and made some changes to Ralph Merkle's SNERFU program. SNERFU is a one-way hash algorithm. Given some input text, it will generate a single number, such that no two texts will hash down to the same number. The hash value is really a type of checksum in this usage, allowing for detection of corrupted postings, but not for authentication.

SNERFU is a port of the Xerox Secure Hash Function, an algorithm developed by Xerox and released with no restrictions except that the original author must be given credit. Starting with SNERFU itself, Volume 21, Issues 19-22, Rich will be providing SNERFU checksums on all postings.

Those trying to secure UNIX systems should look at Volume 21, Issues 23-27 which contain the Computer Oracle and Password System (COPS), a security tool for systems administrators. COPS checks and reports on the current status of a given UNIX system. Included are device permission checks; password file checks (including tests for "crummy" passwords, non-unique ids, and invalid fields); group file checks; user file checks (for home directories and startup files); crontab and startup file checks; and the Kuang expert system (written by Robert Baldwin) which determines whether a given user (default root) is compromisible. Lastly, and the only check that requires root privileges, COPS performs a find on all files to check for changes among the list of SUID programs.

COPS is not the ultimate in security checker; it's a tool for checking for common procedural errors that should be run regularly as a system's first line of defense from users' ignorance or carelessness. COPS was posted by Dan Farmer (df@sei.cmu.edu).

The systems administration theme continues with Volume 21, Issue 31, an indirect shell script execution utility from Maarten Litmaath (maart@cs.vu.nl). This utility allows the restricted use of set-uid shell scripts to perform functions you would not allow any user to do — useful for lock files, mounting and unmounting file systems, and other common tasks that could require root privileges. If you pick up this posting, don't forget to get the patches for it. One patch was released on Volume 22, Issue 10 shortly after the package was posted.

Terry Jones (terry@pcsbst.pcs.com) has contributed strsed (Volume 21, Issue 28), a string function (extending to strchr, strrchr, etc.) that does regular expression search and replace (including tr type transliteration in the style of the ed/edit/ex/sed text editors.) strsed makes use of the GNU regex package which was not included as part of this issue but is widely available.

strsed supports complex string manipulation without resorting to an external process.

Ipl, a two-dimensional graphic production system, was contributed by Steve Grubb (lsr-vax!scg). Ipl produces scatterplots, line plots, bar graphs, range displays, pie charts, US and Canadian maps, schedule charts, boxes, arrows, text and much more. Ipl can generate Postscript or Sun output and includes many examples, a table beautifier (for taking plain text tables and setting them in a nice font), and a low level subroutine library for producing nearly equivalent graphics (with shading) for both Postscript and Sunview. Ipl is Volume 21, Issues 32-45.

For those who want a yacc (a LALR parser generator) but don't have an AT&T license and don't like GNU's rules, Berkeley has contributed their version of yacc, from Robert Corbett (corbett@ernie.berkeley.edu). This version is totally public domain, no fees, no licensing rules — Volume 21, Issues 78-82.

The largest recent posting is by far the p2c, a Pascal-to-C translator. p2c understands several Pascal dialects including HP and partial Borland Turbo Pascal, and is very flexible and configurable. Designed and developed on an HP-UX system, p2c is System V-based, but has been used on BSD-based Sun. Those with 286s, however, may be out of luck because p2c does require a 32-bit architecture. The release also includes a runtime library and some manual pages. p2c is covered by the GNU license rules and was contributed by Dave Gillespie (daveg@csvax.caltech.edu) as Volume 21, Issues 46-67. The distribution is about 1.5MB.

coda, a code distribution aid posted by Rich Salz (rsalz@bbn.com) helps keep source distributions current across a set of machines. Based on the model of a master source tree kept on a server. coda is executed by clients to synchronize their files with the server. coda is not as flexible as the rdist tool, but requires less of client machines. The client code is very simple and easy to port. Ports are provided for many UNIX, VMS systems and Xenix. An MS-DOS port will be forthcoming. coda is Volume 21, Issues 84-36.

If you've ever accidentally overwritten or deleted a file while copying or moving files using wildcards, mmv is for you. This utility moves, copies, appends and links multiple files using wildcard patterns safely. mmv prevents any unexpected deletion of files due to collisions of target names with existing file names or other target names. It also attempts to detect any errors that would result from the entire set of actions specified and gives the user a chance to abort or ignore parts of the actions before it starts the copies. Support is provided for BSD, System V and MS-DOS. mmv descends from ren and was submitted for Volume 21, Issues 87 and 88 by Vladimir Lanin (lanin@csd4.cs.nyu.edu).

Those desiring SunOS 4 automatic mounting features provided on NFS should acquire amd, an automounting daemon. amd mounts filesystems whenever a file or directory within that filesystem is accessed and unmounts the filesystem once it has gone quiescent. amd has been designed to be robust in the face of NFS server failures. amd contains no UNIX source code and is distributed on the standard Berkeley public license (free use/redistribution, just give credit). Jen-Simon Pendry (jsp@doc.ic.ac.uk) contributed amd for Volume 21, Issues 89-101.

Contributed by Matt Landau (mlan- dau@diamond.bbn.com) Exabyte_ toc places a table of contents at the front of a 2.2 GB (2,200MB) Exabyte 8mm backup tape and later allows users to update the table. Exabyte_toc reserves a fixed amount of space at the start of the tape (currently ten megabytes) for information about the contents of the tape. About 2MB of this space is used for the table of contents, the rest is a buffer space to allow for rewriting — volume 21, issue 102.

Currently, the networks are struggling with the problem of message authentication. RFC-931 standardizes a method for authenticating that a computer and user really are who they claim to be. Volume 22, Issues 1 and 2 are a secure user-level implementation of RFC-931. This authentication server is secure as long as TCP itself remains uncompromised on the two communicating computers. Auth2.1 was contributed by Dan Vernstein (brnstnd@acf10.nyu.edu).

Dan also contributed a set of scripts and utilities, some of which illustrate how to use the auth package, and some which make auth easier to use. None are required for using auth. Volume 22, Issues 3-5 contained the toolset.

A simple utility program (tpipe) splits a UNIX pipeline into two pipelines (Volume 22, Issue 11). It replicates stdin to two other pipelines executing simultaneously.

Dangle, Volume 11 Issue 63, contributed by John Cullen (jjsc@inf.rl.ac.uk), checks for code inadvertently inactivated by nested comments or by loss of a terminating comment delimiter. Dangle checks for comments and strings which bridge lines and can be over zealous in reporting.

Gnuplot 2.0, another large posting (not related to the Free Software Foundation GNU) is a command-line driven interactive function plotting utility for UNIX, MS-DOS and VMS. This graphical program was originally developed to help scientists and students visualize mathematical functions and data. This enhanced version produces publication quality plots and data graphs. Gnuplot supports many different types of terminals, printers and plotters and is easily extensible to support new devices. It features Cartesian and Polar plots, logscale graphs, intelligent tic spacing, optional autoscaling, user definable functions and variables, all the built-in functions of C, Fortran and Basic. Contributed by Tom Williams and Colin Kelley (pixar!info-gnuplot).

Three recently received additional postings extend the PBM toolset (see my CUJ column on portable graphics, vol. 8 no. 6). Ppmtoxpm from Mark Snitily (mark%zok@sj.ate.slb.com) in Volume 10, Issue 79, pbmtochar from Diomidis Spinellis (dds@cc.ic.ac.uk) in Volume 11, Issue 80, and ppm-utils from Bill Turner (bturner@hpcvxbt.cv.hp.com) in Volume 11, Issue 84. Another Groupe Bull format, XPM, is an ASCII- based color pixmap format that can be included in C source or read at runtime. Pbmtochar produces line printer art representations from pbm bitmaps. Chartopbm reads the text file and produces the bitmap from the line printer file. Ppm-utils contains ppmfill, a subset of pnmtile for pixmaps only; ppmborder, to write a border around a pixmap file; ppmmerge to concatenate a number of pixmaps together either side by side or vertically stacked; and ppmoverlay, similar to pnmpaste but with a different interface.

If you need to send files or directories via electronic mail, mailsplit will split the files into transmission units and generate an awk script which will re-assemble the files at the receiving side. mailsplit v2.7 compresses transmission units to save space. Volume 11 Issue 89, submitted by Mitchell F. Wyle (wyle@b.inf.ethz.ch).

Some tools, contributed by John Birchfield (jb@altair.csustan.edu) manipulate PC-clone serial ports (NSC8250 chip). Minimally documented, this submission supports Microsoft, Borland and Zortech C compilers and includes a vt100 emulator. PC-8250 is Volume 11, Issues 93-95.

A simple text to postscript filter, contributed by Dan Judd (danjudd@acc.stolaf.edu — Volume 11, Issue 101), runs on UNIX and MS-DOS and can handle tabs and backspaces. The filter prints in both landscape and portrait mode and can place two pages on each sheet of paper. It also has an option to control the number of lines per page and to automatically select a type size that will accommodate the number of lines requested.

I was a little premature with my last installment's information about the new wraparound version of Tic-Tac-Toe. Eric Lechner (lechner@ucscb.ucsc.edu) has rewritten it again, providing v2 of his game. Once again, the goal is to get four pieces in a row, either horizontally, vertically, or diagonally. Note, that with wraparound edges, the diagonals can be off center. Thus there are no corners on the board. The new version has a better user interface, on-line help, and the ability to play with zero, one or two players. tttt2 is Volume 9, Issue 36 and supersedes tttt, which was Volume 9, Issues 33-34.

Paul Condie (pcbox!pjc) has contributed a large package called menu that provides "an easy-to-use menu utility that allows users to operate an application system in a user-friendly, menu-driven environment. Any application software, regardless of source language, can be executed from menus designed with menu." The package supports multi-level menus, data entry screens that can provide displays, choices and responses that can provide input to the application software, and screen attributes. menu is driven by a script file that can be edited using a standard text editor. It was posted in April 1990 in eleven parts.

Many of the sources are distributed in a format called a shell archive or shar. Warren Tucker (wht%n4hgf@gatech.edu) has released a new version of his shell archiver call shar3.21 which incorporates changes from Richard Gumpertz and Colas Nahaboo. This version generates shell code which attempts to create needed directories, supports setting modification times on unshared files, automatically generates submitted by and archive name headers, can unshar concatenated shars and a mix of shar files and concatenated shar files. Posted in April 1990 in one part.

Also in April, Sandford Zelkovitz (conexch!sandy) posted XBBS v7.91. This large posting (over 600KB in thirteen parts) is the source and documentation for the XBBS bulletin board system for Xenix. For some reason, it was posted as a uuencoded compressed tar file (not the normal standard). Also recently (May) some patches for it have been posted to alt.sources.

NCR has allowed the posting of its System Characterization Benchmark suite. It was posted at the end of April by Rich Kaul (kaul@icarus.eng.ohio-state.edu) in four parts. This system will stress the CPU, I/O throughput to disk and serial ports, and degradation as the number of processes increases. It reports both in text and graphical format on the CPU subsystem, disk subsystem and the terminal subsystem.

If you use the SCB suite, NCR requests that you return an acknowledgement letter to them. The letter basically acknowledges that NCR wrote the benchmark, and that you will not publish results of the benchmark if you modify it. Results from the unmodified benchmark are publishable as long as NCR is credited for the benchmark code. There are no fees required for its use nor other restrictions.

There have been several tree printers written for printing the tree directory structure under UNIX. A new one called TreeD was posted by Istvan Mohos (hhb!istvan) in early May 1990. This version prints each page of the map separately, and numbers them like the grids on a map.