Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page
Other LWN stuff:
Archives/search
Recent features: Here is the permanent site for this page.
|
Leading items and editorialsMySQL goes GPL.
Our choice for the best news item of the current week was the announcement
that MySQL has been re-licensed under the GPL. MySQL is one of
two freely available databases that are widely used in the
Linux and free software community: MySQL and Postgresql. Postgresql is licensed
under a form of the BSD license, and has therefore been accepted
as clearly open source. Here is the primary gist of the Postgresql
license:
Permission to use, copy, modify, and distribute this software and its
documentation for any purpose, without fee, and without a written agreement
is hereby granted, provided that the above copyright notice and this
paragraph and the following two paragraphs appear in all copies.
That didn't prevent MySQL from being popular, though. Slashdot, Freshmeat, SourceForge and Linux.com are just a few of the sites that have been using MySQL all along. A small footprint and impressive performance are two hallmarks of the database that seem to come up often. On the other hand, Postgresql contains features that MySQL doesn't have and many database experts want. All of this is good news, since people can evaluate both databases to determine which is right for them. In amongst this, don't forget that Borland/Inprise originally announced plans in January to release Interbase under an open source license. However, recent news indicates those plans are currently on hold, potentially indefinitely. The commercial angle. The most interesting point in the MySQL decision to move to the GPL may be the commercial pressures. The announcement was carefully positioned alongside announcements that MySQL's development would move to Source Forge and VA Linux would offer support for the database. This G2News article addressed the reason for VA's interest. "VA ...described its new relationship as a 'strategic alliance secured by investment' that's meant to augment its expertise in the database. Evidently VA intends to use MySQL to buttress its push into professional services, a relatively new activity it's been pouring resources into. It has said that it expects 5% of its revenues to derive from professional services this quarter, up from 1.5% in the quarter ending January 28." In addition, Progress Software was quick to issue their own press release, claiming at least partial credit for the decision to move to the GPL. Why? Well, they've formed a new company, NuSphere, just for the purpose of supporting MySQL. Since licensing issues were preventing at least some people from choosing to use MySQL, they had an economic incentive to see that barrier removed. The incentive they offered to the MySQL development effort was considerable: "Through NuSphere, Progress Software will be providing up to $2.5 million (US) to help further the development of MySQL." The combination of a popular open source product and one or more commercial companies eager to provide support for it is becoming more common. Apache, Sendmail, Python and even the competing Postgresql all have commercial companies behind them. The clear message from the MySQL announcement was that VA Linux and Progress Software actually desired the license change and were happy with the choice of the GPL -- a happy mesh of commercial and free software interests. Inside this week's Linux Weekly News:
This Week's LWN was brought to you by:
|
June 29, 2000
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Security page. |
News and EditorialsWorkarounds for the Linux capabilities vulnerability. In last week's Security Summary, we discussed a potential workaround for the Linux kernel capabilities vulnerability, for sites unable/unwilling to upgrade to the Linux 2.2.16/2.2.17 kernel series to get the proper fix. Our workaround involved the use of capcheck, a loadable kernel module which replaces the "capset" system call with a much more restrictive version. This week on BugTraq, Patrick Reynolds posted a followup discussing ways in which /dev/mem can be used both to re-enable capabilities that have been disabled and to load custom, module-like code, even if you have disabled loadable modules on your system. It is worth a read. Alternative ftpd servers. In light of the recent problems with wu-ftpd, and previous problems with proftpd (see the 1999 December 2nd Security Summary), suggestions for more secure ftpd servers for Linux have been popping up on BugTraq. This is not, by any means, an exhaustive list, but the following packages may be worth a look.
eWEEK Challenges Public to Hack Web Site. This week's challenge from eWEEK promises to allow people to attempt to crack security on a variety of different platforms, including "Solaris, Windows2000, Windows NT, OpenBSD and Linux". A report on the number of intrusion attempts per operating system, vulnerabilities found, etc., is promised at the end. Overall, though, security contests have rarely been found a particularly effective way of testing the true security of a system. In addition, as we've seen in the past, another key question is whether or not eWEEK has the internal expertise to deploy all of the aforementioned operating systems in a secure manner. The Motives and Psychology of the Black-hat Community (SecurityFocus). SecurityFocus is publishing a series of articles entitled "Know Your Enemy". This week's article focuses on motives. "They may not be technically competent, or even understand the tools they are using. However by focusing on a large number of systems, they can achieve dramatic results. This is not a threat to take lightly. They are not concerned about what harm they may cause. They focus only on achieving their goals." Security ReportsISC DHCP client root vulnerability. The Internet Software Consortium (ISC) has issued a warning regarding a root vulnerability reported by the folks at OpenBSD in ISC's Open Source reference implementation of DHCP. An upgrade to 2.0pl1 or 3.0b1pl14 should resolve the problem.Glftpd. Permissions in Glftpd 1.18 through 1.21b8 can be bypassed allowing protected files and directories to be accessed via a problem with the privpath directive according to this report. As a result, Glftpd 1.21 has been released with a resolution for this problem. NetBSD: bad key generation in libdes. NetBSD has issued an advisory as a result of the installation of a new libdes library on June 24th. On systems that do not have a /dev/urandom device, this library creates a security vulnerability. An update to NetBSD-current since 20000622 is recommended. FreeBSD: IP options processing errors. FreeBSD has issued an advisory concerning problems in the manner in which IP options are processed in the IP stack. Data corruption or a kernel panic can result. Also check NetBSD Security Advisory 2000-002, which describes an instance of this vulnerability. A kernel patch is provided to fix the problem, though it can also be resolved by an upgrade to 3.4-STABLE, 4.0-STABLE or 5.0-CURRENT. Note that an exploit for this vulnerability has been published. sawmill. Sawmill, a site log statistics package, has been reported to contain a couple of vulnerabilities that could allow remote access to pretty much any file on the system. The vendor/maintainer has been notified and a patch/fix is promised in the near future. Commercial products. The following commercial products were reported to contain vulnerabilities: Updateswu-ftpd. Check the June 15th Security Summary for a link to the mini-audit that turned up the latest set of problems with wu-ftpd.Linux kernel capabilities. Check the June 8th Security Summary for details. Linux kernel 2.2.16, along with a 2.2.16 errata patch set, is required to resolve this problem.
SuSE: reminder after kernel upgrade. SuSE's Thomas Biege sent around a reminder to people to execute 'mk_initrd' and 'lilo' after upgrading their kernel packages, in response to some customer problem reports. Zope. Zope 2.1.6 and 2.2beta1 contain a remotely-exploitable security problem. Zope 2.1.7 contains a fix. For more information, check last week's Security Summary. Linux-Mandrake 7.1. Linux-Mandrake issued an advisory with links to package updates for bind, cdrecord, dump, fdutils, kdesu, xemacs, xlockmore. These are the same packages for which updated versions for Linux-Mandrake 7.0 were published last week. Debian XFree86 3.3.6. Debian has issued new XFree86 packages which, according to this week's Debian Weekly News, contain patches for " fixing a denial of service attack, a symlink attack, and 4 security holes in Xlib". Debian does not appear to have issued an official advisory about the updated packages. ResourcesBruce v1.0 Early Access 3 (Beta). The Early Access 3 (Beta) of Sun's Networked Host-Vulnerability Scanner, Bruce, has been announced. Bruce is released under the Sun Community Source License (SCSL). EventsJuly security events.
Section Editor: Liz Coolbaugh |
June 29, 2000
| ||||||||||||||||||
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Kernel page. |
Kernel developmentThe current development kernel release is 2.4.0-test2. Here is Linus' announcement. It is a large new patch, with most of Alan's patches integrated. Check this listing of the 1350 modified files. Yet, Linus assures us the patch is perfect: Normally, when you integrate almost 5MB of patches, bad things happen. This time, a miracle occurred. As I uploaded the resultant kernel, a specter of the holy penguin appeared before me, and said "It is Good. It is Bugfree". Of course, someone quickly pointed out that, though it compiled, it did not actual run for him ... Meanwhile, the first prepatch for test3 is already out. Anyone complaining about IDE timeouts, linker errors, etc on 2.4.0-test2 should move to test3-pre1 or apply this patch from Jens Axboe. Alan has also released 2.4.0test2-ac2 as part of the effort to gauge how much more work remains. The current stable kernel release is still 2.2.16. Alan released 2.2.17pre6 on June 22nd, and has quickly worked his way up to 2.2.17pre9 as the week progressed. No word is available on when 2.2.17 will be released.
Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
June 29, 2000 For other kernel news, see: Other resources: |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Distributions page. |
DistributionsPlease note that security updates from the various distributions are covered in the security section. News and EditorialsOnly Two Linux Companies Really Matter (ZDNet). Joseph C. Panettieri has declared that the shake-out in Linux distributions is already over with and Red Hat and Caldera are the only two left to worry about, according to his ZDNet column. "The Linux market is starting to resemble the cola wars, where Coke and Pepsi dominate and everyone else battles for shelf space. In the case of Linux, Red Hat and Caldera have the fizz, while other players like Corel, SuSE and TurboLinux leave me feeling flat." His logic is pretty thin, but if you'd like to make a business decision based on his gut instinct... Roll Your Own Distro - If You Dare! (GNULinux). Finding some flaw in more popular distributions that he's tried (Slackware, Red Hat, Linux-Mandrake), GNULinux's Brian Bisaillon chose to roll his own using downloads and documentation from LinuxFromScratch.org. It seems he learned a lot, but not necessarily painlessly. Caldera OpenLinuxNew Caldera FAQs. Caldera has released a list of its latest FAQs. This is a good place to check for the answer to that question you never got around to asking...like, "How do I find out what version of the kernel and/or OpenLinux I have?" Caldera Power Solutions Tour 2000. The folks from Caldera will be on the road July 11-27 for a twelve city tour. This type of event tends to be very marketing-oriented, but if you're interested in Caldera OpenLinux or you want a chance to meet some of the Caldera team members, stopping by should be worthwhile. ConectivaConectiva and XFree86. Conectiva has put up an overview of the work they are involved in supporting as part of the XFree86 project. Enhancing support for multiple monitors appears to be the primary focus. Debian GNU/LinuxDebian Weekly News (June 27th). This week's edition of the Debian Weekly News indicates that confidence in the upcoming Debian release is growing, with the completion of test cycle 2, the decrease in release-critical bugs down to around 40 and a hope that that current test cycle, number 3, may indeed be the last one. Debian GNU/HurdThis week's Kernel Cousin Debian Hurd discusses runsystem and runsystem.gnu. Debian Hurd will apparently use a Makefile system for initialization; no arbitrary number of runlevels is planned.Red HatRed Hat launches University program. Red Hat launched their University program today with the goal of encouraging/accelerating the use of Open Source software in the education environment. The initial action involved the donation of bundled software, such as the GNU Pro Dev Kits and Code Fusion packages, to several Universities. Of course, Code Fusion isn't, itself, Open Source software... Rock LinuxROCK Linux 1.3.10 has been released.
From the Rock Linux home page,
we learned that a new version of Rock Linux has been announced.
Here are the details:
Slackware LinuxSlackware 7.1 announced. A new version of Slackware has been released. Slackware 7.1 contains a very up-to-date package list, including the Linux 2.2.16 kernel. The hardware support for the distribution has been beefed up. They also promise "updated versions of the Slackware package management tools make it easy to add, remove, upgrade, and make your own Slackware packages". ISO images are already available for download and their mini-distribution, ZipSlack (which is small enough to fit on a Zip disk), is promised to be "the fastest, _easiest_ Linux installation ever". A Tale of Two Views: Slackware 7.0 Review (GnuLinux.com). Meanwhile, just a day before the announcement of Slackware 7.1, GnuLinux.com reviewed Slackware 7.0. "The problem with Slackware right out of the gate is that the emphasis is not on installation, but on speed and configuration. If we were to review the installation process by itself, Slackware would fall short in the ease of use area compared to other distributions. The installation routine is unpolished and utilitarian to the point that it will leave new users wondering why they even tried Linux." Hopefully they'll get a chance soon to take a look at the updated version. ZipSpeak added to Slackware tree. Matt Campbell's ZipSpeak mini-distribution has been integrated into the Slackware 7.1 ftp tree. "ZipSpeak is based on our own ZipSlack, but adds speech synthesis support for blind and visually impaired users." SuSEInterview: Volker Wiegand of SuSE, Inc. (BeOpen). BeOpen's Sam Williams sat down recently for a chat with Volker Wiegand, the current President of SuSE, Inc., the US branch of SuSE GmbH. "Although he and his company seemed to be sleeping during last year's IPO rush, they also missed out on the resulting letdown as investors grew quickly frustrated with Linux-related companies. Now, with a solid customer base and a development team that truly merits the description "international," his company is poised to graduate as one of the Linux community's first truly profitable companies." Review: SuSE 6.4 (Duke Of URL). We've published several distribution reviews from the Duke of URL (Patrick Mullen) over the past month, but managed to miss this review of SuSE Linux 6.4. Thanks to the reader who pointed out the omission. Documentation and hardware support appear to be the key areas where SuSE did best. "As far as I'm concerned, SuSE has the best hardware compatibility out of any distribution. Everything worked flawlessly and the inclusion of XFree86 4.0 only raises the bar further". SuSE opens Venezuela office. SuSE has announced the opening of their Venezuela office. They have chosen Xavier Marmol, founding President of VELUG (Venezuela Linux User Group), to lead this new office. "Xavier Marmol is highly regarded in the Latin American Linux community. He was previously the Network Administrator at the University of Zulia Academic Network. As an active Linux advocate since 1995, he successfully implemented Linux OS for the Universities network of several hundred computers." Embedded LinuxBlue Cat Linux garners award. Blue Cat Linux, from LynuxWorks, picked up the Electron d'Or award from the French magazine Electronique International Hebdo for "most significant development in embedded tools and software" over the last year, based on a tool user poll. "In their citation, Electronique International Hebdo said, 'Combining the reliability of Unix and the open source low distribution cost, the BlueCat Linux operating system is a version of Linux specially tailored for use in embedded systems. It is based on the Red Hat 6.1 distribution, containing the Linux 2.2 12-20 kernel. This environment allows the cross-development of embedded applications with a simple PC running Red Hat.'" Emdebian: Embedded Debian Cross Development Environments. Test releases of new embedded Debian cross development environments have been announced. PowerPC and ARM cross-compilers are supported. "You should only install these packages if you know what you're doing. These packages will eventually be part of a development environment complete with user's documentation, but we're not there yet". Hard Hat Linux included with EDN magazine. The June issue of EDN Magazine, a magazine for electronic design engineers, will carry with it a companion Linux CD containing a special edition of Montavista's Hard Hat Linux. "The cover story, entitled "Linux strafes the embedded landscape", details how mainstream Linux functionality and ubiquitous 32-bit CPU technology are challenging the status quo in embedded systems design." Lineo's Embedix . Lineo announced new Embedix support for the ARM processor, including the ARM cores and the release of Embedix uClinux for ARM. "Lineo's ARM expertise comes primarily from the recent merger with Rt-Control, the founders and maintainers of the popular uClinux operating system, a version of Linux for microcontrollers." Lineo releases compatibility libraries. Lineo has announced the release of compati\ility libraries to assist people moving applications over from the VxWorks or pSOS real-time operating systems. These libraries, dubbed "Golden Gate", appear to be proprietary. "Portions of these libraries are currently available from Lineo. For information on Lineo Golden Gate pricing, please contact Lineo at oemsales@lineo.com." Section Editor: Liz Coolbaugh |
June 29, 2000
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Development page. |
Development projectsNews and EditorialsIBM has just announced a 1GB version of its micro drive, to be available in September. This follows on the heels of the 340MB micro drives that are beginning to show up in consumer devices. The 1GB size is large enough to support a full-featured version of Linux with plenty of room for user data. Recent processor developments such as the power-frugal Crusoe from Transmeta and tiny PC104 format processors can now be combined with micro drives and laptop battery technologies. The arrival of small disk-based computing platforms will open up a whole new range of portable computing products. The field is wide open for developers who combine these new technologies. Personally, your editor would love to see development of an open source CD qualty wav file audio recorder/player based on a micro drive.DatabasesInformix releases embeddable database support for Linux (ZdNet). Informix now supports Linux on two of its key products. "Foundation.2000, for Internet data and content management; and Cloudscape, a Java database for embeddable systems and distributed e-Business applications." EducationTux Typing: typing tutor for kids. Now you can have Tux the penguin help you or your kids learn to type with Tux Typing. The goal of the game is to help Tux the penguin catch lettered fish as they fall out of the sky by typing the corresponding key. Tux Typing is distributed with the GPL license. GamesGnomeHack 1.0.5: 'Ulch, that meat was tainted'(Linux Orbit). Linux Orbit has run an article on GnomeHack, a new graphical version of the old classic NetHack game. " I remember my first game of Hack like it was yesterday. The year was 1983. I spent an entire afternoon one rainy Saturday chasing an "@" symbol around an ASCII graphics map on the screen and cursing "U"s (umber hulks), "c"s (cockatrices) and the dreaded "k"s (killer bees)." Games: The Boundary of Open Development? (BeOpen). BeOpen put together a discussion with both Scott Draeker, president and CEO of Loki Entertainment Software and Jorrit Tyberghein, volunteer project leader for Crystal Space. Games appear to be one area where hybrid of Open Source and proprietary methods is developing. "Tyberghein: What I think will happen more and more in the future is that game companies will either use available Open Source tools -- like 3D engines -- or else create their own toolkits that are released as Open Source. These are then combined with copyrighted artwork and maybe closed source intimate game logic." Games for Geeks (BeOpen). BeOpen has run this article on the state of game software under Linux. "At the end of a decade that has seen Open Source developers plant the Linux flag in every corner of the commercial software marketplace, everything from embedded systems to big iron mainframes, the ultra-proprietary $7 billion computer game development market remains surprisingly oblivious to the Open Source gospel." Crystal Space beta released. A beta version of Crystal Space has been announced, with a stable version scheduled for release in approximately three months. Crystal Space is an LGPL'd 3D software development kit (SDK) for game development. Maintainer Jorrit Tyberghein will also be at LinuxTag this week, with a demo of the software. Embedded SystemsSystem on a chip (SOC) processors. Linux Devices.com looks at system on a chip processors and sees the future of computing. "The post-PC era is just around the corner -- and there's little doubt that embedded SOCs, combined with embedded Linux, will be two of its principal enablers." Making a Business of Open Source (ZdNet). Kevin Morgan of MontaVista Software has written a whitepaper that discusses the advantages of using Linux for embedded systems development. " The use of Linux as an embedded systems platform represents a major change in the technologies and economies of building embedded applications. The power of Linux as an operating system, and the new types of business models for licensing, represent a marked change from "business as usual" practices that have dominated embedded design for the last 20 years." Linux software development outsourcing service(ZdNet). ITSquare has announced a web based service that provides references to dozens of existing Linux development companies. "Harvi Sachar, CEO of ITsquare.com said 'the open source revolution opened everyone's eyes to the advantages of Linux over existing platforms and technologies. Except it's been difficult for corporations to migrate to Linux because serious, reliable Linux development firms aren't always easy to find. What we've created is a tool to identify, evaluate, and engage these firms, which is how Linux Square provides real value.'" InteroperabilityCommon threads: Introduction to Samba(IBM). Daniel Robbins of Gentoo Technologies, Inc has written the first of a 3 part article on Samba. Samba's capabilities are discussed and information is given on setting up a Samba server. Office Applicationsinterview with AbiWord's Joaquin Cuenca Abela (LinuxPower). Linux Power has an interview with Joaquin Cuenca Abela of AbiWord. The current state of development for AbiWord is discussed along with some possible new features. Creating Simple Animation with the Gimp. Jakub "Jimmac" Steiner has published two tutorials on Creating Animation with the Gimp. If you have ever wanted to learn how to create computer animations, these tutorials will help you get results quickly. On the DesktopKDE2: Bigger than Elvis? (GnuLinux.com). GnuLinux.com plays with the KDE2 'Kleopatra' snapshot. "If you're already a KDE fan, you are probably well aware of this friendly desktop environment and its powerful features. However, a new release, KDE version 2, has been in development for quite some time, and is slated for release as a stable product in late summer or early fall. This is not a simple upgrade or bug fixes. KDE 2 has been completely rewritten from the ground up, and sports hundreds of improvements and many new applications." Keystone 0.2 announced. Keystone 0.2, a Virtual Network Client that can access remote desktops has been released. New features include improved status reporting and use of the KXML GUI. A new GNOME (LinuxWorld). Linux World's Joe Barr has written an article on Helix Gnome. " The cool factor is still there in GNOME 1.2, and the stability of GNOME and GNOME apps is much better than it was that time last year. GNOME 1.2 comes with dozens of out-of-the-box apps, some of which are the best of breed for Linux and one of which is the best I've seen anywhere." Gtkfind: a GUI interface for find (Geeks404). If you are looking for an easy way to unlock all of the capabilities of the find command without digging into the man pages, take a look at Gtkfind. Debian and RedHat binary versions are available as well as a Japanese version. One feature that seems to be missing is a visible output of the actual find command that is produced. Such output would make the program very useful as an aid for debugging scripted find commands. XFree86 Public CVS Access. The XFree86 project now has a Public CVS site. For those of you wishing to contribute to the project or track its development, this is the place to go. PalmtopsHandheld Makers are grasping for Linux (ZdNet). Compaq is making a port of Linux available for its iPaq handheld, HP is also considering Linux for its Journada. "Warming up to the idea that an open palm is better than a clenched one, major computing companies are exploring the idea of porting open-source operating systems to their handheld computing platforms." Also, Henzai is working on putting a foot in the palm with its announement of the Gnome based Hue interface. SoundNew Alsa sound drivers (BeOpen). Two new sound drivers have been announced for the ALSA library. The new drivers now support the C-Media CMI8338 and 8738 PCI chipset and the Yamaha YMF72x,74x,75x chipsets which are found on some motherboards. Web-site DevelopmentZope 2.2b3 released. Zope.org has released Zope 2.2 beta 3 which contains fixes for the "len of unsized object" errors that have been reported. Section Editor: Forrest Cook |
June 29, 2000
|
|
Development toolsC/C++Cursing at Your Programs (Geeks404). Geeks404 has published an introductory article on using the curses library, entitled Cursing at Your Programs (C Programming with Curses). Given the ubiquitous usage of curses in many Unix and Linux common commands, this is a useful introduction for the C programmer just moving to Linux. JavaLutris Enhydra Professional 3.0 Java/XML Open Source Application Server. Lutris has announced the Enhydra Professional 3.0 Java/XML Open Source Application Server " With Lutris Enhydra Professional 3.0, developers can take advantage of newly bundled and integrated databases, enhanced Java IDEs, and a wireless development kit that includes a new Developer Guide." Sun: C# Is No Java Killer (ZDNet). Microsoft has introduced a new language, C#, that is poised to compete with Java. " Sun engineers have been combing through technical information on C# since Microsoft released it on Monday and say it is no Java killer. They say that although they can't tell exactly what C# does because Microsoft's documentation is incomplete, they believe that C# is "the next revision of C or C++" tied back to the Windows platform." PerlPerl5 Porters digest for June 19-25. This week's Perl5 Porters digest is out. Numerous perl programming techniques are discussed. Perl: Small observations about the big picture(IBM). Teodor Zlatanov of Gold Software Systems has written an article on improving the clarity of Perl programs. "Although it's difficult to write complicated tasks with Perl, it can be done. And it can be done neatly. You don't have to be the only one that can understand and maintain your program once it's written. Using these nine tips, you can keep using Perl, keep your style, and still have an accessible and stable program." Perl Module Updates (PerlNews). Check out the zillions of module updates at the Perl News site. PHPPHP 4.0.1 Released. The first maintenance release for PHP 4.0 has been put out. This is a recommended release with several bug fixes and features. PythonGUI Python: All This and Good Looks Too? (LinuxDev). This week, LinuxDev takes a look at using Python for GUI development, the Tkinter way. "Before we begin, we need to make sure that OOP (Object Oriented Programming) is your cup of tea (Tkinter, that is). Although Python can be used as a structured language, in this series we will use its OOP features to create our GUIs." Dr. Dobbs' Python-URL (June 26). This week's Python-URL is now available, including links to information on Zope's alpha release of ZEO, an article on using ZEO with ZODB, the release of SOAP 1.1, Python code for X10 home automation and CVS activity in the 1.6 tree in preparation for a new release. Migrating from Perl to Python. Martin C. Brown has put out this article on moving from Perl to Python. "There is an alternative, though. It's relatively new -- less than a quarter of the age of Perl, and provides many of the same features. The alternative is called Python, and in this new series I'll be looking at how to make the jump from Perl to Python." Tcl/tkSection Editor: Forrest Cook |
Language Links Guile Haskell Blackdown.org IBM Java Zone Perl News PHP Daily Python-URL Python.org JPython Smalltalk |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Commerce page. |
Linux and BusinessIt was a good week for Open Source announcements. Mission Critical Linux, Inc. announced the release of the source code for its high-availability Kimberlite cluster technology under the GPL. Metro Link contributed a number of enhancements and bug fixes to Open Motif. "These changes were developed for Metro Link's commercial Motif products and are now being contributed back to Open Motif." Lineo has announced a new website, http://opensource.lineo.com, "dedicated to open source projects funded or maintained by Lineo and its employees". The website may be intended to balance concerns about Lineo's business direction, based on bundling its Embedix Linux distribution with proprietary software and then licensing the result. Finally, TCS announced the opening of a Linux Research and Development facility in Texas to develop "Linux-related technologies" for Dell Computer Corporation. "'TCS and Dell are making a commitment not only to help each other develop and support the latest Linux technologies, but also to provide those technologies to the Open Source community,' said [CEO of TCS.] Ramadorai". Transmeta's Crusoe. Transmeta's Crusoe chip is apparently being demonstrated this week at PC Expo in Ultra-light laptops from Fujitsu, Hitachi, IBM and NEC, according to this press release. Battery life and reduced noise were sited as the reasons for the high interest in the chip. Unfortunately, actual shipments of such Ultra-lights are still months away.
IBM has reported its plans to
use the Crusoe chip in ThinkPad notebooks by the end of the
year. " Transmeta says the Crusoe chip extends the battery life
of mobile computers by using a hybrid of software and hardware,
replacing millions of power-hungry transistors. Nichols said
IBM retrofitted a ThinkPad 240 with the chip so that it could
demonstrate the unit this week for customers at the PC Expo at the
Jacob Javitts Centre in Manhattan. He said IBM's notebook division
has been working with the chip the past six months. Netwinder manufacturer Rebel.com also announced plans for using the Crusoe chip in upcoming versions of the Netwinder. "Rebel.com selected Crusoe based on a number of factors, including its ability to work in a small fanless enclosure, its low power consumption, its high performance and its compatibility with industry standards." The news is also covered in this CNet article. ZF Linux Devices, Inc. has a slew of announcements. New York company ZF Linux Devices made several announcements this week. Their new MachZ PC-on-a-Chip is "ultra-low power (less than 1/2W @ 133MHz)". It comes with a software suite that includes a PhoenixBIOS and a choice of Linux or WindRiver VxWorks. They also announced an alliance with Phoenix Technologies to bundle the PhoenixBIOS with the MachZ. The FailSafe MachZ runs a family of products providing distributed network solutions for the Small Office/Home Office (SOHO), education and developing economy markets. LynuxWorks, Inc., formerly Lynx Real-Time Systems, will bundle LynuxWorks BlueCat Linux and the LynuxWorks development tools with the MachZ Integrated Development System (IDS). WindRiver will supply VxWorks. The device is financed, to the tune of $15 million, by Sands Brothers Venture Capital LLC of New York, and included additional investments from National Semiconductor, Samsung, TAT Capital Partners, and individual investors, and it will be distributed by Kanematsu Semiconductor Corporation, a Japanese distribution company. Linux Stock for Sale. In the past two days, two announcements of large sales of VA Linux stock have gone out, the first from Small Cap World Fund, which will be selling 1.55 million shares and the second announced that Larry Augustin will be selling a more modest number, only 120,000 shares. Larry isn't alone. Red Hat Inc. co-founder Marc Ewing has filed his intent to sell 1.5 million shares of Red Hat stock. "The shares have an estimated market value of $49 million, the filing said." Corel successfully completed its sale of new common shares, guaranteeing it will stay afloat for at least some time longer. "In the event that all of the warrants are exercised, the Company will issue an additional 3,649,635 common shares resulting in gross proceeds of Cdn. $16,642,335.60." Rackspace.com has amended it's prospectus and lowered its IPO terms according to this article from Reuters. Award Winners. In the midst of other problems, Corel was pretty happy to pick up a couple of awards this week, for Corel Linux and the Corel Draw 9 Graphics Suite. Enterprise Linux, a quarterly supplement inserted into several business magazines (ENT, MIDRANGE Systems, Enterprise Systems Journal, HP Professional and Application Development Trends), picked up an award at this year's American Society of Business Press Editors (ASBPE). In addition, the press release announces that Enterprise Linux will become a stand-alone monthly magazine beginning in August. That brings us to three monthly print magazines for the Linux community so far, including Linux Journal and Linux Magazine. Enterprise Linux differs from the other two since it comes from the established business publishing arena, which has clearly decided the time is ripe for added Linux coverage to their current stock. Linux Gets Game. The available games for Linux continue to multiple with the announcement that WarBirds III, a multi-player online World War II air combat game, has been enhanced with Linux compatibility. Also, Terminus, a new epic space role-playing game, has been released for Linux (as well as Mac and Windows) after three and a half years of development. "Another exciting feature in Terminus is the ability of computer-controlled characters to express human emotions as they interact with other characters and react to events using advanced AI technology. Characters can become angry and impatient; they can even fall in love." A demo of Terminus is available at www.vvisions.com. Internet Partnership Group Tunes Into PenguinRadio. PenguinRadio, which is developing a stand-alone Linux-based Internet appliance for listening to radio stations broadcast on the Internet, announced the receipt of an equity investment from the Internet Partnership Group. Michael Tiemann appointed to Embedded Linux Consortium board. Red Hat has announced that Michael Tiemann, Red Hat's CTO, has been appointed to the board of the Embedded Linux Consortium. IDC: the impact of a Microsoft breakup on the Linux Market. IDC takes a gander at the impact of a potential breakup of Microsoft into two separate companies on Linux, foreseeing potential increased competition in personal productivity software and hardware sales. "IDC believes an independent Microsoft applications company could present a serious threat to desktop/personal productivity players in the Linux space -- including Corel, Applix, and even Sun Microsystems." EuroLinux Congratulates British Telecom. The EuroLinux Alliance, promoters of the petition against software patents in Europe, has issued this release congratulating British Telecom "for demonstrating the absurdity of software patents." "BT was granted its patent nearly 15 years ago for a software concept which may have seemed new and inventive at the time. But such a patent, by being so abstract and general, has actually given BT the right to strangle the development of the World Wide Web and a lot of related technologies, which owe nothing to the inventive effort of BT." Press Releases:Open Source Products.
Commercial Products for Linux.
Products Using Linux.
Products with Linux Versions.
Java Products.
Training.
Partnerships.
Linux At Work.
Other.
Section Editor: Rebecca Sobol. |
June 29, 2000
|
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Linux in the news page. |
Linux in the NewsRecommended Reading. The latest installment in Andrew Leonard's 'Free Software Project' on Salon looks at the history of hacking. "Over the decades, the opportunity to harness the power of a computer to one's own selfish purposes, whatever those may be, has proven irresistibly seductive. From the '50s kids who gravitated inexorably to IBM mainframes to the Homebrew Computer Club tinkerers who built the first personal computers in the '70s to the Linux hackers exchanging tips and tricks in their user's groups in the '90s, the underlying passion is identical: It is a whole lot of fun to be the master of a Giant Brain, down to the very last binary one or zero." The real point of the piece is that free software has brought the fun back. Open Source. LinuxDevices.com is running this white paper by Kevin Morgan, MontaVista's VP of engineering. The paper looks at the business of open source from an embedded systems point of view; interesting reading. "Even with the short history of the open source approach, there is more than enough evidence to demonstrate the superiority and survivability of a royalty-free business model. Proprietary, closed source technology and binary product royalties have always been an encumbrance on embedded developers, slowing down business operations, lengthening design and development cycles, and delaying the availability of leading edge technology." UpsideToday takes a look at Gated communities, based on licenses similar to the Sun Community Source License (SCSL), essentially calling them a form of passive resistance to a new world view. "More pernicious are the passive forms of resistance: the local corn goddess that somehow manages to sneak her way into the Christmas pageant, the Buddhist idol that bears a striking hereditary likeness to Apollo. These are the small-time heresies that keep missionaries up late at night." Here's an Upside article about JEMini by Websprockets. "Derived from ClassPath, a clean room Java project launched by the Free Software Foundation in 1996, JEMini is a class library designed to give developers a chance to write commercial Java applications without forking over a licensing fee to Sun." The licensing wars continue with this letter to the editor on ZDNet. "The BSD license is clearly superior and offers more options for compatibility and interoperability because it poses no risk to business and offers independent developers incentive for using the code as well." You know you've made it when you become the primary target for new competition. This ZDNet article talks about plans to make the Inferno operating system into a Linux competitor. "Michael Jeffrey, Vita Nuova's chief executive, says the company is initiating a new, royalty-free licensing model for Inferno that takes its cue from the open-source world of Linux, but with an important distinction: Unlike a traditional source-code licensing agreement, Vita Nuova's terms do not require customers to turn the code they develop over to the Inferno community." On the other hand, unlike the BSD operating systems which also have more lenient licensing, getting a hold of the source code will cost you money. "The company will sell annual subscriptions for access to Inferno's source code to developers; an individual developer subscription is $300 per year, and corporate subscriptions start at $1,000 per year for five developers." Inferno is certainly not joining the list of "Open Source" operating systems. Eric Raymond started the 15th MacHack conference off with a five hour keynote speech, reported ZDNet. "Software, he said, is a service industry, not a manufacturing industry -- a point that did not go over well with the coders who were still present. Many argued that the Mac community is too small to support a service model." Also, see this article from Upside Today on the speech. " 'Yes, I really did jam with that audience for five hours,' said Raymond, via email. 'Actually, it was closer to six. What happened was that my keynote turned into an all-night workshop and debate -- very lively and a lot of fun for all concerned.'" IBM. CNN reports on IBM's announcement of laptops with Linux preinstalled. "In backing the upstart technology, and its ethos of collaborative development and free distribution, IBM is targeting a consumer movement. It's also, possibly, out for revenge that's been long in coming."
ZDNet takes a look at IBM's
strategy for Linux. "As IBM general manager Buell G. Duncan
III puts it, 'Education is key to the new IBM.' Duncan's statement
was a direct reference to IBM's decision to offer classroom,
satellite and Web-based courses on both Linux and open source.
These classes aren't set in a vacuum. They lead to either a Linux
Professional Institute certification or a Red Hat Certified
Engineer. But it doesn't end there. The training programs also can
lead partners to a new IBM certification, dubbed Certified for
E-business Solution Technologist. Companies. PCWorld takes a look at Intel's announcement of the Dot.Station web-appliance. "Linux Inside. Another aspect of the Dot.Station is that it doesn't include any Microsoft software. The unit runs an Intel-modified version of the Red Hat Linux distribution, and initially the Netscape 4.73 browser. Later versions will run Mozilla, a Netscape-like open-source browser for Linux." News.com looks at the latest offering from Intel. "Intel will enter the increasingly crowded field for Internet appliances today with the Dot.Station, a countertop terminal powered by Red Hat Linux that lets people surf the Web, exchange emails and make phone calls." From Business Week: Compaq has announced a Linux version of its iPAQ handheld computer, a device that was specifically designed to run Windows CE. "Compaq has no plans to turn the Linux handheld into a commercial product. However, a number of consumer information appliances based on the free, open-source operating system will become available in coming months, including products from Intel and Gateway." This ZDNet article will be of most interest to AMD enthusiasts, but it still takes a moment out to mention Linux. "Ruiz said to expect AMD-based Internet appliances sometime in 2001 -- possibly some of them based on the Linux operating system." Business. ZDNet took a moment to point out that Compaq and Dell had not joined the list of companies excitedly demonstrating Crusoe-based products at the PC Expo. Performance issues are cited as the primary reason. "According to sources, Dell has found that the performance of the current TM 5400 chips is not yet up to par with similarly rated mobile chips from Intel." InternetWeek put out a couple of articles on the progress Linux is making. The first article takes a look at people who are happily using Linux on the desktop right now, in this case, in a thin-client environment. " Welsh, who works at Cassens Transport, a trucking company in Edwardsville, Ill., has deployed diskless PCs on his users' desktops. All desktop apps are accessed from workgroup Linux servers running VistaSource Inc.'s Applixware software suite, which includes word processing and spreadsheet tools. Welsh says the thin-client solution is extremely cost-effective and easy to manage." The second article, entitled "Super Glue", looks at Novell's Directory Services, eDirectory, on Linux. "During our tests, we had no trouble with any feature of eDirectory on Linux. We highly recommend using Linux boxes as eDirectory replication partners to offload overhead on the main file servers and to provide fault tolerance." This Fox News article takes a look at a step towards choosing a standard for the digital house. "This past week Intel also said it will release a UPnP development kit, in this case for Linux. The kit will allow Linux device makers to develop a control interface for UPnP, so that a device can locate and interact with other UPnP-enabled devices, even if they are Windows-based." This ZDNet article follows products in the Mac arena. However, one of the latest additions to their list is Linux-specific. "You want big iron? Total Impact has announced its Total mPOWER PCI-based multiprocessing board. The card can be ordered with four G3 or G4 processors (pricing based on configuration), each with its own fan. But before you go dreaming of superfast Photoshop filters, be warned that the mPOWER board currently supports only Linux." In this OSOpinion article , Ganesh Prasad makes several predictions for the future of Java, Linux, and open source software. "Open Source products cannot be defeated in the marketplace. They will become market leaders in every major software category in 3-5 years. Most successful devices will run Open Source operating systems and basic Open Source applications like browsers and mail clients." It seems the release of Windows2000 and NT2000 has "devalued" the certifications of many "Microsoft Certified Engineers". That means they get to take all the classes over again (and Microsoft makes more money). Some of them are taking the opportunity to learn Linux instead, according to this osOpinion piece. "I've always been uncomfortable with the fact that my career has been so vendor specific. Whether it's NT, UNIX, or NetWare, you become a decibel of the company, and you serve a master that answers to stockholders. To me, that means that decisions can be made to protect the stockholders that can radically affect your career. Ask a CNE what that means." Resources. LinuxDevices has been polling its readers about what they value about open source. "Possibly the most interesting result, is that the #1 reason doesn't even pertain to USING the source. Rather, it expresses a strong belief that open source development produces better software than traditional proprietary software development." The Washington Post has run this article on using Linux for your daily computing tasks. "Linux may have a reputation as a specialized uber-tool, something used by computer-science graduates to run Web servers or code Internet software. But many users of this free operating system don't employ it for anything fancier than the bread-and-butter tasks familiar to most Windows and Mac users--writing letters, wasting time on the Web, editing photos, or playing a game or two." We've published several distribution reviews from the Duke of URL (Patrick Mullen) over the past month, but managed to miss this review of SuSE Linux 6.4. Thanks to the reader who pointed out the omission. Documentation and hardware support appear to be the key areas where SuSE did best. "As far as I'm concerned, SuSE has the best hardware compatibility out of any distribution. Everything worked flawlessly and the inclusion of XFree86 4.0 only raises the bar further." Finally. ZDNet reprinted this Inter@ctive Week article on the push to open up immigration into the USA to address the need for more highly-skilled workers. "What is needed to resolve this problem is a global exchange, a virtual marketplace in which problems and solutions can be traded. One of the oldest market mechanisms, the exchange has been used successfully for centuries to trade assets ranging from commodities to complex financial instruments to tulips. Provide an intellectual property exchange for the high-tech industry, and the face of product development will change forever." They failed to see an example of their solution already thriving in place: the global nature of the development of free software. Microsoft recently announced what they have dubbed their "roadmap for the Next Generation Internet", Windows.NET. Bert Garcia gave his reaction to the news via this osOpinion article. " What shocks the pixels off my display is that this Next Generation Windows Services won't be delivered for at least another generation in Internet time, 3 years. ... Me, myself and I don't plan on waiting around. We'll keep learning and using Linux, Apache, PHP, MySql, Perl and Java. We'll start creating tomorrow's web sites today with the tools we have now". Section Editor: Rebecca Sobol |
June 29, 2000 |
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Announcements page. |
AnnouncementsAdelaide, Australia Installfest 2000. Read about the Installfest 2000 which will be held in Adelaide, Australia on July 15, 2000. FirstLinux Network News launches. Another Linux news service has been announced. FirstLinux Network News (FNN) is from the same people who currently maintain the LinuxLinks.com site. "FNN welcomes submissions from enthusiasts, developers and companies. We aim to cover the entire spectrum of Linux news from Kernel patches to Microsoft litigation." New Italian Linux site. http://www.penguin.it is a new Linux site in Italian. Though partially incomplete, it contains a Penguin News zone and a Mailing List zone with three mailing lists in it currently: new2linux, info.security, programmare. ResourcesITsquare.com Adds Linux Software Development to IT Services eMarketplace. ITsquare.com announced the launch of Linux Square. Linux Square provides access to scores of established Linux development firms. FreeLinuxCD Needs Sponsers. Here's an announcement from FreeLinuxCD. "We, FreeLinuxCD.org, are volunteers who think everyone who wants to use Linux should be able to do so regardless of their financial conditions and whether or not they have access to a fast Internet connection to download the latest distributions." EventsSAGE-AU 2000 Conference. Don't forget the System Administrators Guild of Australia SAGE-AU 2000 Conference, July 3 to 7, 2000 in Queensland, Australia. TheLinuxStore.com & EBIZ Enterprises Host Free Seminar. The LinuxStore.com and EBIZ Enterprises Inc. invite business executives and Linux enthusiasts to attend a two-hour seminar, "Deploying Linux in Your Business," its second in a series of free seminars being held Friday, Aug. 11 from 1 - 3 p.m. at The Buttes Resort, 2000 Westcourt Way, Tempe, Ariz. A Co-Sponsor for IDG's LinuxWorld Conference & Expo. The Linux Insider has signed an agreement to be an official co-sponsor of IDG's upcoming LinuxWorld Conference & Expo, August 14-17, 2000 in San Jose, California. LinuxWorld sells out exhibit space. Boasting an impressive 60% increase in exhibit floor space, LinuxWorld was pretty happy to announce that exhibit space is sold out for the event coming up in August in San Jose. "IDG World Expo also indicated today that it must relocate the next West Coast LinuxWorld event, scheduled for August 27-30, 2001, to San Francisco to accommodate the rapidly growing number of exhibitors and attendees." LinuxFest 2000: Report on day 2 (tummy.com). Sean and Evelyn have sent in another report on the second day of LinuxFest 2000. Unfortunately, things aren't going well. "So what was awful about it? Well, RedHat dismantled their booth last night during Larry Augustin's keynote. Informix dismantled their booth in mid-afternoon today (leaving only Atipa and Linux Mall with big booth setups). Two or three other smaller vendors have also pulled out, 3 vendors never even set up their booths today. Unfortunately, the show seems to just be very disorganized." LinuxFest 2000: Day 3 (Tummy.com). Sean and Evelyn have sent in their report on Day 3 at LinuxFest 2000. They've included news on the nerf war front and comments on the keynote. Report: LinuxFest Day 4. Well, presumably the last report from the poorly organized LinuxFest event has rolled in. Attendance managed to drop even further, but there is a bright side. Disappointment in the event has brought together the local Linux User Groups, who are planning their own event for March next year. "The sad fact of the matter is -- the LUG meeting was better planned, better organized, more fun, and (nearly) better attended than the rest of the conference." Web sitesNew Linux Networx Web Site. Linux NetworX, Inc. announced the launch of its new Web site (www.linuxnetworx.com), as well as its new corporate logo and branding campaign. User Group NewsThe Linux Users' Group of Davis (California). LUGOD will NOT be holding a meeting on July 4th. Instead they are holding a party! Omaha Linux Users Group Meeting. OLUG will meet on Sunday, July 16 at 1pm. Topics will focus on using PHP as well as some discussion of using PHP to integrate MySQL with web sites. |
June 29, 2000 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software Announcements
|
Our software announcements are provided courtesy of FreshMeat
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page See also: last week's Back page page. |
Linux Links of the WeekWhat is CERN up to nowadays?. Sometimes dubbed the "place where the Internet was invented", CERN is currently apparently looking at LIGHT these days. That is, they are looking at Logical Information Global HyperText, a "system that automatically represents and connects information, making it available as objects on the network." The framework of the LIGHT system will be published under the GPL. For more information, check this announcement. (Thanks to Bernhard Reiter). Section Editor: Jon Corbet |
June 29, 2000 |
|
This week in historyTwo years ago, July 2nd, 1998. John Kirch published his paper on the superiority of Unix over NT. Nowadays, the Unix versus NT website continues his mission. Alan Cox drafted the Anti-Assimilation License, designed for contributing code to BSD projects yet protecting them in a manner similar to the GPL. OpenContent.org started looking at how to apply free software licensing principles to documentation and other non-software content. On the news end, Bill Gates claimed, "I've never had a customer mention Linux to me". That is one statement he is unlikely to make nowadays. Corel's Netwinder was announced, meeting a level of enthusiasm that it has failed to live up to. Caldera made the Netware server available on OpenLinux. Donald Becker's Beowulf site came back. One year ago. July 1, 1999. The Linux telephone was announced. Eric Raymond published his paper The Magic Cauldron. The Mindcraft Linux versus NT benchmarks were re-run and performance flaws in Linux that were found became a top priority and were quickly addressed.
Slashdot was acquired by Andover.net this week, becoming the first
Linux community website to draw a truly large sale price and setting a
precedent for many
future acquisitions.
The Free Practice Management Project was launched that week. Many of the folks responsible for the BugTraq full-disclosure mailing list formed SecurityFocus.com. A file corruption problem in the Linux 2.2 kernel series continued to elude developers. The Hard Hat embedded Linux distribution was announced, along with tummy.com's KRUD (Kevin's Redhat Uber-Distribution). The Apache Foundation was created to support the Apache project. Oh, and yes, Richard Stallman and Eric Raymond were fighting again. | |
|
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. | |
Date: Fri, 23 Jun 2000 09:44:57 +0000 (GMT) From: John Carter <john@netsys.co.za> To: lwn@lwn.net Subject: What We Really Need Is.... Greetings LWN, Are you aware of http://www.whatweneed.de ? A month or three ago a group of students came onto our local Linux User Group mailing list and asked, "What does Linux still need?" They were doing a project and wanted to do something useful. This started up a _long_ thread of the format... Answer 2n "What we really need now is ...." Answer 2n+1 "We've got that already see http://......" For n = 1 to about 30 I think. In one sense its excellent news. Linux now has nearly everything and http://freshmeat.net is an excellent resource for finding it if it exists. In the end the students went off and did something boring that had already been done. Sad. None of us at the time knew about What We Need. What We Need is a site where you can add items / comment on and vote for "What Linux Really Needs Now". I truly believe that Mr. Herzog's excellent site needs to be more widely known amongst the Linux community. (I have no interests in Mr. Herzog site beyond his, mine and your common desire that Linux succeeds.) Thanks, John Carter Work Email : john@netsys.co.za Private email : cyent@mweb.co.za Yell Phone : 083-543-6915 Phone : 27-12-348-4246 Carter's law of Strategic Planning. "Beware of plans that apply equally well to making pizza as to software development, for they shall neither improve thy pizza nor thy software." | ||
Date: Thu, 22 Jun 2000 10:09:30 -0400 From: John Klar <j.klar@xpedite.com> To: letters@lwn.net Subject: Your comments w.r.t Lessig's "Code and Other ..." I know it's early in the morning (for me anyway), but I think you completely missed the point of what "regulation" Mr. Lessig was referring to. My interpretation of the quote you provided was his opposition to shrinkwrap licenses that indemnify the producers of bugs (product defects). He is absolutely not advocating the code Thought Police. Next you procede with a point about Open Source having less Y2K problems. True, but is it because Open Source packages are Open Source, or because they use Unix time_t encoding, which, by the way, blows up somewhere in or around 2034. Open Source advocacy is all well and good, but be careful what features good or ill you ascribe to it. Unwarranted claim of the moral high-ground, is almost as bad as a flamewar. John Klar, for himself | ||
Date: Thu, 22 Jun 2000 10:52:44 -0400 From: Seth Gordon <sgordon@kenan.com> To: letters@lwn.net Subject: Re: your capsule review of _Code_ I haven't read Lessig's _Code and Other Laws of Cyberspace_, but your quote from the book doesn't match your fear of "government code inspectors". Lessig, in the quoted paragraph, refers to "the tort system .. holding producers responsible". That is, he wants to control software vendors with the threat of lawsuits from customers. For example, Congress could pass a law requiring software vendors to *either* distribute their software under an open-source license, *or* provide some reasonable warranty against consequential and indirect damages. Such a law would give closed-source software vendors an incentive to either improve their quality or open their code; it would provide a safe harbor for open-source software vendors; and it would not require additional government bureaucracy. -- --Why is it that most kids are attracted to computers while most adults are quite wary of computers? --Most adults are smarter than most kids. ["Ask Uncle Louie"] == seth gordon == sgordon@kenan.com == standard disclaimer == == documentation group, kenan systems corp., cambridge, ma == | ||
Date: Thu, 22 Jun 2000 14:11:31 -0400 (EDT) From: Patrick Reynolds <reynolds@cs.duke.edu> To: letters@lwn.net Subject: disabling module loading / capability bounding set In this week's LWN News page, LWN said: > For this reason, many security-conscious sites disable module loading > entirely, either via explicit kernel configuration or by using the > capability bounding set. And way back in December, LWN said something similar: > It turns out that one capability, CAP_SYS_MODULE, is required to load or > unload kernel modules. If you remove CAP_SYS_MODULE from the bounding > set, no more modules can ever be loaded - just what the doctor ordered. LWN is missing a significant weakness in the capability bounding set. The capability bounding set is useless unless you disable /dev/mem, because /proc/sys/kernel/cap-bound maps directly to the cap_bset variable in kernel memory. With a quick poke (remember peek and poke from the days of BASIC on C64s and IBM PCs?) into /dev/mem, you can reset the cap_bset variable, reenabling any or all capabilities, despite the intended one-way-ness of the capability bounding set. To get the address for cap_bset, just: $ grep cap_bset System.map c01d46b0 D cap_bset Strip off the leading 'c' (since the kernel segment maps to 0xc0000000 on x86s) and you get the raw memory address to write to. On an x86, it's a 32-bit, little-endian integer. Write 0xffffffff to it to reset all capability bounds. To make capability bounding sets at all useful, you have to disable CAP_SYS_RAWIO, which governs access to /dev/mem. Be advised that doing so will break X and any other user-space program that needs raw access to memory or I/O ports. More fun with module security... Even if you compile a kernel with module loading completely disabled, a clever attacker could still load custom, module-like code into the kernel using /dev/mem. It's trickier than changing cap-bound, but it's still feasible. I'll leave it as an exercise for the reader to figure out how. The morals of this story? Security is hard. Disable CAP_SYS_RAWIO, or don't bother with /proc/sys/kernel/cap-bound at all. --Patrick | ||
Date: Mon, 26 Jun 2000 15:06:51 +0100 (BST) To: letters@lwn.net From: Duncan Simpson <dps@io.stargate.co.uk> Subject: Commercia licences for GPLed stuff IF I am the copyright holder, as is the case with checkps and word2x in my case, I can licence under any licence I want. A GPLed copy in no way restricts me from doing that (which is probably legally difficult to manage). Similarly the FSF could licence gcc as $10000 per copy to someone, alhtough it would have to be some specularly stupid. If Hans can get all the copyright holders to agree there is nothing to stop them selling their code for vast sums per copy to anybody, and allowing free use in linux (and anything else GPL-compatible). Provided you retain the copyright one can sell ones soul and keep it too. | ||
Date: Mon, 26 Jun 2000 16:56:13 +0100 From: kevin lyda <kevin@suberic.net> To: letters@lwn.net Subject: Welcome to Enterprise Linux --wac7ysb48OaltWcw Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable It's nice that the "established publishing" industry has decided to notice us and all but I hope the following things happen: 1. People who have been involved with linux for a long time remember that companies like SSC (who publish LJ AFAIK) have been here for a long time as well. 2. That not only remember that but that we do so with our subscriptions and encouraging new linux people to do the same. 3. That older Linux companies remember how hard it was to get started, that established things like publishing had to be recreated just to get heard, and that they remember that difficulty by being open to publishing magazines (or making space in current ones) for other emerging systems (*bsd and others). the "free s/w community" (whatever that is) should remember the people and the companies they formed that stuck by linux and free software before it was "profitable." kevin --=20 kevin@suberic.net "we were goin' for breakfast. in canada. we fork()'ed on 37058400 made a deal: if she'd stop hookin', i'd stop meatspace place: work shootin' people. maybe we were aiming high." --porter, "payback" --wac7ysb48OaltWcw Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE5V30dSWViC/JcvFsRARTTAJ9+Dpw4MbvC9/x/+sxx8inNSwANVwCg8NS4 3k5FdBIwxBbQN9kzl8ftXLs= =G82V -----END PGP SIGNATURE----- --wac7ysb48OaltWcw-- | ||
Date: Tue, 27 Jun 2000 11:27:35 +0530 From: Anand Srivastava <anand@aplion.stpn.soft.net> To: letters@lwn.net Subject: Crusoe: The Ultimate Linux Platform I was thinking of how a close coupling of Linux and Crusoe could give Wintel a run for their money on the server front. Till now Transmeta has concentrated on the mobile computing, because its very difficult to optimize a given operating system which you cannot change. With linux this problem is not there. It was necessary to compete with MS head on to build credibility and the Mobile computing is the right place. But now that they have done this, they could divert their energies to creating a processor for the Server side. It should be pretty easy for them to provide more than one set of registers to hold more than one processes' states. This will save some context switches, and will allow to add more pipelines, which can execute instructions from all processes. For servers throughput is more necessary, due to this some optimizations, like speculative execution of branches can be dropped in favour of executing from other processes. Also the Morphing code may be given its own register area along with dedicated special purpose pipelines. Also a special register set for the kernel. The expansion ideas are only limited by the I/O bus speed, and processor area. Since they have freed up a lot of processor area, they can afford to add more pipes and registers. I am waiting for the much improved Crusoe. -anand | ||
From: Mark Christensen <mchristensen@HTEC.com> To: jja@wallace.lusArs.net, letters@lwn.net Subject: More on licenses and loopholes Date: Tue, 27 Jun 2000 11:28:21 -0400 "I think this gentleman misses the point of the BSD license. The ability to reuse code in traditional commercial settings is not regarded by BSD proponents as a 'loophole.'" On the contrary, I think you miss his point; he was not trying to claim that code re-use is bad. In fact, he seemed quite sympathetic to the BSD style license. But the question he raises is still valid--Doesn't the GPL make the "embrace and extend" strategy significantly more difficult to implement? My take on all of this is that, if you are writing yet another internet chat client, the fact that your code could be re-used in a Microsoft product is probably not that troubling. On the other hand, if your intent is to create an internet standard, it seems perfectly reasonable to try to protect that standard from attempts by proprietary software vendors to co-opt that standard by using the GPL. Which, for example is why SGI releases all of their open source code under the GPL. It's their way of sharing their work with the community and keeping their code out of the reach of hardcore proprietary Unix vendors like Sun. Mark Christensen wwwlight@mediaone.net | ||