Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page
Other stuff:
Recent features: Here is the permanent site for this page.
|
Leading itemsLinux-Mandrake is on a roll. The announcement for the very first version (5.1) of Linux-Mandrake came out just over a year ago - July 23, 1998. It was, at the beginning, simply a rework of Red Hat 5.1 with the KDE desktop integrated into it. People liked the result, and Linux-Mandrake began to attract a sizeable user base. Consider, one year later, some events from the last month:
Obviously Linux-Mandrake is going somewhere. They now have twenty employees, offices in numerous countries, and the ability to fund open-source development projects. Even a year ago, the distribution market was looking crowded; how can it be that such a newcomer can have such success? Mandrake is a clear example of both the benefits and the pitfalls of being in the open source software business. MandrakeSoft was able to start with a complete distribution - Red Hat 5.1 - and create a new, marketable product with some comparatively minor additions. There is an old joke that, while most scientific fields make progress by standing on the shoulders of those who came before, computer scientists stand on each others' feet. Thanks to free software, MandrakeSoft was able to stand on Red Hat's shoulders. Was this fair to Red Hat, which might not have wanted to lend out its shoulders in this manner? In a sense, it doesn't matter. Those are the rules of the game that Red Hat chose to play. Remember also that Red Hat has always been free to take MandrakeSoft's additions and fold them back into their own distribution; if they have not taken advantage of this resource, they certainly can not complain if Linux-Mandrake starts to take some sales from them. (And, in fact, if Red Hat has complained we certainly have not seen it). MandrakeSoft's real advantage would appear to be a strong emphasis on ease of use and integration of the desktop tools. By creating a distribution that people want to use, they have created a market for themselves. Linux-Mandrake is successful because it has added real value. Linux-Mandrake is now moving away from direct use of the Red Hat code base; they have sufficient development resources that they can do things their way. They intend, however, to maintain their Red Hat compatibility - RPM packages for Red Hat will always install on Mandrake as well. This is a smart move, which will help to guarantee the availability of large amounts of contributed software for their system. Please see our interview with MandrakeSoft's Gael Duval for details on the above and much more: MandrakeSoft's future plans, and the origin of the name. Caldera OpenLinux 2.2 and 2.3, and Red Hat 5.2 and 6.0 are year-2000 compliant, according to an independent analysis done by Key Labs (Caldera) and The Software Laboratory Limited (Red Hat). Both tests looked at a variety of commands to insure their proper behavior in the next century. While a few small bugs were turned up, they had little to do with the year 2000 itself. Both OpenLinux and Red Hat have a clean bill of Y2K health. One could certainly find faults with the methodology of these surveys (the full reports are available from KeyLabs' Caldera page and Red Hat's Y2K page). There was no complete survey of the code done. Other possibly time-sensitive parts of the system (PAM modules, PostgreSQL, sendmail, etc.) were not tested (the Caldera survey was rather more comprehensive than Red Hat's in this regard). Testing of applications was done, with little attention paid to the kernel. They are far from a complete survey of the Y2K readiness of Linux. Still, it is a step beyond anything we have had before. The Linux community has, as a whole, not been all that concerned about the year 2000 problem; Y2K is a problem that other systems have. And, to a great extent, that is true. The internal Unix time format has no Y2K problem (though 2038 is another story). But that does not mean that libraries and applications have not introduced problems of their own. There must be at least one lurking out there somewhere still. So it is good to see that a serious attempt has been made to insure that things will keep working after the end of this year. Even with a system as good as Linux, the absolute absence of Y2K problems can not simply be assumed. (See also: SuSE's Y2K page, Debian's Y2K page, and the GNU software Y2K page. We were unable to find Y2K pages for Linux-Mandrake, or TurboLinux; MandrakeSoft tells us that they have a Y2K study underway currently. Slackware has a brief mention on its FAQ page saying "The responsibility for ensuring that Linux is y2k compliant enough rests with the end user."). Suggestions for the future of the Linux Documentation Project. Matt Welsh, co-founder of the Linux Documentation Project, has dropped us a notewith his thoughts on where the project should go from here. "I think that the only thing the LDP needs to do to get on track is to retain the essential structure it has had for the last five years. Making things any more complicated will only raise the barrier of entry to new authors, which will eventually cause the project to die out." Worth a read. Linux fragmenting? No way, says Eric Raymond. "Instead, [Linux is] cheerfully absorbing its competition. And the fact that it is `absorbing' rather than `destroying' is key; vendors are belatedly figuring out that the value proposition in the OS business doesn't really depend on code secrecy at all, but instead hinges on smarts and service and features and responsiveness." This Week's LWN was brought to you by:
|
August 26, 1999
|
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Security page. |
SecurityNewsXDM Insecurity revisited was the topic of a discussion on Bugtraq this week started by Jochen Bauer. He pointed out that the first report of XDM security problems was made in November of 1997 by Eric Augustus. Despite this, recent versions of Digital Unix, SuSE Linux and Red Hat Linux (among probably others) still ship with an Xaccess file that is insecure by default. Suggestions for securing gdm or xdm were made. Overall, though, it was recommended that anyone using xdm or gdm block UDP port 177 on their firewall. Hopefully, the distributions will take a look at this issue and take measures to better secure their base distributions. Kurt's Closet is a new column on SecurityPortal; the inaugural article is about Linux and encryption. "If an attacker manages to get access to your backup tapes, or gains physical access to a server, your data is suddenly very insecure, despite file permissions. Or if an attacker puts a laptop with sniffing software on your internal network, all that money you spent on securing the fileserver is much wasted. Encrypting your data can solve these problems." In the growing conflict between law enforcement concerns and privacy issues in the digital age, a Justice Department proposal, to be dubbed the Cyberspace Electronic Security Act (CESA), seeks to extend authorization to law enforcement to decrypt information that it has legally seized. "A sound and effective public policy must support the development and use of encryption for legitimate purposes but allow access to plaintext by law enforcement when encryption is utilized by criminals. " As reported by ZDNN, however, concern is that the bill provides for surreptitious surveillance, by allowing law enforcement officials to break into someone's house, for example, and disable the encryption on someone's computer without informing them, widening the now-rare use of such "wire-tapping" authorizations. CNN and TechWeb also commented upon the bill, outlining concerns from privacy groups. Meanwhile, it was interesting to note that the original bill carefully states, "this Act is not intended to make it unlawful for any person to use encryption in the United States for otherwise lawful purposes, regardless of the encryption algorithm selected, key length chosen, or implementation technique or medium used. Similarly, this Act is not intended to require anyone to use third parties for storage of decryption keys, and this Act does not establish any regulatory regime for entities engaging in such an activity. Finally, this Act is not intended to affect export controls on cryptographic products."This paragraph can be taken as an indication that encryption issues are now sensitive enough that the bill proposers wished to distance themselves from them in order to make it easier to find sponsors for the bill. Perhaps the DoJ no longer expects that it can hold back the use of encryption. Security ReportsMultiple buffer overflows in Windowmaker have been found. No exploits have been reported. Here is the original posting from Stan Bubrouski which outlines the problem.Several vulnerabilities were reported to Bugtraq by Michal Zalewski in this posting. Two of them have been confirmed and recorded as new vulnerability in the Bugtraq vulnerability database. The first involves a problem with pt_chown, a setuid program that supports non-suid programs that don't have devpts support. Terminal hijacking may be possible as a consequence, along with a root compromise. Until a patch for pt_chown has been made available, the recommended solution is to change the permissions on /usr/libexec/pt_chown. Red Hat 6.0 is vulnerable to this problem. In addition, Michal reported a new vulerability in wu-ftpd. QMS 2060 printers allow passwordless access to their root account. This can be exploited to produce a denial-of-service attack or to use resources without proper logging. Check the Bugtraq vulnerability database entry for more details. UpdatesCaldera Updates. Caldera issued two advisories on August 18th and two more on August 23rd. The first reported a problem with xmonisdn, part of the isdn4k/utils package. This is a configuration problem and will not impact you if you are running with their default configuration.The second advisory reported a buffer overflow in the termcap library, discovered by the Linux Security Audit Team. The advisory indicates that Caldera OpenLinux 2.2 is not vulnerable to this buffer overflow, so OpenLinux users are not affected. The advisories on August 23rd covered the XDM issue mentioned above, for which they recommend modifying the Xaccess file, and new netkit-telnet and ncurses packages to correct the in.telnetd problem we mentioned in last week's Security Summary. Debian updates. Debian also issued an advisory about the issues with the termcap library. Since they have abandoned the use of termcap for terminfo, Debian is generally not impacted. However, if you have compiled your own programs using termcap, you will want to upgrade to their new termcap-compat package. Four additional advisories from Debian came out, including a potential problem with rsync, and /tmp file handling problems with smtp-refuser, trn and man2html. Upgrades are recommended for all four of these issues. Debian also issued a comment regarding security problems with seyon, why they cannot issue a fix for them. They recommend that seyon users switch to using minicom instead. Mandrake updates. Mandrake also issued updated isdnutils packages as a result of the problem with xmonisdn. Check near the bottom of their updates page for more details. Red Hat updates. Red Hat issued an advisory about problems with in.telnetd, reported by the Linux Security Audit Team. An updated package, telnet-0.10-29, is provided. More information on the problem can be found in last week's Security Summary. In addition, two more advisories were published on August 25th. One of them addresses the problems mentioned with wu-ftpd while the other address a buffer overflow in crond which could allow a local user access to root privileges. Upgrading to the packages listed in the advisories is recommended. SuSE updates. No SuSE security updates have been listed since June 30th, 1999. ResourcesA mailing list for the libnet C library has been announced. "libnet is an API to help with the construction and handling of network packets. It provides a portable framework for low-level network packet handling (use libnet in conjunction with libpcap and you can write some really cool stuff)."EventsCERT Conference '99 will start on August 30th, 1999, in Omaha, Nebraska. Check their website for more details.Section Editor: Liz Coolbaugh |
August 26, 1999
|
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Kernel page. |
Kernel developmentThe current development kernel release is 2.3.15. It is a huge (> 5MB) patch that includes new drivers for some ATM cards, Computone IntelliPort cards, and an SGI Visual Workstation audio driver. In all, almost 600 files were changed by the patch. Linus actually sent out an announcement for this release (rare these days); more information can be found there. The biggest change may be that IP firewalling and masquerading have been removed from the kernel. It is all being replaced with a thing called "Netfilter," which is supposed to provide a much better solution to the problem. Netfilter is much more generic and flexible; it can also emulate the older ipchains and even ipfwadm interfaces for backward compatiblity. The Netfilter code is currently maintained and distributed separately; there are three sites where it can be found: Penguin Computing, samba.org, and KernelNotes. More information can be found in the Linux Netfilter HOWTO, which is both interesting from a technology point of view and fun from a humor point of view. The current stable kernel release remains 2.2.11, despite the fact that this kernel has a lethal memory leak bug that quickly brings down the system in certain situations. Alan Cox has has 2.2.12 patches ready for some time, but the release has not yet happened. Soon, presumably. The RAID 0.90 patches have been pulled from 2.2.12. As discussed last week, RAID 0.90 is a large, incompatible change; not everybody thought it should go into a minor release of a stable kernel series. Since then, a bug turned up in 0.90, Alan Cox got more nervous, and Linus decided that merging it in was not a good idea. That probably pushes the updated RAID subsystem back to 2.4. Of course, current users of the new RAID can continue to apply the patches separately. FireWire (IEEE 1394) development continues to move forward, according to this update posted by Andreas Bombe. Low-level raw I/O is now working, but a lot of higher-level stuff is still under development. Firewire is not an easy problem, Andreas and company are to be congratulated for their progress. (There is also a Linux IEEE 1394 FAQ available for those who are interested). Spinlock metering is the latest kernel code contribution from SGI. Spin locks are used in SMP kernels to control access to critical data structures - things that should not be touched by more than one processor at once. Spinlocks are a potential performance killer, since a CPU that is unable to obtain a lock is not only blocked out of a particular resource, but it must "spin" and do nothing else until the lock is freed. For this reason, the Linux kernel has been slowly moving away from a "one big lock" architecture (used to get SMP working) to a much more fine-grained locking scheme. It has been hard, however, to know how effective many of these changes have been. And it is almost impossible to know where to put further development effort without knowing which locks are the real performance problems. Thus, improving the scalability of the Linux kernel to more processors requires a better understanding of lock behavior. Thus, lock metering. Some of the initial results posted by SGI on their lock metering page are interesting. They ran a heavy test load on a four-processor system running 2.2.10; the result was about 8% of the system's CPU time was spent waiting for locks. With 2.3.11, instead, the number of lock operations almost tripled (because there are many more locks), but the amount of time spent waiting for locks dropped to 2%. In other words, the work done to distribute locks through the kernel has been effective. This is an important contribution which will help Linux reach a point where it can work with large numbers of processors. It is nice to see SGI working toward the improvement of the system in such a clear way. At times, at least, corporate involvement in Linux brings about tangible benefits for all Linux users. Other patches and updates released this week include:
Section Editor: Jon Corbet |
August 26, 1999
For other kernel news, see: |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Distributions page. |
DistributionsRanking as a mini-distribution due to its size (40MB), Peanut Linux promises to be a full GUI version of Linux, more up-to-date than current versions of the major distributions. It includes KDE and X Windows, though items such as the Gimp or perl must be added. They could use a spell-checker for their web page, but it looks like they are working hard. For people who find the major distributions too bloated but want more than command-line functionality, this might be one to check out. [Thanks to Dave Stevens] Chinese Linux Extensions (CLE)Version 0.9pre1 of the Chinese Linux Extensions (CLE) has been released. This is the first update in three months and promises a large improvement in i18n and i10n support for Chinese. Check their announcement for more details. CLE is not really a distribution, per se, but is instead a collection of Chinese-related software packages currently using rpm for compatibility with Red Hat Linux, though a port to Debian is also on the way.DebianThe Debian Weekly News for August 24th is available. It explained, by the way, that the large number of recent security advisories from Debian has been triggered by the security team preparations for the release of Debian 2.1r3, which will contain all of the security-related updates from the last few months.Dpkgv2 has been renamed to the Herring Package Management Library (HPML) for which the design is mostly done. Here is the posting which explains the name change and gives some status on the project. They have compilable code, though no functionality. Expect to see a mailing list for the project soon. MandrakeWho is using Mandrake? Apparently, MandrakeSoft would like to know. If you are using Mandrake for professional purposes, please drop an email to francois@Mandrakesoft.com and let them know about it.MkLinuxA license for works developed by the MkLinux team has been proposed and feedback has been solicited.Red HatRed Hat 6.0 introduced the use of GIDs 101 for console and 102 for utmp. Tony Nugent commented on the havoc caused by this at his local site. Several other users agreed. No comment from Red Hat on why they chose to use GIDs above 100 for these system-related accounts was seen.Tomsrtbt"Tom's root boot" or tomsrtbt has announced Version 1.7.140. Based on 2.0.37, this updated version fixes critical problems with the handling of hard links in the pax, tar, and cpio programs. For more information, check out the tomsrtbt FAQ.SuSESuSE Linux version 6.2 is available in the U.K. We've mentioned some of the features of the new release before, but for those who missed the coverage, it carried the 2.2.10 kernel, PAM support, and many updated major packages, such as Netscape, the Gimp, etc. It also comes bundled with some commercial software, notably StarOffice 5.1 and Wordperfect 8 (for noncommercial use).In addition, many postings on suse-linux-e indicate that people have started receiving their SuSE shipments in the United States as well. The process is apparently going forward much more smoothly this time. One minor error reported with 6.2: SuSE 6.2 installs ProFTP by default instead of wu-ftpd, but it will try to run wu-ftpd from /etc/inetd.conf unless you correct that during or after the install. Check out this posting for more details. SuSE has been notified of the problem. In addition, an update for Yast for 6.2 has already been made available, due to a problem with recognizing some older DOS partitions. TrinuxA mailing list archive for the trinux mailing list is now available at http://www.mail-archive.com/trinux%40ark.com/.Section Editor: Liz Coolbaugh |
August 26, 1999
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
Lists of Distributions |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Development page. |
Development toolsPeople into the whole "Perl vs. Python" thing might want to have a look at Python to Perl Conversions and More random Python observations from a Perl programmer, both posted by Tom Christiansen. Tom is, of course, a strong Perl proponent, but these documents make it clear that he has looked at Python in a serious way.
JavaAn ugly bug in TYA 1.4 has been reported and a patch released. TYA 1.3 should not been affected.PerlThe White Camel Awards were presented for the first time this year. This year's winners are Tom Christiansen, Kevin Lenzo, and Adam Turoff for Perl Advocacy, the Perl Community, and Perl User Groups, respectively. Check out O'Reilly's press release for more details. From everything we've ever seen, the awards are richly deserved."Algorithms with Perl" is a new book out from O'Reilly by Jon Orwant, Jarkko Hietaniemi & John Macdonald. For information on it, you can check out the press release, table of contents, bios, etc., or the cover graphic. PythonThe Eighth International Python Conference has been set for January 24-27, 2000, in Alexandria, Virginia. The Call for Papers is currently out, with submissions due on September 30.Here's the latest Python-URL! with coverage of happenings in the Python community. Also of interest: The Most Elegant Scripting Language You'll Probably Never Use by Dan Shafer on CNet's Builder.com. "Interestingly enough, when I started researching Python, one of the questions I had was related to its near-invisibility. Turns out I was only half right. It is largely invisible, but that's not because it isn't being used. Rather, it's because those who are using it aren't making a lot of noise about it." Tcl/tkThis week's Tcl-URL! mentions that it has been a quiet week, probably due to the O'Reilly conferences. It gave another reminder that Proposals for the 7th USENIX Tcl/Tk Conference are due by September 1st.Tcl/Tk 8.2 Final was announced on August 18th. Section Editor: Liz Coolbaugh |
August 26, 1999 |
|
Development projectsXanadu! At the O'Reilly conferences this week, Ted Nelson finally released Xanadu. Xanadu, of course, is the hypertext system that Ted first laid out many years ago, long before the World Wide Web was conceived. It has been described as the software world's most persistent vaporware project. Vaporware no longer, it can be downloaded at udanax.com.
"Based on the intellectual-property climate of the world at the time the work began -- long before the virtues of Open Source were widely appreciated -- keeping this work under trade secret seemed both standard and prudent. Today the world is very different. In celebration of the success and vast human benefit of the Open Source movement, we are proud at last to be able to present to the world the technical ideas and methods on which we worked so hard for so long. " Articles about the Xanadu release can be found on DaveNet and Byte's site. Information on Electronic Design Automation for Linux has been updated on the LinuxEDA.com advocacy page. They've linked into portions of the Scientific Applications on Linux (SAL) page as well as starting a list of free software EDA projects. In addition, you can find information there about the linux-eda mailing list. Perhaps most interesting is their comprehensive set of links to press articles about Linux and EDA. Promotion of open source Voice over IP (VoIP) internet telephony software is the goal of the http://www.openphone.org website. "We aim to phone-enable every computer on the planet. There is low-cost telephony hardware available that makes low-bandwidth, real telephone service possible over IP networks... we just need software!" ApacheApache 1.3.9 was announced on August 20th. The new version contains over 130 changes, including security fixes.GimpThe August issue of TheGimp.com is out. Lots of good Gimp information, as well as the Artist of the Month (Clay Boutilier, this time), as usual.Meanwhile, Gimp development news is a bit thin, since the gimp-user and gimp-devel mailing lists were recently "nuked" as a result of an upgrade on the server at the Experimental Computing Facility at UC Berkeley. No estimated time is known for their restoration. The Gimp Kernel Cousin still published on August 20th, but simply reports on changes to CVS. The Gimp News for August 24th still seems robust. It mentions Jon Peterson's review of the Gimp user interface, the addition of JPEG previewing and a couple of other items. It does also mention the damage to the mailing lists. Apparently no freeze date for Gimp will be set until after the lists are restored. GnomeLinuxPower has put up its latest Gnomish Bi-Weekly News.Also, the announcement for the GNOME-ES web pages has gone out. GNOME-ES is a group which has set out to translate the gnome documentation into Spanish. Havoc Pennington's Gnome Summary for August 15th-22nd can now be found nicely formatted on the web. From it, we learned of the Gnome Status Page, which tracks the status of major release goals. Note that it does not try to perform comprehensive tracking for all Gnome components, just the portion being worked on by the core team. A File Manager Status Report has been issued by Ettore Perazzoli and more candidate window managers are showing up. "We'll see how it goes; you can never have too many window managers. :-)" High AvailabilityThe Understudy Project, which we first mentioned around November last year, is a commercial high-availability project for Linux sponsored by PolyServe. Vince Schiavo dropped us a note this week to let us know that they expect their first commercial release to ship in October. For more information, check out the Understudy product page. Understudy is a webserver clustering utility that ensures constant website availability using a backup webserver.Meanwhile, the links on the High Availability website have also been updated to include other commercial products. A Phase I TO-DO list has also been added, for anyone interested in a project to work on. KDEThe KDE Development News has changed its publishing schedule. This week's edition covers Wednesday, August 11th, through Sunday, August 22nd.One good piece of news announced this week: Daniel M. Duley (aka Mosfet) has been hired by MandrakeSoft to work on KDE. He's also started a news site to cover the work he'll be doing. For more information, check out this interview with him done by Linux.com on August 18th. The interview covers the KDE 1.1.2 and 2.0 releases, plus some comments on Mandrake's new open development process. MidgardMidgard 1.2 has been released! Their announcement mentions that ODBC support did not quite make it into this version. Instead, features of the new version include the use of PHP 3.0.12 and compatibility with Apache 1.3.9. Documentation is still lacking, so interested users will need to sign up for the mailing lists to get the support they need for installation, etc. Midgard is freely-available platform for creating powerful web applications. More news on Midgard development can be found in this week's Midgard Weekly Summary.MozillaPress coverage of Mozilla seems to have stepped up. Web Review has a couple of articles about Mozilla. This one looks at the interesting bits of new technology produced by Mozilla. "From the programmer's perspective, Mozilla has clearly been wildly successful. In addition to the millions of lines of freely available source code, Mozilla has contributed a number of useful tools and technologies to the development community."And Mozilla: success or failure? looks at whether Mozilla has been worthwhile or not. "There are certainly many more contributors outside of Netscape working on Mozilla today than there were in the first six months of the project. This phenomenon was largely due to the state of the Mozilla code at the time, and the lack of a clear architectural direction." PHPThe Beta 2 of PHP 4.0 has been released and is available for download.Slides from LinuxWorld tutorials on PHP given on August 21st at the O'Reilly Open Source conference by Jim Winstead and Rasmus Lerdorf have been made available. WineThe Wine Weekly News for August 24th tells us about a lot of changes that have gone in during the past week, a Byte article that mentions Wine and some intense discussions currently going on. The Wine registry is one topic of discussion, while Elfdlls, DIB sections and the organization of the multimedia DLLs were others.Wine is an implementation of the Windows 3.x and Win32 APIs on top of X and Unix. WorldForgeThe August edition of The Chopping Block, the WorldForge monthly newsletter, is now available. A large number of columns and feature articles are included. Additional submissions for future editions are also encouraged, not necessarily limited to WorldForge issues.From this issue, we glean that WorldForge 0.2.0: The Demo has been released, which everyone is encouraged to try. "The WorldForge Project is developing a complete system for massively multiplayer worlds." xmmsLinuxPower has done an interview with xmms developers Peter Alm, Olle Hallnas , and Thomas Nilsson. xmms is a multimedia player based on the look of winamp.ZopePam Crosby again fills in for Amos Latteier, providing Zope News for the hungry. By the way, it appears that the gender of Zope has been under discussion and it has been concluded that "it is an it"."Zope is a free, Open Source application server and portal toolkit used for building high-performance, dynamic web sites." Section Editor: Liz Coolbaugh | |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Commerce page. |
Linux and businessThe LWN Linux Stocks Page (at http://lwn.net/stocks/) has generated quite a bit of feedback over the last week or so. Many thanks for all of your comments. Expect an updated version in a week or two. A few things were suggested numerous times; here's what we plan to do:
Thanks for your support of the Linux Stocks Page, and keep an eye on it as it gets better. Lego Mindstorms Robots are the topic of a new O'Reilly book which has recently appeared in their catalog. This isn't really a Linux book, but it's hard to imagine that those who like to play around inside Linux wouldn't be into this too...
and speaking of books,
There were a couple of LinuxWorld announcements that didn't
make it into last week's LWN. Sybase Enterprise Application Server for Linux was selected as a winner of the LinuxWorld Conference & Expo Show Favorites Awards, sponsored by LinuxWorld magazine, in the Web Server category. The SourceXchange has posted its first six Requests for Proposals. These RFP's all originate from within HP. All of the projects, of course, are to be released as open source. Hardware: Rave Computer Association, a long-time Sun reseller, has announced that it is now selling Sparc systems with Linux (Red Hat) preinstalled. Lineo has announced the release of "Embrowser," their embedded web browser product. It runs on DR-DOS now, but will end up on their embedded version of OpenLinux ("Embeddix") shortly. Software: Mentor Graphics will be making its "Calibre" physical verification tool (for the semiconductor industry) available for Linux, according to this Semiconductor Business News article. "Calibre for Linux will be available in the fourth quarter. Pricing for Linux, Windows NT and Unix versions of Calibre starts at $50,000." Motorola has announced its intention to buy Metrowerks, makers of CodeWarrior for Linux, among other things. (Thanks to Bill Shotts).
Press Releases:
Section Editor: Jon Corbet. |
August 26, 1999 |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Linux in the news page. |
Linux in the newsThis Week's Recommended Reading: ZDNet's Jesse Berst doesn't think much of Sun's plan to buy StarDivision. "The idea would be to promote Linux (and possibly Sun's Solaris operating system) as a viable competitor to Microsoft on the desktop. [Sun President Scott McNealy is] not interested because it makes business sense; he's interested because he's obsessed with Bill Gates and can't resist a chance to attack him. Hang on, give me a second? I'm thinking... I'm trying to decide if that's the dumbest idea I've heard this year." (Thanks to Cesar A. K. Grossmann). Here's a ZDNet column by Evan Liebovitch about AOL's withdrawal of their TiK instant messaging program, which had been released under the GPL. "AOL's vain attempt to take back what it started indicates that it may not really have ever known what it was dealing with....Even if AOL stopped further distribution of TiK from its own Web site, it can't stop those who already have it from freely passing it around. If Microsoft wanted a copy, I'm sure they already have it. The damage is done." Linux vs. Microsoft: Here's an ABC News article about the Microsoft and LinuxPPC "hack this box" contests. "It should be noted that the Linux machine is getting one-tenth the number of attacks that the Microsoft server has endured - and that the Windows 2000 operating system is still in beta, and is due for more debugging once it has been released." Computer Reseller News ran this article on Microsoft's approach to Linux. "IT departments are saying they will evaluate the technology, but not much beyond that, [Microsoft product manager] Edwards said. In the corporate space in particular, Microsoft has a more compelling story than Linux, based on performance, reliability and track record." Here's a ZDNet article about Compaq's abandonment of Windows NT on the Alpha processor. "[Marketing VP] Borkowski added that Linux has taken hold on the Alpha architecture far more quickly than most vendors anticipated." (Thanks to Cesar A. K. Grossmann). Why do computers not improve the overall productivity of industry in the U.S.? According to Fred Moody in this ABC News column, it's all Windows' fault. "In other words, we're fighting a losing battle by throwing more computing power at our worker-productivity problem. The more computers we bring into the workplace, the more resources we spend repairing system-crash damage and the more overall productivity is lost." Unfortunately, he doesn't see fit to mention the existence of more reliable systems. (Thanks to Ted Ede). Microsoft is polling the German press about Linux, according to this Heise Newsticker article (in German). They are looking for perceived strengths and weaknesses in Linux, presumably so they know where to attack it. English translation available via Babelfish. (Thanks to Lenz Grimmer and Fred Mobach). Is Microsoft opening up? asks Sm@rt Reseller. "If Microsoft wants to test the open-source business paradigm, it needs to go all the way and truly open source its technologies. If the company merely wants the credit for being 'open,' it should be very clear about the fact that the company does not plan on being an open-source contender." (Thanks to Cesar A. K. Grossmann). C't Magazine has run a lengthy summary of the "Wizards of OS" conference held in Berlin last July. "Those who simply call Stallman a nutcase are taking it too easy on themselves: The numerous Open Source projects, Netscape's releasing its source code, the close co-operation between IBM and Apache Group and the stir the success of free software has caused at Microsoft ... are proof of how much is in motion at present." (Thanks to Fred Mobach). Here's a Salon Magazine article about alternative operating systems in "free" PC's and "appliance" systems. "After all, the interface of an 'appliance' doesn't necessarily have to look like a traditional desktop; each interface could be customized for the purpose of the machine, so a user wouldn't care whether it's running on Windows or Linux -- if, that is, the free PC makers succeed in making the back-end operating system invisible." (Thanks to Paul Hewitt). Can Linux live up to the hype? asks PC World. "...be wary of getting caught up in the Linux hype machine. Like any promising farm league rookie, Linux needs seasoning before making it in the big leagues." Linux Can't Handle Life As A Corporate Client says Internet Week. "And what about file and print services? The other half of the last ATM Lab Test Linux experience was getting three new Linux machines to see our lab's two printers. Let's just say that Linux, Samba books and bits of the lab director's hair were flying all over the place. And I don't think those machines ever did print." Linux will never dominate the desktop, according to this osOpinion piece. "Linux was not designed for general PC use, and trying to fit the square peg of extensive functionality and accessibility does not fit into the round hole of usability." More Red Hat IPO: Will success spoil Linux? asks E-Commerce Times. The article is really about the Red Hat IPO and the community offering difficulties. "If Red Hat really wants to show the world that it is not just another money-grubbing corporation, it should find some other way to pay back those programmers whose hard work made its IPO such a hit on Wall Street." Liberation covers (in French) the Red Hat IPO with attention to the community offering difficulties (described as "catastrophic"). English text available via Babelfish. (Found in NNL). News.com predicts downward mobility for Red Hat's stock. "Red Hat's success may imperil the company's relationship with the programmers who work on the program and maintain the source code.... One of Red Hat's strengths today is its brand name. That reputation could be tarnished if Linux programmers decide that Red Hat is becoming too much like Microsoft in trying to dominate the Linux market." More Business: Here's an Information Week article about open source software in e-commerce applications. "Among application servers, two packages, PHP and ZOPE, are starting to gain a following. Since custom coding is a necessity with application servers, there's a big win if you can have access to the source." Computer Reseller News writes about the use of Linux at International Trucking Specialists. "The reseller demonstrated that Linux has major security advantages over other flavors of Unix..." Why do computers not improve the overall productivity of industry in the U.S.? According to Fred Moody in this ABC News column, it's all Windows' fault. "In other words, we're fighting a losing battle by throwing more computing power at our worker-productivity problem. The more computers we bring into the workplace, the more resources we spend repairing system-crash damage and the more overall productivity is lost." Unfortunately, he doesn't see fit to mention the existence of more reliable systems. (Thanks to Ted Ede). Penguinitis' Sweeps Monterey UNIX Consortium says Sm@rt Reseller. "While the partners involved in the Monterey Project--the initiative between SCO, IBM, Intel, Sequent Computer and Compaq Computer Corp. to create a high-volume unified UNIX--were upbeat on Monterey's prospects, they still had Linux on the brain." PC Week looks at SCO's entry into the Linux services field. "...the move, like so many other commercial vendors' moves into the open-source realm, shakes up the company's business model and may lead users to think more deeply about the different hats their vendors will be wearing once Linux is added to the fold." Reuters ran this article about Corel and its Linux plans. "Ottawa-based Corel has not seen the spillover it expected from the wildly successful initial public offering of Linux firm Red Hat Inc. Red Hat's sought-after shares, which debuted at $14, closed at $72.31 on the Nasdaq on Thursday. In contrast, Corel closed at C$6.65 on the Toronto Stock Exchange on Thursday, up just 5 Canadian cents from the August 11 launch of the Red Hat shares." Here's a couple of osOpinion pieces: An open business plan for Red Hat suggest how Red Hat should move forward with their pot of money. It includes buying SCO.... And Microsoft Linux is an interview with Mariko El-Nabi on when and how Microsoft will move into the Linux business. Federal Computer Week looks at Linux use in the U.S. government. "GSA's Heffernan said he has been amazed at how quickly Linux has become competitive in the operating system market. He chalks that up to the open-source philosophy -- not necessarily the fact that the operating system does not cost anything but the fact that the source code is totally open to anyone." (Found in NNL). Also: It's the top ten Linux-related web sites on LinuxPlanet - an Internet.com site. Happily LWN is one of the top ten. "Of course, I haven't included our own LinuxPlanet.com, which is certainly one of the most useful and informative Linux sites on the Internet. However, if you for some unknown reason ever feel like looking elsewhere, here are a few places you might want to check out....." Network Computing ran this article complaining about the security of Unix systems. "For the time being, Unix security is relegated to those who want to revolve their life around security bulletins and patches. Not to mention putting up with some downtime and rebooting to activate some of the patches." There's not much talk about which alternatives (MacOS??) are better... MacWeek says that the PowerPC will become the RISC chip of choice for Linux users. "Assuming someone takes IBM up on its offer and builds inexpensive PowerPC boxes for Linux, Alpha won't be the RISC favorite for Linux much longer. And indications of this shift are already appearing." The Boston Globe looks at Loki Entertainment Software and Linux games. "Backers of the upstart Linux operating system like to joke that their ultimate goal is world domination. They're getting there. In fact, anyone with a Linux computer can create an interplanetary empire, sort of." This column in Christian Computing Magazine looks at finding hardware and software for Linux systems. "While there is plenty of software for the general public available for Linux, finding software specifically tailored to Christian needs is a little more difficult. For example, I am writing this column using WordPerfect 8 (which is free for personal use on Linux.) But at this time there is not a piece of software for Linux specifically for church management."
Section Editor: Rebecca Sobol |
August 26, 1999 |
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Announcements page. |
AnnouncementsResourcesOne user's experience getting Linux up-and-running is the topic for the first MailBag column at AboutLinux.com, William Henning's (of CPUReview fame) new site. After the details of the experience, Bill sums up what can be learned for new people who have yet to try Linux.EventsThe Atlanta Linux Showcase has announced its conference and tutorial program at long last. They had a tremendous influx of papers, so it took longer to review them than they expected. Registration is open, and a pre-registration discount exists till Sept 15th.The First Annual Ottawa Linux Symposium was a tremendous success, according to the followup press-release. It does sound like an extremely enjoyable time. Their focus was on bringing together Linux developers and they succeeded in attracting an impressive lineup. ""The Ottawa Linux Symposium was a great technical conference," said Alan Cox of Building Number Three. "Three tracks of high quality tutorials and technical presentations, an E-mail garden and beer, everything needed to make it a great success."" Computer Professionals for Social Responsibility has announced its conference, to be held October 2-3 in Stanford, CA. Events include a session on the UCITA ("shrink-wrap software") act and the presentation of the Norbert Weiner award for Social Responsibility in Computing Technology to the "open-source software movement." The award will be accepted by Eric Raymond and Larry Wall. Linux for Suits. Somehow we missed until now the Linux for Suits event at Internet World, October 6 in New York City. It features an impressive set of names: Linus Torvalds, Esther Dyson, Bob Young, Ransom Love, Chris DiBona, Michael Tiemann, and more. More suits: The Linux Business Expo (which will be part of Comdex in November) has announced its list of keynote speakers: Michael Cowpland (Corel), Bob Young (Red Hat), and Ransom Love (Caldera). More LinuxWorld photos. SuSE's Lenz Grimmer has put up a page of photos from LinuxWorld. Cowpland in Miami. Ziff-Davis has put out an announcement about "Comdex/Miami," which is happening in, of all places, Miami at the end of September. It seems that Corel's Michael Cowpland will be there speaking on "Understanding the Benefits of Linux Open Source in the Software Industry" User Group NewsA UK Linux Demo Day will be held September 16th through the 18th, 1999, in Sheffield, England.The Greeley Linux User's Group is forming up in Greeley, CO, USA. In fact, their first meeting has been scheduled for Sept. 1 1999, 7:00 pm at the Centennial Park Library. If you are interested, contact Chuck Morrison or go to their new homepage. Help WantedIf you're a person with Perl, SQL, and Linux experience in the London area, the folks at guideguide Ltd. would like to talk to you.Hangover sarl in Paris is also looking for Linux folks. |
August 26, 1999
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Software Announcements
|
Our software announcements are provided courtesy of FreshMeat
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page See also: last week's Back page page. |
Linux links of the weekSome say that Linus is God; others may well be more interested in the Bible for Linux Project. They are working to promote the development of Bible software for our favorite operating system. The Review of Operating Systems is a simple and lengthy page which attempts to present a comprehensive list of operating system resources on the net. There's a lot of stuff out there... Section Editor: Jon Corbet |
August 26, 1999 |
|
Letters to the editorLetters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them. | |
Date: Thu, 19 Aug 1999 15:35:02 +0200 From: Bernd Paysan <bernd.paysan@gmx.de> To: letters@lwn.net Subject: RHAT overpriced? Well, aside from the fundamentalist opinion, that all internet stocks, and certainly Red Hat are way overpriced, there's some logic behind it. After all, Amazon or Yahoo aren't priced that high for their business they make now, or for the class of business they do (everybody can build a web-based bookstore or a portal site, lots do), but for building up a brand name. $5 billion for a brand name isn't overpriced (supposed that this thing becomes a commodity), perhaps $50 billions are. Look at traditional brand names like Levis. Everybody can make jeans, after all, it's nothing more than blue cotton and yellow thread; jeans are really a generic product. In fact, a lot of companies do make jeans, yet brand name jeans can sell at a premium price, although the only difference (to quality generic jeans) is the label. The same goes for Linux. Everybody can make a distribution, even a close rip-off or immitation of a brand name Linux (e.g. Mandrake is mostly Red Hat). The idea then is that even though there are a lot of "cheap immitations", the masses still will choose the brand. The main problem that contradicts that logic is that these things change in "Internet time". A few years ago, Slackware was the dominant distribution. Next year, Corel could be the dominant distribution. Or SuSE, when they continue to expand in the USA; they already are dominant in Europe. I don't think any of those can maintain a first class brand name for as long as Levis did. After all, none of them invented Linux, so nobody could write "The original Linux" on their package. And the value of the brand really depends on becoming a commodity (i.e. "Total world domination(tm)"), or at least a luxury good (such as Rolls Royce or Lamborghini). -- Bernd Paysan http://www.jwdt.com/~paysan/ | ||
Date: Thu, 19 Aug 1999 10:04:26 -0400 (EDT) From: "Timothy D.J. Hunt" <tim@NewExpression.com> To: letters@lwn.net Subject: Linux IPO's and the Linux Community Sir, I am been watching with some frustration as Redhat attempted to do the right thing by the Linux community, and ended up being frustrated by market regulations intended to protect the naive investor. Given that we are expecting many more successful Linux based IPO's, and given that each Linux based company should be attempting to return some of the wealth to the community that created it, how could we prevent this happening again? I have a couple of suggestions: 1) How about setting up a Linux foundation that Linux based companies can make stock grants to, pre IPO. The foundation can then funnel the wealth to the Linux community by sponsoring new development, and/or grant awards to significant contributors (similar to the MacArthur foundation). This also has the potential to create a virtuous cycle, since any new development that adds value to Linux, also adds value to Linux based companies. 2) Maybe an enterprising mutual fund company could setup a Linux based mutual fund with membership offered to significant contributors within the Linux community. Linux companies can then allocate some of their community stock to this mutual fund, without have to deal with the issues involved in offering stock to lots of individuals. Regards Tim Hunt timh@usa.net | ||
From: "Jim Watts" <jamescwatts@hotmail.com> To: lwn@lwn.net Subject: Best and worst CD from the Linux World show. Date: Thu, 19 Aug 1999 19:29:49 PDT Hey guys, I just finished going thru your Linux Show review, and while I was disappointed not to see a picture of myself (in my very rare Amiga shirt), I was even more disappointed to see you choose Amdahl's CD as the worst of the show... and then drag them thru the mud for it. To be honest I haven't even looked at my copy yet. But I have looked at Storm, Turbo, and SuSE, and none of those would install on my laptop, only Red Hat did. So I have no use for any of them either. I not going to try to excuse the copyright bull on the back. It was obviously a canned blurb they got from legal... and we all know what we should do with them. You do have to give them some credit for even trying. Fujitsu is not a small company (Amdahl's owners) and for Amdahl and Fujitsu to support Linux can not be a small thing for them... or the Linux community. Maybe the best way to get them to realize the error was to post a flaming review like yours, maybe not. At least they are trying, you have to give them that. If they can get Linux into just one shop where it has never been before, they've done well enough in my book. And if 10 more companies do the same, so much better. Hopefully the next public display from Amdahl will be better. Time tells all. How would you like to see Linux running on a 2000Mips (a Millenium) mainframe? That would be a nice demo. Cluster THAT! Just my 2 cents. (Have you noticed that the cent key is gone? Where'd it go?) -Jim | ||
Date: Thu, 19 Aug 1999 12:04:56 +0100 From: Sid Boyce <szb50@amdahl.com> To: letters@lwn.net Subject: RE: The CD Giveaways Amdahl Corporation is still around with excellent products to sell. Without fanfare, quite a number of us have been avid Linux users going way back, many machines dotted around the Corporation are running Linux for serious work. On a visit to our Sunnyvale HQ in January, I was using a Linux machine for 3 days before I knew it was Linux, I had never seen Window Maker before, that's one of the beauties of this great Linux we know and love. This was a hastily put together CD and from my soundings, the standard licensing document should definitely not have been used - the equivalent of a kernel oops perhaps ?. Rest assured, we are serious, we are keen to get going, we feel the buzz. We've got some serious and solid hardware in TeamServer and Elvis (RAID) and we shall have Linux solutions in the Corporate sector to complement our excellent Mainframe offerings. Most people at Amdahl are still new to Linux, but the pin is dropping rapidly, for me, I've been with Linux since it first appeared and have preached it to all. At first I gained the impression they thought I was a total eccentric, now I am something of a prophet perhaps. Everyone knows the sort of reaction you got on mentioning Linux, one colleague installed it on a Quad P-II which we sold with NT, when the Dept. manager passed by, he said "gosh, that's quick", "what's that ?", having been told it was Linux, he put his nose in the air and marched of saying, "that's not one of our supported operating systems". We get the last laugh!. Regards -- ... Sid Boyce...Amdahl(Europe)...44-121 422 0375 Any opinions expressed above are mine and do not necessarily represent the opinions or policies of Amdahl Corporation. | ||
Date: Fri, 20 Aug 1999 11:38:01 -0700 From: Anand Srivastva <anand@nmi.stpn.soft.net> To: webmaster@osopinion.com, letters@lwn.net Subject: Linux won't dominate the desktop Hi, I don't agree with you that Linux won't succeed on the desktop. Its like saying MSDOS can't work on the Desktop, remember how bad MSDOS was initially. The only thing wrong with Linux is that its too new. How much time has it been since people started even thinking of a GUI for Linux, just two years. Remember how much time MSDOS took to have a GUI. How long MS had to work to get a decent Windows GUI. How long it had failed, before it started succeeding. Just wait for a couple of years and Linux will be better. People don't want to blame someone. They want to get their work done. If there are problems then they want to be able to call up people who can solve the thinks. I think as Linux gets more mainstream people will find someone around them who knows about it. There are already companies who can help them with their questions. At the end its been asked a lot, but have you ever called up MS support. I have seen a lot of support for Windows, and the only solution that there ever is reboot or reinstall. I think people will appreciate if the problem can be really cured. Also the freedom they get when they can choose their support company. If Compaq doesn't do a good job, call up IBM ;-). I think, it is on the desktop that monetory price becomes very crucial. For the Corporate desktop you maybe right but for the common user, monetory price is very important. And when we generally talk about desktop users we are mostly talking about the common user. For them anything, linux's cost effectiveness will matter a lot. When the price of the PC with Linux is $400 and with Windows you have to add another $100, I think that $100 will mean a lot. Of course this includes the disclaimer that Linux is not yet very feasible for the common user. But the time is not very far away, maybe another year maybe some more, when Linux will become very useable by the common user. BTW, there is a notepad app for linux, and MS notepad I think works through WINE on linux. Linux just needs time, -anand | ||
Date: Mon, 23 Aug 1999 19:29:53 -0700 From: John Gardiner Myers <jgmyers@netscape.com> To: letters@lwn.net Subject: ESR's 'Will You Be Cracked Next?' I am astounded by claims that Linux is "invulnerable to macro attacks" and "immune to viruses." They are simply false. GNU Emacs will, upon loading text files, execute elisp code embedded in certain ways; it is vulnerable to macro attacks. Unix viruses have existed since 1989, an excellent reference is http://www.cyber.com/papers/plausibility.html | ||
To: Matt.Wilkie@gov.yk.ca, letters@lwn.net Subject: re: Back Orifice Date: Mon, 23 Aug 1999 02:31:13 -0400 From: Piotr Mitros <pmitros@MIT.EDU> > Although Linux can laugh at Back Orifice itself, Linux is -not- > immune to a BO style of attack: a trojan wrapped inside an innocuous > program which the recipient/user does want to run. (rootkits > anyone?) Despite Eric's flair for unsubstantiated hype, he is correct here. The major hole demonstrated by Back Orifice is not merely the idea of a trojan horse. The real problem it is meant to show is that if any (non-administrative) account is compromised, the whole system is compromised. This means that if a secretary in some company is fooled into running a trojan program, the accounts of all future users to log in on that machine can automatically be compromised. By sticking a small program in their startup files, any other machines they log in on can be compromised. This can easily spread over a corporate network like wildfire. Windows 95/98 simply lacks a real security model. Windows NT has a security model, but most NT configurations that I've seen do not take advantage of it (configuring it with real security in place takes away a good deal of normal Windows functionality). On the other hand, with a properly maintained Linux system, if one account is compromised, only that single account is compromised. The danger is contained; a mistake made by single secretary on a network of 15,000 cannot bring down the entire network and compromise all of the information; the loss is limited to at most what that one user has access to. Root kits are not terribly relavent to this discussion. They should not effect a properly maintained system any more so than DOS attacks or remote root exploits do. Under Linux, bugs that allow root exploits tend to be fixed within a few hours of their discovery. Piotr | ||