See also: last week's Letters page.

Letters to the editor

From:	 Leon Brooks <leon@cyberknights.com.au>
To:	 letters@lwn.net
Subject: Backslapping, security incidents, kernel versions
Date:	 Thu, 28 Feb 2002 14:13:59 +0800

>From http://lwn.net/2002/0228/ :
> Once again, congratulations are due to the community: we won this one.

Actually, congratulations are also very much due to the W3C, they've been 
more responsive in this case than the vast majority of manufacturers, and 
many nominally independent bodies.

> the last Linux-related vulnerability with a full CVE number is
> CVE-2001-0489, a format string vulnerability in gftp which was
> reported in May, 2001. This is a problem: time is often of the
> essence when dealing with security incidents.

The only obvious solution is to promptly (timescale of at most a few hours) 
allocate numbers to all submitted *reports* and provide a simple means of 
checking whether a report was ever validated or disqualified as an *incident*.

> Now that 2.4 is finally getting truly stable, few people would
> like to see it be destabilized again. On the other hand, the 2.6/3.0
> kernel could well still be two years away

Must it? If we stop revolutionising the kernel with new MM, scheduling and FS 
concepts at the end of July, we might have a 2.6 by Christmas. Then we can 
cut loose with a new set of fabulous and totally new features in 2.7 with an 
eye to releasing that in turn at the end of 2003 (Linux 3.0 for 2003?). One 
release a year done like this would help the stable kernel to stay so. If the 
split was done at the start of December, most of the bug-echoes would have 
died down by new year. There are arguments against against deadlines, and 
they should be flexible, but it seems to help many projects along to actually 
have them in the first place. It lends impetus to events like bug-killing 
weekends.

Cheers; Leon

From:	 Leandro Guimarães Faria Corsetti Dutra <leandrod@mac.com>
To:	 letters@lwn.net
Subject: StarOffice goes proprietary
Date:	 Thu, 28 Feb 2002 11:56:37 +0100

	StarOffice was always proprietary -- it was just a free download, not 
free software.  OpenOffice is free, and will continue to be for the 
foreseeable future, but lacks things like Adabas D that are present 
in StarOffice; by the way it shouldn't be to hard to integrate 
either SAPdb, a direct descendant of Adabas, or any other free RDBMS 
like Interbase (Ph?nis?), GNU SQL or PostgreSQL.

	The only thing I think Sun could do to assure us that OpenOffice will 
always be free except by a catastrophe would be to assign the 
copyrights to the FSF or a similar entity.  But at this time it 
doesn't seem that we are really running the risk of a proprietary 
fork of OpenOffice, and even if Sun was dumb enough we could just 
fork it ourselves and keep and develop the last free version.

	As you pointed most of this at the end of the relevant section in 
your main page, I trust the headline was only an oversight or at 
worst an eye-catcher, because many people will read only the 
headline and the first two or three paragraphs and will 
inadvertently spread unintended FUD until they are challenged by 
someone who knows better.


-- 
 _
/ \ Leandro Guimarães Faria Corsetti Dutra        +41 (21) 216 15 93
\ / http://homepage.mac.com./leandrod/        fax +41 (21) 216 19 04
 X  http://tutoriald.sourceforge.net./      Orange Communications CH
/ \ Campanha fita ASCII, contra correio HTML      +41 (21) 644 23 01

From:	 "K.Hayen" <K.Hayen@digitec.de>
To:	 letters@lwn.net
Subject: Staroffice never was non-proprietary
Date:	 Thu, 28 Feb 2002 16:45:27 +0100

You write:

"StarOffice goes proprietary"

Since when was StarOffice not proprietary? Your further
writing indicates that you understand it was never
Free Software. So why do you imply news where is no
news? I am disappointed, this doesn't feel like good
journalism.

The valid speculation about Sun's motives is that Sun
recognizes Linux distributions more now as a threat and
concurrent than it did before. It wants Solaris to have 
an added value over other Unix versions. That's only
legitimate. 

This need not involve a Linux from Sun. But it would
only be true for a Sun-Linux. I actually like that
name besides.

I only hope they follow HP and pick Debian as the open 
distribution they can influence through their good
engineers.

Closed Distributions like Redhat (normal people cannot
make or participate in decisions, nor contribute) will
fail just like Closed Source failed.

If Sun wants to turn from a late comer to people who have 
the future, I advise them to make a nice setup. Get their
QA after a small selection of packages they specifically
care for (probably Gnome, some servers like Apache, NFS 
stuff, etc) and trust Debian community for the rest.

Oh and yes, I hear you say that only a Closed Group of
people can do the real thing. That's why Microsoft will
reign with Windows forever, ... not? ;-)

Yours, Kay Hayen

From:	 Chris Hanson <cph@zurich.ai.mit.edu>
To:	 "Robert A. Knop Jr." <rknop@pobox.com>
Subject: Cruft has become our life
Date:	 Thu, 28 Feb 2002 13:30:24 -0500
Cc:	 letters@lwn.net

Rob,

I couldn't agree more; this is the #1 problem I have with GNOME, which
in many other respects I like.  I can't count the number of times I've
had to delete all the GNOME configuration files and directories and
start again from scratch.  And of course, it's impossible to copy a
configuration from one machine to another, something that was routine
with my pre-GNOME configurations.

Not to mention that none of the configuration information is
programmable, which means it can't be written once in a way that will
adapt to different machines, different screen sizes, etc.  (As my old
configuration could be, albeit with difficulty.)

Note that this is in sharp contrast to (the ".sawfishrc" file of) my
Sawfish window manager configuration, which is completely programmable
and adapts to each of my machines.  (Unfortunately the Sawfish
"custom" file suffers from many of the problems of other GNOME
applications.)

The ideal solution would: define the contents of the configuration
files in some common language (e.g. XML); document each possible
setting; allow hand-editing of configuration files; and provid the
ability to script the files so that they could be adapted to the
current environment.  None of these is hard to do, and each provides
clear advantages.

I hope the GNOME developers wake up and understand that the current
situation is unacceptable to many users.

Chris

From:	 Joe Klemmer <klemmerj@webtrek.com>
To:	 "Robert A. Knop Jr." <rknop@pobox.com>
Subject: Re: Cruft has become our life
Date:	 28 Feb 2002 13:57:25 -0500
Cc:	 letters@lwn.net

> Perhaps I should just go back to my roots and run FVWM, and get away
> from the Gnome/KDE/GUI madness.  Alas, I want to have my cake and eat
> it to; I want the features that come along with the configuration
> cruft.

	Perhaps you might try XFce <http://www.xfce.org>, then.  If you want
cake and eat it I think you'll find that XFce might be just what you're
looking for.

-- 
Using Linux since 11/91		|		http://www.linux.org
Linux user #29402		|		http://counter.li.org
Red Hat Linux			|		http://www.redhat.com

From:	 Dick Middleton <dick@lingbrae.com>
To:	 letters@lwn.net
Subject: Fast Keyword Searching Tool
Date:	 Fri, 01 Mar 2002 11:07:15 -0000

I'm not trying to promote this product but I have been using the
Powermarks bookmark manager from Kaylon for a few weeks now find it is
remarkably effective tool.  It is different because instead of
managing a hierarchical data base as most such tools it operates on a
single list using fast keyword searching to find items of interest.
The company has also used the technique in a MP3 track manager but
neither tool is available on Linux (yet).

For me I would really, really like this concept to be used in an
email manager.  No more filing but nevertheless quick access to
obscure or long forgotten items.  I think it would transform the email
experience.

I think such a tool, particularly a generalised one which could handle
anything (bookmarks, addresses, emails, mp3 etc) and could be
integrated with standard utilities (emailers, browsers etc) could be
the killer application for Linux.  It could do for the desktop what
Apache has done for servers and transform Linux office offerings from
also-ran to leaders.

Any free software fast keyword search gurus want to bite?

Dick Middleton
dick@lingbrae.com

From:	 Eric Smith <eric@brouhaha.com>
To:	 letters@lwn.net
Subject: Microsoft is afraid of the GPL
Date:	 28 Feb 2002 20:42:05 -0000

Gentlemen,

On 28-Feb-2002, LWN.net daily updates referenced an article in ZDNet
News which quoted Craig Mundie of Microsoft as saying "The problem with
General Public License advocates is that they don't understand that
people need the opportunity to commercialize software."

As usual Microsoft tries to divert attention from the real issue.

Suppose for a moment that Microsoft was right, and that the GPL did
somehow deny them "the opportunity to commercialize software".  Why
would this be a problem?  Microsoft isn't exactly well-known for
allowing other people the opportunity to commercialize the software
which Microsoft has written.  Surely it is not anyone else's
responsiblity to provide Microsoft with "the opportunity..."  when they
themselves don't provide that opportunity to others?

However, in point of fact the GPL does not deny anyone the opportunity
to commercialize software.  A number of companies have been successful
doing so; one of the most visible is Red Hat.

What Microsoft really means is that they're afraid of having to compete
on a level playing field.  They're perfectly happy to take advantage of
software written by outsiders; they've been doing that for years with
such things as the BSD TCP/IP networking software.  But when they look
at software which is GPL'd, they realize that they can't use it and
still keep their participation strictly in the "only benefits Microsoft"
direction that they like.  It's fine for volunteers to slave away for
months and years writing code, but if Microsoft would be forced to
contribute back a few minor changes and improvements to that code, they
don't want it.  They want to reap the benefits of free software, while
not contributing to the process themselves.

Note that even for non-GPL'd free software that Microsoft uses, such as
the aforementioned TCP/IP software, which was distributed under the BSD
license, Microsoft has not done a good job of complying with the
relatively minimal license requirements.  In particular, for many years
the BSD license required acknowledgement of the use of their code in
product documentation, which Microsoft never did.  This particular
instance is no longer an issue because BSD has since dropped the
advertising clause, but it does demonstrate that Microsoft has no
willingness to cooperate with the developers of free software to even
the most minimal extent.

When you look at just how loudly Microsoft decries the GPL, you can see
how scared they are.  After all, why should they be so vocal about it?
No one is forcing them to use GPL'd software.  It's simply another
choice.  Of course, Microsoft doesn't want people to have choices, but
isn't it strange that they complain that choices are available to
them?

To illustrate just how ridiculous it is for Microsoft to devote so much
effort complaining about the GPL, imagine instead that they were
complaining about something other than software.  Suppose that they
needed to buy cardboard boxes for their products.  Perhaps one vendor of
cardboard boxes, MegaBoxCo, would only provide them to Microsoft under
the Public Box License, with terms Microsoft didn't like.  Would
Microsoft devote all this effort to convincing the world that the Public
Box License was bad and that people who offered boxes under the PBL were
Unamerican?  Of course not.  They'd just buy their cardboard boxes from
another vendor.  There's no monopoly on cardboard boxes, so there are
plenty of vendors to choose from.  Similarly, there is no monopoly on
the GPL'd software Microsoft is complaining about, and there is
absolutely NOTHING that prevents Microsoft from simply ignoring the
GPL'd software and instead using non-GPL'd software from other authors.
Or writing software themselves -- Microsoft is after all a software
company, isn't it?  Surely they have at least a few programmers on
staff?

Sincerely,
Eric Smith