Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page
Other stuff:
Recent features: Here is the permanent site for this page.
|
Leading itemsWas the Windows refund day a success? By one set of metrics, the answer would have to be "no." The turnout for the event was tiny, and, as expected, no refunds were issued. It is difficult to avoid thinking that a more concerted effort to get people out into the streets might have paid off handsomely. Perhaps publications like this one should have been a much bigger part of such an effort. But that would be a short-sighted view, in any case. The Windows refund effort has succeeded in creating a much broader understanding of the nature of the "Microsoft tax." News reports all over the planet presented a sympathetic picture of computer users who simply wish to not be forced to pay for software that they do not use. Awareness of the problem - and of the fact that many of us have found an alternative preferable to Windows - is now much higher. The Windows refund people have done very good work, and deserve the strongest of congratulations. It's Time to Talk about Free Software Again says Bruce Perens in this editorial sent to LWN. "I fear that the Open Source Initiative is drifting away from the Free Sofware values with which we originally created it. It's ironic, but I've found myself again siding with Software in the Public Interest and the Free Software Foundation, much as I did in 1995." How Linux handles security problems, part II. As might be expected, last week's somewhat ill-tempered editorial on security drew quite a few responses. We would like to follow up in a couple of areas. First, with regard to how the various distributions responded the the FTP vulnerability:
So, while we are far from perfection, it would appear that the response of most of the Linux distributions to this security problem was reasonably prompt - certainly far better than is seen with proprietary software. The problem, thus, lies not with producing patches that close security holes, but in getting those patches into the hands of users and system administrators everywhere. There are two separate aspects to this problem: communications and infrastructure. Communications has to do with letting people know that patches are needed and available, and with telling them where to find these patches. We repeat our call from last week for each distribution to make security information available from its front page (in each language that they support). When people are looking for a patch (now!), it is too late to tell them they should be on some mailing list. Putting out patches is of limited use, however, if said patches are inaccessible. As the popularity of Linux grows, servers used by distributions will become ever more susceptible overwhelming surges in traffic. We were taken to task by some readers who thought we were expecting Red Hat to have the bandwidth to handle such surges. We were not suggesting that; as users and their available bandwidth grows it will probably prove not to be possible, much less economical to put in such fat pipes. Setting up that amount of bandwidth is also unnecessary. All that is really needed is a mirror system that actually works. The Linux kernel archive mirror system, set up by H. Peter Anvin, is a great example of how to do things right. Access to the main site is controlled so that the mirrors are always able to update themselves. DNS is set up properly so that one need not actually know the name of a mirror site. It all just simply works. Companies like Red Hat already have the most important piece for a good mirror system: a large set of willing mirror sites. A bit of organizational work should be all that's needed to make the mirror system function well. Free software pioneers. The EFF is seeking nominations for their 1999 Pioneer awards. It would be nice to have some good nominations from the free software world (but remember that Linus Torvalds and Richard Stallman won last year). |
February 18, 1999
|
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Security page. |
SecurityNewsRed Hat's updated sysklog is still not secure? That's the word from Cory Visi, who explains in his Bugtraq posting that the updated version from Red Hat contains Cory's patch, which he states does not fix the original problem. The correct fix is to upgrade to sysklogd-1.3-30. This impacts all versions of Red Hat but will not impact Linux distributions that already use the newer version of sysklogd. Red Hat has been notified.An update to our reports on security problems with proftpd and wu-ftp is available on our front page. Security ReportsAn error in the way cfengine handles temporary files has been identified by the maintainer of the Debian cfengine package. The Debian announcement recommends upgrading to their fixed version and provides pointers and instructions for Debian GNU/Linux. The author of cfengine has been notified but an official fix has not yet been released.ISS issued an advisory on "Super", a utility which allows restricted super user privileges for some users. The advisory tested the problem on Debian GNU/Linux, though Super is also available for other Linux and Unix distributions. Debian uploaded a fix for the problem within a few hours. An official notice of the fix is being held until binary packages for all architectures are available and the mirrors have been updated. Alfonso De Gregorio reported two bugs in traceroute which allow it to be used as a UDP or TCP flooder. The problems have been confirmed and, so far, updates for FreeBSD have been released. Juan Diego Bolanos filed a report on /tmp problems with all versions of lynx. Follow ups on Bugtraq indicate that this is not a new problem; /tmp problem reports for lynx date back to March of 1998. No one seems to be stepping up to the plate to address the problems, however. In the mean time, Glynn Clements and Piotr Klaban stepped up to suggest some workarounds. Kenn Humborg reported what turns out to be a problem with the rpms for ssh from ftp.replay.com. His followup describes the source of the problem and indicates that he'll contact the creators of the rpms and ask him to rebuild them. A security patch for Network Flight Recorder is now available. They recommend installing the patch immediately. It appears to fix a variety of buffer overruns and some difficulties handling large alert queues when the central NFR system cannot be reached. This advisory from NAI details the vulnerability for which the patch was released. A reported buffer overflow in mc, detailed here, does not appear to be exploitable in any way, at least according to this report from Julien Nadeau. It has been reported to the mc authors. A buffer overflow in snplog was reported by Rupert Weber-Henschel. Check his posting for more details. HERT reports a buffer overflow in lsof. lsof is a tool used on many systems to list open files. The HERT advisory indicates that the buffer overflow is vulnerable when lsof is installed setuid root or setgid. Vulnerable Linux distributions reported include SuSE, Debian and Red Hat. The workaround is easy, just change the permissions on lsof to 0755. UpdatesThe Pine Development Team officially responded to last week's pine exploit report. In it, they explain that the problem lies not in pine but in metamail and specifically in the default mailcap file distributed the metamail MIME-support package. Thomas Roessler followed up with a description of how mutt handles the situation. John D. Hardin updated his MIME-sanitization procmail filter to address the metamail vulnerability that affected pine. Here is his note with pointers to the new version. Debian released an updated version of their advisory on wu-ftpd. ResourcesEdward Felton and Gary McGraw have made the entire text of their book, Securing Java, available on the Web. They are also authors of the 1996 "Java Security: HA HA. Take a look and buy a copy to support them if you are impressed with what you find.Version 1.0 of the Linux IP Firewall Log Analyzer (ipfwlog.pl) is available. More information and the script itself are available on the web. Rob Slade has made available his review of "Fighting Computer Crime" by Donn B. Parker, 1998. He dislikes the beginning and end of the book but indicates that there is a great deal of useful information for the security practitioner. The February 15th edition of CRYPTO-GRAM, Bruce Schneier's monthly newsletter, is now available. [From ISN] |
February 18, 1999 |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Kernel page. |
Kernel developmentThe current kernel release is still 2.2.1, despite the fact that Linus had promised a 2.2.2 by Tuesday when he announced 2.2.2pre4. He also stated his desire for 2.2.2 to be "really rock solid," so it's better that we wait if need be. Alan Cox, meanwhile, has put out 2.2.1ac6 for folks absolutely needing a new patch to apply. The dominant conversation this week started with the question of why is fsync() on large files so slow? This problem manifests itself on systems with a very busy syslog daemon; syslog calls fsync after every entry that it logs to a file in the hopes that everything will get out to disk should a system crash happen. Busy loggers can have many entries every second, so fsync calls happen frequently. The problem is that fsync requires an examination of all of the blocks in a file to be sure that none of them have been modified. If the file is large (and busy syslog daemons can create very large files) there is a lot of work to be done. In the worst case, the system bogs down and things start to hang for periods of time. Not fun. Ted Ts'o came up with a quick patch which keeps track of which blocks in a file have been modified since the last sync; it works as long as not too many changes have been made. Further discussions with Linus lead to a preliminary design for a more extensive list of "dirty blocks" as a more ambitious solution to the problem. Whether anything that comes out of it will show up in a kernel before 2.3 is unclear. Thereafter followed a strange discussion resulting from a suggestion by Stephen Tweedie that his journaling extensions to ext2 would also address part of the problem. Linus jumped on that with a pronouncement that journaling would never be accepted into the ext2 filesystem; it's too big a change. Big filesystem changes do tend to make people nervous. When it was pointed out to him that the plan has always been to create an "ext3" filesystem, Linus went further and suggested that ext3 be an entirely new filesystem - not based on ext2. Linus seems in particular to want to get rid of the "." and ".." entries that Unix directories have contained forever; it is not entirely clear why. In any case, implementing an entirely new filesystem and dropping "." and ".." are not particularly popular ideas at the moment. Expect to see journaling (which is really just a way to make changes atomicly to the filesystem so that 'fsck' is not necessary, even after a crash) show up in an "ext3" filesystem somewhere in the 2.3 series. A surge of development activity with the modutils package erupted after Björn Ekwall agreed to help maintain the package. He immediately reverted back to an older version of modutils which was written in C++ in a claimed response to some licensing problems. This change was not especially popular; in particular, there is concern about fitting modutils onto boot floppies - where every byte is precious - when the bulky C++ libraries must be included as well. Development is pressing forward regardless, with an immediate goal of integrating the "modprobe" and "insmod" utilities. The latest snapshot was announced on Tuesday. Kernel time in nanoseconds. Ulrich Windl put out a request for discussion on his plan to convert internal kernel timekeeping to use nanosecond intervals. This change would help to implement a number of POSIX real time functions, and also helps with the NTPv4 clock synchronization protocol. He's looking for testers for "this very experimental stuff." New development mailing lists: a list for people interested in working on a logical volume manager for Linux has been announced. There is also a new list dedicated to Linux performance monitoring. Own a copy of history: Riley Williams is now offering a two-CD set with almost the entire history of released Linux kernels. See his web site for details. Thanks to Randy Appleton for his assistance with this week's kernel section. |
February 18, 1999
For other kernel news, see: |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Distributions page. |
DistributionsDebianThe scheduled release date for Debian 2.1 is March 2nd, according to this note from Brian White. Uploads to the Intel base will be locked on February 22nd to give the other architectures a chance to catch up. From checking on the debian-alpha and debian-space lists, both of these architectures look in good shape to make the release date.Debian GNU/Linux 2.0r5 has been released. This is an update to the current stable Debian 2.0, containing security and bug fixes. For details on the changes, see the changelog. Check out the announcement for pointers to more information. Wichert Akkerman contacted us in response to mention of Debian's security practices on the front page of the February 11th, version of LWN. He corrected some minor errors in the coverage, which should be reflected on this week's LWN, but also indicated that they are looking for ways to improve their security efforts, primarily by improving people's access to information about problems and fixes, since security reports already receive a rapid response from Debian maintainers. The Debian Weekly News for February 15th is available. Joey Hess commented that the issue is a bit slim, due to Windows Refund day and other projects. They are looking for more contributors to divide up the work. CUTE 2000, an "all-in-one" Linux server providing DNS, SAMBA, WWW, FTP, etc, was announced at the NET & COM '99 show. It is Debian-based and you can read more about it in this article. Definite LinuxThis U.K.-specific Linux distribution is based on Red Hat 5.2. Both the latest versions of KDE and Gnome are provided, but not integrated in the distribution. They also include all the latest bug fixes from Red Hat, remastering their CD for every major bug or security fix reported. Their website also indicates that the latest versions of XFree86 and Samba are already built into their CD. Jason Clifford also indicated that up-to-date versions of ghostscript and postgresql are there as well.As an extremely nice additional feature, about 150MB of additional security-related and other software, such as ssh, Apache-SSL, etc, are available on the Definite Linux CD, though not installed by default. They have, for example, already acquired an export license for Roxen Challenger with full encryption from the Swedish Government. If you are in the U.K. and already using Red Hat, you will want to take a good look at this distribution as an alternative. easylinux-krChyung Choi from South Korea has created a new distribution that he calls easylinux-kr. It can be run almost directly off the CD. More information is available, in both English and Korean, on his web-site.Red HatGreg Herlein has posted an update to the Red Hat Module Upgrade Howto. He also mentions that he plans on working on improvements to the Modules Mini-HOWTO, previously maintained by Riley Williams, to update it for the 2.2.X kernel series. If anyone is interested in helping, they should let him know.SlackwareA Slackware FAQ is now available. It answers important questions like why you shouldn't bug them about when the next Slackware release will be ... Seriously, it includes some information about their plans for handling glibc 2.1, KDE 1.1 and more, so it is worth a read for all Slackware fans.A large number of updates to Slackware have been released since February 4th. Information on these updates can most easily be found in the ChangeLog file for slackware on ftp.cdrom.com. Some of the more critical updates include sendmail 8.9.3 (along with procmail and smail recompiles), various changes to help support the 2.2.X kernel, new versions of imapd and pine, in response to security alerts, and, biggest of all, KDE 1.1 is now part of the current slackware. SuSEAs a couple of you noted in personal email messages, after weeks of watching for the release of the International veresion of SuSE 6.0, this editor was out sick and the announcement was missed. Our apologies. Meanwhile, for those who haven't already found the news elsewhere, the SuSE U.S. home page has links to all sorts of information about the new version.People are very happy with 6.0! In comparison with charting reponses to 5.3 international, which had to be withdrawn due to rare, but severe, problems, SuSE seems to have reclaimed its reputation of providing extremely stable, easy-to-use releases. SuSE 6.0 is glibc based! This is probably the largest change with the move to 6.0. Now those of you who have been waiting to try out Oracle or other glibc-based applications on SuSE have lost your last excuse ... Reports of upgrades to 6.0 indicate that they are going reasonably smoothly, though it should be noted that the parameters for pppd have changed and some links to the rc2.d and rc3.d directory may need to be recreated. Some people have received their SuSE subscriptions while many others are still waiting. Lenz Grimmer posted a tip on how to get GNOME up and running with SuSE 6.0. SuSE's support for security is likely to improve in the future. We've heard that they are adding on another person for whom security will be the sole focus. TrinuxIn preparation for the next official trinux release a new TrinuxHD image (0.49 beta) has been made available. Matthew Franz encourages those of you running TrinuxHD to upgrade due to significant improvements that allow automatic booting. |
February 18, 1999
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed. |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Development page. |
Development toolsJavaNo new information on the JDK 1.2 port is yet available. We know from past weeks that the major threads problem has been dealt with using green threads. Presumably some of the other remaining problems that prevent the port from passing the JCK are also proving obdurate.Note that the location for up-to-date news on the JDK port has moved to the News and Contact Information page. This may have been in response to a request that the information be dated. The last note is from February 13th and just states that information on the port will be provided when the porters have sufficient time. In addition, in a move which he states he hopes he doesn't regret, Steve Byrne's has mentioned that he plans to create a JDK 1.2 porting status page with information on what portions of the JCK they have passed so far and on what platforms. Of course, that will take time and therefore has not yet happened. This week's JDC Tech Tips is available. PerlThe Perl Institute Web page at http://www.perl.org was down earlier this week, but back up by Tuesday, February 16th.Several new Perl books have been published, including:
CPAN Testers has moved to the Perl Institute web page. The new site has a database and search capabilities. [ed. some problems with this URL were seen on Wednesday, Februrary 17th] Tom Christiansen has released pmtools 1.00, a collection of small tools to aid in managing modules, including finding modules, updating them, etc. Download pmtools from here. Joseph N. Hall will be teaching a four day Introduction to Perl class March 2nd through the 5th in Moorestown, NJ. PythonPyGreSQL 2.3 has been released. PyGreSQL is a python module that interfaces to a PostgreSQL database. Check out the announcement for more details.CNRI has summer positions for students. CNRI, the home of Python, is looking for graduate and under-graduate students to work on globally distributed name service, e-commerce, computer animation and remote instrument control, digital library architecture and mobile agent technology. Sounds like some fabulous and fun opportunities. For more information, check out their description of the work. Tcl/tkHere is this week's Tcl-URL!. Moderator Mark Roseman also mentions that they are looking for people interested in pulling a stint moderating Tcl-URL! themselves.Will Duquette has released an updated version of Will's Guide to Creating Object Commands. This version fixes some errors in the original and extends it. New Tcl-based offerings for the week include:
|
February 18, 1999 |
|
Development projectsGanymedeGanymede 0.97 is now available. Jonathan Abbey dropped us this note containing the release announcement for this GPL'd network directory management system. It is now possible, with this release, to register, unregister, and edit scheduling parameters for all server-side tasks through the Ganymede client. A variety of other fixes have also been included, to bring Ganymede closer to its first stable, production release.GlibcGlibc 2.1 was released! That's the good news and you can read about everything it includes. However, note that the README for glibc2.1 indicates that the new release has been temporarily removed "until some political issues are worked out". According to this Slashdot article, rumors that the pull was due to licensing problems are incorrect. Instead, Zack Weinberg stated, "glibc 2.1 has been pulled since it cannot be compiled with gcc 2.8 and this conflicts with FSF policy. We are working with RMS to resolve the issue. In the meantime, glibc 2.1 remains available from sourceware.cygnus.com and its mirrors. " The fact that it is still available at cygnus explains why the upcoming Debian 2.1 release for sparc can be based on glibc 2.1 even when it isn't officially available yet.GNOMEGNOME "Still Conspicuously Skillful Cow" 0.99.8 is now available. GTop 0.99.8 has also been released. The GNOME FTP site has updated its non-GNOME packages. These are packages needed to help you compile and enjoy GNOME. This note from Martin Baulig describes the new tarballs, source and binary rpms that are available. Midnight Commander 4.5.14 is out. The new version should no longer hang when used to run other programs. Reference documentation for gnome-libs has been made available on the web. Here is the announcement. A mailing list for gnome-db is now available.. Michael Lausch provided instructions for subscribing. CodeWEB, "An Exploratory Approach to Software Reuse", has created a case study using Gtk/GNOME for people interested in what the project can do (a Qt/KDE case study is also available, check the KDE section for the URL). Version 0.12 of Gnumeric is out. The new version contains improvements to the importing of Excel files and many bug fixes. KDEKDE 1.1 RPMs for Red Hat 5.1/5.2, Caldera OpenLinux, and DLD 6.0 (Deutsch Linux Distribution) are available. KDE 1.1 RPMs for SuSE are due out, but a crippling two weeks battling flu among the staff have caused a delay (a certain LWN editor empathizes ...).kpv (KPackViewer) now has its own mailing list. Kpv is a utility to help systems administrators with package administration. Here is the note that mentions the new mailing list. CodeWEB, "An Exploratory Approach to Software Reuse", has created a case study using Qt/KDE for people interested in what the project can do (a Gtk/GNOME case study is also available, check the GNOME section for the URL). IcecastThe first stable release of Icecast, the GPL Mpeg Layer III Audio broadcasting system, has now been released. Check out news on version 1.0.0 on the icecast home page, which has been recently revamped. They are looking for comments on the new design, so let them know what you think.Linux-HAThose of you interested in Linux High-Availability will want to check out GFS: The Global File System Workshop, to be held March 5 and 6th in Mountain View, CA at the NASA Ames Research Center. The agenda includes talks from both Stephen Tweedie, David Teigland and Matthew O'Keefe on various topics dear to the hearts of people wanting high availability for Linux. Here's a note from Matthew O'Keefe on that and other topics.Mozilla/NetscapeThemes.org chose Seth Spitzer of Netscape for their guest Tiler. The interview covers how Linux became his favorite operating system, along with some nice words for KDE and Python.Developer.com has a nice article available on Gecko and the NGLayout Engine. It claims that the NGLayout engine is the primary reason that AOL acquired Netscape and goes into how they may use it. By being modular, the NGLayout engine can be used in other networked devices like handheld PC companions such as the Palm Pilot or set top boxes such as WebTV. Expect to see AOL use the NGLayout engine to produce information appliances as part of its AOL Anywhere campaign to make Web and AOL access both wireless and ubiquitous. As always, check out the latest Mozilla/Netscape news at http://www.mozillazine.org. WineA new snapshot of Wine is available. 990214 is the latest snapshot in the Wine series. It includes more header and driver reorganization, OLE support, functions and stubs and, as always, bug fixes galore. | |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Commerce page. |
Linux and businessThe Burlington Coat Factory will be installing Linux on 1150 computers in its 250 stores, according to this ComputerWorld article. "Despite Burlington's adventurous reputation, Aberdeen analyst Sandra Potter said such a large company's willingness to base a substantial amount of its operations on Linux could send a strong signal that it's a low-cost option that other companies should consider." A strong signal indeed. This development, along with the Jay Jacobs deployment, indicates once again that there are few places where Linux can not go. Real-time Linux CD's are now available from Zentropix. Their product is essentially a version of Red Hat 5.2 with a real-time kernel added. $35 gets you the set. They have also put out a real-time Linux roadmapshowing what products they intend to come out with in the near future. Silicon Graphics is releasing their GLX (OpenGL/X window system integration) source under an open source license. See their press release for details. The immediate target, of course, is allowing high-performance graphics under Linux on their hardware, but this release will be of general benefit to anybody doing serious graphics. Very good news. (Thanks to Jeremy Allison). Advice from the Gartner Group for companies contemplating Linux. This report suggests a very cautious approach at this time, and questions the sincerity of vendors in the Linux market. "...while PC server vendors are seriously considering a Linux strategy, fears of cannibalizing their own Unix strategies and concerns about the chaotic nature of the market will limit their sincerity to opportunistic sales." (Found in Slashdot). Linux-installed UltraSparc systems have been available from EIS Computers for a while. They have just announced a new line of systems based on 350- and 400-MHz processors. These look like nice, fast systems, and you can get them with Linux. No need to organize a "Solaris refund day" here... Pacific HiTech has rolled out a server version of their TurboLinux product - at least in Japan, according to this AsiaBizTech article. "TurboLinux Server version 1.0 is the first corporate server product provided by the company. The company is preparing for the sales by creating corporate alliances with system integrators and arranging support services. To date, system integrators selected for providing support services are Fujisoft ABC Inc. and a company in the Otsuka Shokai group." On-site support from Linux Hardware Solutions has been announced, see their press release for details. Sun Microsystems has released a Samba benchmark result on their hardware; from the Samba web page: "We have measured Netbench performance of Samba on Solaris 2.6 on an E450 at 231.954 Mbits/Sec. While not officially supported by Sun, Samba has been found by many of Sun's customers to be a high quality, acceptable solution." (Thanks to Jeremy Allison). LinuxWorld is a commercial success. IDG has put out a press release crowing about the success of the upcoming LinuxWorld conference (9,000 attendees, over 100 exhibitors). "Based on the response from the Linux community, space has already been secured for the twice-per-year LinuxWorld/US conference for the next four years. Internationally, LinuxWorld Singapore will be held this March 5-7 at the Singapore International Convention and Exhibition Centre, and plans are currently underway to launch conferences and expos in Europe and Japan." Press Releases:
|
February 18, 1999 |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Linux in the news page. |
Linux in the newsThis week's Linux press, not surprisingly, was dominated by windows refund stories. We have a pile of those down at the end of this page. Meanwhile, here's the recommended reading for the week:
There were just a couple of introductory articles out there:
There were lots of business-oriented articles, as usual. IBM, VA Research, and LinuxCare all got special mentions, but there was a lot of other stuff as well.
|
February 18, 1999 |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Announcements page. |
AnnouncementsResourcesA new version of the Linux System Administrator's Guide has been released, see the announcement for details.Using TrueType Fonts in XFree86 is a mini-HOWTO by Ying Zhang for anyone that wants to get the Truetype font server up and running. Jean Tourrilhes has updated his Linux Wireless LAN HOWTO. Rob Slade sent in his review of "Upgrading and Repairing PCs", by Scott Mueller and Craig Zacker. To say that he liked the book would be a gross understatement. ...the book is without peer. Meta-Slashdot effect. Steve Adler has put out another Slashdot effect paper, this one chronicling the effect of the appearance of his first paper in Slashdot... Sang-Hyun Shim has provided a Korean translation of RMS's article "Why you should't use the Library GPL for your next library". EventsComdex/Spring (April 19-22, Chicago) is setting up a special Linux Global Summit - a two-day affair headed by a keynote presentation by Linus Torvalds on the 19th. It appears that Comdex has decided to jump onto the bandwagon in a big way... (Found in Slashdot).THE LINUX HAPPENING - TEL-AVIV '99 will be the first big Linux event in Israel. Scheduled Feb 25, 1999 as part of InternetWorld@Israel, the Linux Happening is sponsored by the Israeli Linux User Group. Emacspeak at LinuxWorld. T. V. Raman, "Mr. Emacspeak," will be presenting his package for blind users during the conference. See their announcement if you're interested. The folks organizing ApacheCon 1999 are looking for suggestions on how this year's event should go. Fill out their survey and help make a better conference. Web sitesThe Guide ("A Guide to India's Internet Services") has put together an extensive introduction to Linux which includes an overview, an FAQ, an installation guide, and a software map. The author is looking for feedback and suggestions, let's help him out.User Group NewsIf the windows refund thing doesn't go your way, consider joining the Skåne Sjælland Linux User Group as they offer instead to exchange your unused Windows for a free Linux installation. The event happens on March 9 in Copenhagen; see their announcement for the details. |
February 18, 1999
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software Announcements
|
Our software announcements are provided courtesy of FreshMeat
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Back page page. |
Linux links of the weekLinuxStart.comappears to be another "Linux portal" attempt, run by the LinuxSupportLine.comfolks. For the moment they are offering free banner ad placement for all takers; head to their site for an automatic signup routine. (Found in LinuxToday). A new Linux-specific search engine has popped up at 1stLinuxSearch.com. |
February 18, 1999 |
|
Letters to the editorLetters to the editor should be sent to editor@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. | |
Date: 11 Feb 99 00:20:22 PST From: Ken Engel <kenengel@netscape.net> To: editor@lwn.net Subject: Untapped markets In response to your observation of the paucity of cheap Linux desktop offerings: I want the world to know that I, for one, would grab a sub$1000 Linux PC faster than NT boots up, if an OEM steps up to the plate. And even sooner, I would get a reasonably priced Linux PowerPC or ARM or Alpha desktop. C'mon, guys!! Ken Engel | ||
Date: Thu, 11 Feb 1999 13:24:35 -0500 From: Eric Lee Green <eric@linux-hw.com> To: editor@lwn.net Subject: Why Linux VARS don't do much low end stuff Basically, economies of scale. Compaq buys motherboards in quantity 1,000 for about 2/3rds the price of what a Linux VAR would pay. Compaq buys processors in quantity 1,000 for about 80% of the price that a Linux VAR would pay. The savings they get at the low end from economies of scale go across the board -- basically, for components of equal quality to Compaq's or Dell's, today's Linux VARs will pay anywhere from 10% to 33% more for the component. On the other hand, in the server market Compaq doesn't have the advantage of scale. Thus we can sell for $20,000 a machine that Compaq sells for $35,000 because our labor costs are lower, our manufacturing costs are lower (believe me, getting Linux to run on a high-end server is a LOT easier than getting Windows NT to run on a high-end server!), and standardized "white box" components mean that we don't pay the huge R&D costs that are a pittance on a run of 100,000 desktop machines, but which add up to a hunk of change for low-volume server machines. Thus expect Linux VARs to continue scrambling for the middle and middle-upper end of the server market. Without huge infusions of venture capital to buy their way onto the shelves at Best Buy (and thus be able to churn out tens of thousands of machines and take advantage of economies of scale), they just can't compete at the low end. Not at a 10% to 33% price disadvantage on components alone. [Disclaimer: I *DEFINITELY* do not speak for Linux Hardware Solutions.] -- Eric Lee Green eric@linux-hw.com http://www.linux-hw.com/~eric "Linux represents a best-of-breed UNIX, that is trusted in mission critical applications..." -- internal Microsoft memo | ||
Date: Fri, 12 Feb 1999 23:32:37 -0600 From: Jeff Licquia <jeff@luci.org> To: editor@lwn.net Subject: Module Interface Compatibility As a sysadmin with little kernel hacking experience, I thought I should weigh in on this debate. I think Linus is right. It seems that one of the enduring fallacies of the proprietary world is some sort of "ownership" feeling about the operating system. Perhaps it is bred from the monopoly position Microsoft currently owns. Wherever it comes from, it seems that ISVs who do anything interesting to feel that they have to patch the operating system to do it. The results are such curses as the various DiskMangler programs (Disk Manager, EZDrive, etc.), which sought to solve a problem in MS-DOS's ability to access large drives by patching the OS in very scary ways. I don't need to get into the problems that caused; I'm sure anyone with lots of experience with them is shuddering right now. If they were willing to do this without source access to the OS, imagine what they'll do with source. I'd much rather encourage people to avoid patching the kernel (for that's what a module does) for their own proprietary gains. Or, better yet, release source for their patches. Or roll the proprietary stuff into a userland daemon of some kind, interfacing to the kernel with an open-source module that hooks into the userland daemon. Or something. By not guaranteeing the module interface, Linus effectively discourages this. By forcing those few vendors of proprietary modules to recompile for a new kernel interface once in a while, Linus is also forcing vendors to actually look at their code every so often and make sure it's still needed and still makes sense with the general turn of Linux. | ||
From: "chyung g choi" <cgchoi@hotmail.com> To: editor@lwn.net Subject: [News] Using linux without installation?? Date: Fri, 05 Feb 1999 19:04:28 PST Hi there. This is Chyung Choi from South Korea. Recently I developed new distribution form of linux. I put the name "EASYLinux-kr". I found German company put the name easylinux and I put -kr in the end of name. One can use linux as CD-ROM as well as installed form on hard disk. Therefore beginner can use it quickly. One can use it as demo and rescue and education material. I am more than happy to answer any questions My homepage is "http://www.netian.com/~cgchoi" Thank you for reading. Chyung Choi ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com | ||
Date: Thu, 11 Feb 1999 21:41:25 +0100 From: Andi Kleen <ak@muc.de> To: cph@martigny.ai.mit.edu Subject: Re: Structure vs purism You wrote: > I've written a fair amount of code in Pascal, and I can > say from experience that I missed the goto statement when programming > in that language; at least C _has_ a goto statement, and I use it when > I think it is appropriate. It is hard to believe that you did that without noticing that Pascal has a (although inconvenient) goto statement - at least all versions of Pascal I used had and I'm pretty sure that Wirth's original definition had it too. -Andi -- This is like TV. I don't like TV. | ||
From: David Kastrup <dak@neuroinformatik.ruhr-uni-bochum.de> Date: Thu, 11 Feb 1999 13:10:41 +0100 (MET) To: editor@lwn.net Subject: Goto followup For your information: Pascal *does* have "goto" and did from the start. Better check up the documentations you have been using. Yes, you have to declare any "goto" labels you want to be using in advance. But what of that if it's really needed? Most commonly the necessity for "goto" arises for structured leaving of scopes. C at least offers "break" and "continue" for the innermost scope, but beyond that it's "goto" or the obfuscated use of flags and stuff. Perl has very nice multi-level "break" and "continue" constructs, so hardly ever needs a "goto" when doing properly structured programming. "Goto" has got its worst reputation from Fortran's arithmetic if, a three-way goto. And of course, from other "if"s that only offered gotos as targets. In many cases, programmers would not interrupt the flow of the not-taken branch by jumping to the end of the taken branch, so the code for a true "if" tended to accumulate somewhere at the end of the program, giving the dreaded spaghetti code. If anybody should be allowed to produce spaghetti for efficiency, it is to be the compiler, not the programmer. For this reason, structured "if"s and other control structures have helped to get rid of "goto" where it was causing problems without end. It is still a good idea to avoid uncalled-for "goto"s whenever possible. It takes a skilled programmer to know precisely when a "goto" is indeed in need. For that reason, it is a good idea to tell newbies to not use it. Only after you know all the ways of avoiding it and their consequences are you in a qualified situation for judging when it is better to use it than not. David Kastrup Phone: +49-234-700-5570 Email: dak@neuroinformatik.ruhr-uni-bochum.de Fax: +49-234-709-4209 Institut für Neuroinformatik, Universitätsstr. 150, 44780 Bochum, Germany | ||
Date: Thu, 11 Feb 1999 14:23:40 +0300 (EET) From: George Bronnikov <goga@bronnikov.mccme.ru> To: cph@martigny.ai.mit.edu Subject: Re: Structure vs purism I want to reply to your letter published in the latest issue of LWN. While I tend to agree that gotos are sometimes tolerable, the posting has a number of technical errors: 1. Pascal does have a goto statement. Read the standard (unfortunately, I don't have a copy at hand to give an exact reference). 2. Scheme has other iterating constructs besides tail recursion: read the standard (the do construct, section 4.2.4 of R5RS). It is true, however, that the constructs mentioned are not used widely; in fact, they are considered bad style in both languages. 3. The 'expressive power' of a language is not that easy to define. It is a proven fact that you can reformulate any program that uses gotos by using only 'normal' iterating constructs like ifs and loops. In fact, if the initial program was written in a style that Dijkstra et al. fought with in the late 60-ies, the result of de-goto-ifying will usually even look and read better. 3. Tail recursion is not simply 'goto with arguments': it is a highly restricted version of goto, which only allows gotos to the beginning of the function. Thus it also reduces 'expressive power'; it just happens to do that in a way that does not cut out interesting cases. By the way, Scheme happens to be my favourite language as well. George Bronnikov | ||
Date: Thu, 11 Feb 1999 10:44:24 -0500 (EST) From: cph@martigny.ai.mit.edu (Chris Hanson) To: goga@bronnikov.mccme.ru Subject: Structure vs purism Date: Thu, 11 Feb 1999 14:23:40 +0300 (EET) From: George Bronnikov <goga@bronnikov.mccme.ru> I want to reply to your letter published in the latest issue of LWN. While I tend to agree that gotos are sometimes tolerable, the posting has a number of technical errors: 1. Pascal does have a goto statement. Read the standard (unfortunately, I don't have a copy at hand to give an exact reference). I guess the version I used back in the 80s (HP Pascal for the HP 9836) was broken; it didn't have goto. 2. Scheme has other iterating constructs besides tail recursion: read the standard (the do construct, section 4.2.4 of R5RS). Those other iterating constructs are all defined as patterns of iterative procedure calls, and in practice are implemented as macros that expand into those patterns. So I stand by this statement. (And you don't need to quote references to Scheme's standard -- I'm one of the authors.) 3. The 'expressive power' of a language is not that easy to define. It is a proven fact that you can reformulate any program that uses gotos by using only 'normal' iterating constructs like ifs and loops. In fact, if the initial program was written in a style that Dijkstra et al. fought with in the late 60-ies, the result of de-goto-ifying will usually even look and read better. Nevertheless, I still claim that not using goto eliminates some of the expressive power, at least in the case of C. The problem I usually run into is that "break" only exits the innermost construct, and there's no way to specify that you want to get out of multiple constructs. So it's necessary to either kludge around this using flags, or to use goto and say what you mean. Theoretically, I can imagine a language that doesn't have this problem, but C isn't it. There are other situations in which goto is useful, but that's the primary one. When I say "expressive power", this is the kind of thing I mean: if you can say something that _directly_ conveys your intent, the language is more expressive than one in which you must do so indirectly. Perhaps I am misusing the term. 3. Tail recursion is not simply 'goto with arguments': it is a highly restricted version of goto, which only allows gotos to the beginning of the function. Thus it also reduces 'expressive power'; it just happens to do that in a way that does not cut out interesting cases. Yes, you're right about that. My mistake. | ||