[LWN Logo]

Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise news for all interests

 Main page
 Linux in the news
 Back page

Other stuff:
Contact us
Linux Stocks Page
Daily Updates

Recent features:
- Gaël Duval interview
- LinuxWorld
- Touchphone
- Linux Expo Paris
- Red Hat's IPO filing
- Eric Raymond interview
- Linux Expo '99
Review: Red Hat 6.0
- The Mindcraft Report
- BitKeeper - not quite open source
- Alan Cox interview
- 1998 Timeline

Here is the permanent site for this page.

Leading items and editorials

How free is BIND 8.2? It seems that the developers at Debian have reviewed the license restrictions in the BIND 8.2 release and found that the code implementing the RSA algorithm included from RSADSI (now Security Dynamics), known as DNSsafe, results in BIND no longer being compliant with the Debian Free Software Guidelines (DFSG). After an email discussion with David Conrad, Executive Director of the Internet Software Consortium which maintains BIND, we found that the DNSsafe license addition was not expected to be a significant problem. They had it reviewed by their lawyers and, because the RSA addition is used solely for authentication, the software is still freely exportable.

However, freely distributable and exportable is not necessarily the same as DFSG-compliant. Debian developers found several sections of the DNSsafe license restrictions that violated the DFSG. In particular:

The DNSsafe software cannot be used or distributed separately from the BIND software. You only have the right to use it or distribute it as a bundled, integrated product.
which violates several points of the DFSG, in that it restricts distribution of the software;
The DNSsafe software can ONLY be used to provide authentication for resource records in the Domain Name System, as specified in RFC 2065 and successors. You cannot modify the BIND software to use the DNSsafe software for other purposes, or to make its cryptographic functions available to end-users for other uses.
which violates the DFSG's "use" provisions; and
If you modify the DNSsafe software itself, you cannot modify its documented API, and you must grant RSA Data Security the right to use, modify, and distribute your modifications, including the right to use any patents or other intellectual property that your modifications depend upon.
which has several potential problems.

Essentially, though, the wording of the license is not the issue. As opposed to the rest of BIND, the DNSsafe code itself is simply not free software. Due to the US patent held by RSADSI (now Security Dynamics), any implementation of the RSA algorithm used in the US is subject to RSADSI's patent claim. The license makes it useable and redistributable for both commercial and non-commercial activities, but not part of the wealth of truly free software.

How should this be handled? Well, Debian developers apparently initially contacted ISC and got the impression that nothing could be done about the issue. However, when we passed on David Conrad's comments that creating a branch of BIND that did not contain the RSA code might still be an alternative, they were very interested. This sounds like the best possible solution to the problem, since Debian developers are willing to lose some functionality to keep the software they use totally free. Now we have to wait to see if such a code branch is technically feasible for ISC to create and maintain.

It is in all of our interests to have BIND, which is such an important piece of software for Linux within the Internet, remain both well-maintained and free, at least in some incarnation, without having to wait more than a year for the RSA patent to expire.

Tux loves SCO SCO strikes again. SCO may have been making friendly noises regarding Linux recently, but, according to this page on X/OS, they are up to the same old stuff in Europe. Here, X/OS dissects a bulletin sent out by SCO in Belgium, the Netherlands, and Luxemburg which attacks Linux in many ways. An interesting read. For example:

  • "Linux at this moment can be considered more a play thing for IT students rather than a serious operating system in which to place the functioning, security and future of a business. Because Linux is basically a free-for-all it means that no individual person/company is accountable should anything go wrong, plus there is no way to predict which way Linux will evolve."

  • "Currently there are over forty distributions of Linux competing with each other and as a result there is no single standard. Potentially, this means that software written for one system will not work on another. Therefore it makes more sense to buy a commercial operating system like UnixWare or OpenServer."
There is much more. One wonders why SCO is getting into the Linux services business if they feel so poorly about the system. Please see the X/OS page for a more complete discussion and rebuttal. You may also get the SCO bulletin, but be aware that it is a 2MB PDF file. (Found in NNL).

Red Hat's SEC-mandated silent period is now over. They immediately came out with a set of announcements, which are covered within this issue of LWN on the Distributions and Commerce pages.

LWN was able to get an interview with Red Hat's Donnie Barnes. The discussion wandered over such topics as what will be done with Red Hat's pot of money, how they view "value-added" derivative distributions like Linux-Mandrake, the community stock offering, and more.

Is Sun/StarOffice good for Linux? Bruce Perens raises concerns about StarOffice in this editorial. "Could Sun be building ammunition for its next war? StarOffice may also be an attempt to gain long-term control over the Linux desktop market. By releasing an almost-Open-Source office suite, Sun may be attempting to reduce the demand for an entirely-Open-Source office product."

This Week's LWN was brought to you by:

September 9, 1999


 Main page
 Linux in the news
 Back page

See also: last week's Security page.



Open Source is Critical to Security. We've made that statement, so have many others and we realize that we are preaching to the choir when we repeat it here. However, if you've been having difficulties convincing people around you, try using this week's discovery of a second encryption key in many versions of Microsoft Windows, named "_NSAKey". It was a hot topic in the press, which you can check out in these articles and commentaries: Real, technical details can be found on the Cryptonym site, where Andrew Fernandes first posted his discovery. Microsoft has issued a flat denial, which calls the second key a "backup" key, to be used in case the first key was no longer available.

For a relatively balanced reaction, check out this editorial from NTBugTraq editor Russ Cooper. While willing to accept Microsoft's response, he points out that the fact that the second key exists makes the system highly insecure.

In theory, you create your own CSP to replace Microsoft's supplied CSP (implementing whatever you wanted in it, say boosting 40-bit to 128-bit), modify the second key to one of your own, install your CSP over Microsoft's, and fire up any application that uses CryptoAPI. The signature will fail Microsoft's verification, pass yours, and everything should work as if you had a U.S./Canadian version.

Fortify for Windows NT (I'd sure love to see that implemented, anyone up for the challenge?)

It also means the encryption you use on your system could be compromised in the same fashion, assuming it relies on CryptoAPI (hasn't this been called for by the U.S. President's commission?).

Security through obscurity fails again. In an open-source model, the reasons for introducing a second key would be well-known and people would have pointed out the pitfalls in advance. From the information available, it seems likely that an unwise name was chosen for this particular key, causing a large furor. The end result, though, is that you will never be guaranteed that the software does not have a backdoor, using this mechanism or some other, without access to the source.

Lest open source be considered a panacea for all security problems, though, remember both the number of security bugs that continue to be found and fixed in open source software, such as those reported this week. It is good to have the source, it is good to find and fix bugs, but that is not always enough. For another take on the issue of trust, check out this article by Ken Thompson in 1995 [Thanks to Dave Stevens].

On the side of the conspiracy theorists, it is interesting to link up this week's disclosure with this Wired News article, first mentioned in our May 20th Security Summary, where a report to the European Parliament's Science and Technology Options Assessment Panel (STOA) mentions a possible backdoor in Lotus Notes and other software, introduced in cooperation with the NSA. Whether or not you believe the rumors of backdoors in commercial software, it appears that high level officials in Europe are certainly willing to give them credence.

Security Portal featured an article on Secure Linux Distributions this week. They give brief summaries of the work currently going on with kha0S, Secure Linux and Bastille Linux, talk about the differing goals of the distributions and happily mention that Secure Linux, based on Debian, and Bastille Linux, based on Red Hat, will be coordinating with each other.

Security Reports

ProFTPD. We mentioned last week that LinuxPPC, Red Hat and Yellow Dog Linux had released updates to ProFTPD. Those updates were prior to this week's announcement of ProFTPD 1.2.0pre5, which followed closely on the heels of 1.2.0pre4. Neither 2.1.0pre4, nor the patches posted to Bugtraq, fixed all of the recently reported security problems, so upgrading to 2.1.0pre5 is recommended. Expect to see yet another round of updates from distributors over the next week.

For the longer term, it seems the ProFTPD may have a rocky future. It has a new maintainer, which is fine, but there are apparently some concerns that the design of ProFTPD is such that securing it is not going to be an easy task. ProFTPD has such a rich feature set, though, that people are likely to take on the task anyway.

RH 6.0 shadow passwords. Under Red Hat 6.0, locking and then unlocking an account with the "passwd -l user" and "passwd -u user" commands can result in the addition of a control character to the end of the password field in the shadow password file. Red Hat has acknowledged the bug and Mihai Ibanescu has posted a patch for it.

Dynamic DNS is vulnerable. Although a note to this effect was posted this week to Bugtraq, it should be noted that Dynamic DNS is known to be inherently insecure and always has been. Solutions are underway, but not yet available. If you are concerned about security, avoid Dynamic DNS for the present.

Commercial software vulnerabilities. A problem was reported with the WatchGuard Firewall default configuration.


Updates for the INN vulnerability reported in last week's security section are available for: An additional update for the cron vulnerability reported in last week's security section, in addition to the ones we mentioned from Caldera, Debian, Red Hat and SuSE, came this week from Linux-Mandrake.

They also provided an update for the vulnerability in amd. See last week's issues for details on that.

Red Hat has announced an updated set of XFree86 packages for the 4.*, 5.* and 6.0 distributions. This update includes some security fixes, and should probably be applied.


Testing of Cisco's VLAN implementation was done by Dave Taylor and Steve Schupp, who made their findings available. Some comments on the findings may also be of interest.

Section Editor: Liz Coolbaugh

September 9, 1999

Secure Linux Projects
Bastille Linux
Khaos Linux
Secure Linux

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Debian Alerts
Red Hat Errata
SuSE Announcements

Miscellaneous Resources
Comp Sec News Daily
Linux Security Audit Project
Security Focus


 Main page
 Linux in the news
 Back page

See also: last week's Kernel page.

Kernel development

The current development kernel release is 2.3.17. Once again, this is a very large patch. There are a lot of driver changes, and one can see the first results of Alan Cox's attempts to clean up the SCSI code and make it somewhat more readable. Note that this isn't the long-awaited rewrite of the SCSI layer; it's just some cleaning up so that he can get on with trying to find some other problems...

The current stable kernel release is still 2.2.12. Some problems are still being reported with this kernel - in particular, there still appears to be a memory leak problem that tends to turn up on systems running inn. As of this writing, the developers are still trying to chase that one down.

Trouble with 2.2 - sort of. In the August 19 issue of LWN we reported that RAID 0.90 was being folded into the 2.2.12 kernel. A week later we had to update that report and note that the RAID patches had been pulled back out. Why? Too many people objected to such a large change - which requires new user tools - going into a stable kernel minor release.

Now it appears that the NFS server patches will suffer a similar fate. These patches, developed by H.J. Lu and others, are absolutely necessary for sites doing serious NFS service with Linux systems. Heterogeneous environments, in particular, frequently turn up problems with the stock 2.2 NFS server. The patches add no new functionality, they just make the server actually work. But they require recent versions of the user space tools.

Serious users of both RAID and NFS have been applying these patches by hand for as long as they have been using the 2.2 kernel. A number of distributions also ship versions of the kernel with the patches applied. The natives on linux-kernel are starting to get restless. These patches are considered necessary by many just to get a working system. Why do they not find their way into the mainstream kernel?

There seem to be a few problems here:

  • The 2.2 kernel shipped too early. Given just how long we all waited for that kernel, it may seem a bit strange to say that it should have taken longer. But the point is that 2.2 shipped with certain capabilities - such as NFS service - in an essentially nonworking state.

  • It did not help that NFS was without a maintainer for much of the 2.1 series.
Most importantly, at this point:

  • The Linux user community is increasingly intolerant of disruptive changes in the middle of a stable kernel series. Minor updates to a stable kernel are supposed to just work. Given the environment out there, where an occasional kernel security problem is bound to turn up and require fixing, this point of view can not be ignored. People who are using Linux systems to get real work done do not want to have to go through a disruptive upgrade just to close a hole.

It thus seems that stable kernels, increasingly, will have to remain truly stable. Even important changes get blocked out at minor release time.

So how does the kernel make progress in this environment? The recipe would seem to be more frequent major releases, each of which contains a rather smaller set of changes. If stable kernels are truly stable at (or shortly after) their release, and a new release is not more than two years away, people can calmly wait for larger changes to be integrated.

The 2.3 feature freeze, first promised for almost a month ago, still has not been announced. If a 2.4 release - which can contain working RAID and NFS implementations - is to happen before the end of the year, this freeze needs to happen soon. If it's not already too late.

Big memory and Raw I/O. LWN first reported on the "big memory patch," which allows Intel-based Linux systems to address up to 4GB of memory, back in the August 19 issue. This week Siemens and SuSE, the sponsors of that development, issued a press release announcing the patch and pointing out that it got included into 2.3.15.

There is a remaining loose end or two, however, with the big memory patch. In particular, it breaks Stephen Tweedie's raw I/O patch, which was also recently added to the development series. The raw I/O patch allows data to be transferred directly between user-space buffers and a device. There is an obvious performance gain in some situations, since a copy through the kernel's buffer cache can be avoided.

Just as important, however, is simply avoiding the cache altogether. Caching some kinds of data is wasteful, since there will not be another need for it. Rather than improving performance, caching of such transient data has only the effect of forcing out everything else, leading to a sluggish system. Anybody who has had to wait for the window system to respond after a large program build or file copy has seen this mechanism in action. Caching can also be a problem when disks are shared between more than one system.

Why is there trouble with raw I/O in particular? It seems that quite a few devices out there are unable to address high memory - memory above 2GB. Attempts to tell such devices to move data to or from high memory can result in total failure at best, and a corrupted system is a distinct possibility. The kernel is careful to keep its own buffers in lower memory so that this sort of problem does not arise. But raw I/O uses user-space buffers, which can end up anywhere. For this reason, the big memory patch currently disallows any sort of raw I/O to high memory.

The solution in this case appears to be "bounce buffers." A bounce buffer is a kernel-space buffer which lives in low memory. When I/O is requested to a high memory page, and the device can not handle it, an intermediate copy is made via the bounce buffer. This technique defeats the "zero copy" aspect of raw I/O, but preserves the other advantages. It can also be implemented so that bounce buffers are only used when they are truly needed. A proper implementation with bounce buffers should not only solve the raw I/O problem, but it should also allow the page cache to exist in high memory.

Finally, when the day arrives that more than 4GB of memory can be supported, bounce buffers will become even more necessary. A lot of PCI devices out there do not handle 64-bit addressing and will need help at that point, even if they currently work with high memory. (Thanks to Stephen Tweedie, whose linux-kernel messages were ruthlessly plundered for this article).

A few other patches and updates released this week:

  • Mikael Pettersson released version 0.6 of his performance monitoring counters patch; this version includes support for the AMD Athlon processor.

  • Devfs v120 was released by Richard Gooch.

  • David Skingsley released a Kallisto GPS card driver.

Section Editor: Jon Corbet

September 9, 1999

For other kernel news, see:


 Main page
 Linux in the news
 Back page

See also: last week's Distributions page.


Please note that security updates from the various distributions are covered in the security section.


Caldera OpenLinux 2.3 is now available. There is also an upgrade version for those who bought earlier versions of the distribution. Those interested in what is new with this release may want to look at Caldera's 2.2 and 2.3 comparison page.

As might be expected, since the Lizard installation program was first introduced with 2.2, a lot of improvements to it come with 2.3. They promise auto-detection of almost every video card and many sound cards as well. Untended installations are also now supported. RAID support and Wine, for running Windows binaries, have been added to the base system.

The Lizard installer is now available for download, according to this announcement. Interestingly, they have chosen Troll Tech's QPL as the license for this software.


Bill Henning has added Debian 2.1 to his distribution comparison article at CPUReview.

What needs doing before the freeze for Debian 2.2? Chris Lawrence, with some assistance from Martin "Joey" Schulze, discusses the major issues, outlining 10 goals for the latest release at the same time. His outlook is optimistic: "We're not in anywhere near as bad shape as when slink froze... we have working CD scripts, boot-floppies that sorta-work. We even have console-apt for the people who hate dselect. What's not to love? :-)"

GnuPG is coming. GnuPG is a free implementation of the OpenPG standard. Now that GnuPG 1.0 has been released, expect Debian to move quickly to using it for handling developer signatures. The use of PGP, non-free software, for this purpose has been a problem for developers outside the United States. In addition, of course, it has been irritating to Debian developers to have to use non-free software for such a critical function ...

A volunteer is needed to put together the release notes for the next version of Debian. Bob Hilliard posted a note indicating that he won't be able to do them this time around and asking for help.

For more Debian News, check out the Debian Weekly News for September 7th.


MandrakeSoft announces the opening of two Chinese offices, in Shanghai and Beijing. These offices, and some associated partnerships, will work toward the creation and distribution of a Chinese version of the Linux-Mandrake distribution. "MandrakeSoft's strategy offers multi-lingual Linux-Mandrake and positions it to become the global Linux company."

Red Hat

Announcing...Lorax. Lorax is the latest beta release out of Red Hat, that which will, presumably, become 6.1. Included is a bunch of stuff, including their new installer, a 2.2.12 kernel, LDAP authentication, and lots of other stuff. The announcement is full of warnings about its beta nature, so don't throw it on your critical servers right away...

LWN labs tried to install Lorax on one of our sacrificial machines. The following should be regarded as a set of first impressions rather than a proper review...

  • The Lorax announcement makes a big deal of the "Anaconda" installer. Those expecting something new and different will be disappointed, however; it's the same old Red Hat installation process with a few tweaks. One would think they could at least come up with a less gaudy color scheme... [Update: it turns out that Anaconda hides from FTP installs. We'll do another test soon in a mode that Anaconda likes; watch this space for more].

  • An FTP install from a local server was performed. The installation, despite lots of nice autodetection later on, still requires that the network card be explicitly identified for network installs.

  • For the canned configurations, there are now "GNOME workstation" and "KDE workstation" options.

  • Fdisk is gone - the installation throws the user, willing or not, directly into DiskDruid. "Expert mode" might still provide fdisk - we did not check.

  • The installer presses you to create at least one user account at installation time, though it appears to be happy if you bypass it. Pushing new users toward using a nonpriveleged account is a good thing, but people integrating Red Hat systems into existing networks will typically have no use for this step.

  • There's a few new packages. We noticed things like cdrecord, freetype, gsl, heartbeat, jikes, the Padl LDAP modules for PAM and NSS, a bunch of PostgreSQL add-ons, xmms, and others. The other thing we noticed: the F1 option to get a package description during the selection process appears not to work.

  • All of the questions are now asked before the package installation begins.

We would love to talk about how the system worked after installation. Alas, the install process put up a Python error about halfway through the package installation and quit. As, perhaps, a bit of deliberate whimsy, it printed "It is now safe to turn off your computer" on its way down.

Our summary: Lorax appears to be a minor upgrade to the 6.0 release; there is little in the way of breathtaking new features. Which is proper, after all, for a minor release. Once the rough edges are smoothed down, it should be a suitable successor to 6.0.


Progress is continuing on the next version of Slackware, based on the now available Changelog. Conversion of software to handle the Linux 2.2.12 kernel seems to be the primary focus this week. Note, in the trivia area, that although the current version of Slackware is 4.0, the next release will be numbered 6.X. In fact, 6.1 beta was released on Monday. Version 5.0 was apparently a development version that will never be released.


The ftp version of SuSE 6.2 has been announced. Mirror sites for downloading the distribution are also listed, though a quick check of the mirror sites indicates that the listing is not entirely up-to-date and 6.2 is not yet available on all the mirror sites.

Yellow Dog

Yellow Dog Linux has released an update to PAM and passwd which fix a problem with MD5 passwords. This problem apparently only affects big-endian systems (and thus not Intel systems), and is not a security problem.

Section Editor: Liz Coolbaugh

September 9, 1999

Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.

Lists of Distributions
Woven Goods
Known Distributions:
Bad Penguin Linux
Bastille Linux
Best Linux (Finnish/Swedish)
Black Cat Linux (Ukrainian/Russian)
Caldera OpenLinux
Chinese Linux Extension
Complete Linux
Conectiva Linux (Brazilian)
Debian GNU/Linux
Definite Linux
Eridani Star System
Eonova Linux
e-smith server and gateway
Eurielec Linux (Spanish)
eXecutive Linux
Green Frog Linux
Hard Hat Linux
Kha0s Linux
Linux Cyrillic Edition
Linux-Kheops (French)
Linux MLD (Japanese)
LinuxPPP (Mexican)
Linux Pro Plus
Linux Router Project
nanoLinux II
NoMad Linux
Peanut Linux
Plamo Linux
Project Ballantain
PROSA Debian GNU/Linux
Red Hat
Rock Linux
Small Linux
Storm Linux
Vine Linux
Yellow Dog Linux


 Main page
 Linux in the news
 Back page

See also: last week's Development page.

Development tools


The homepage for Guile has moved to http://www.gnu.org/software/guile/guile.html. Guile 1.3 is still the most recent version, with 1.3.2 due out "soon" (but the page hasn't been updated since July). A lot of work is apparently currently going into the Guile documentation.


Carefully scanning of the blackdown.org pages indicated that the Java 2: JCK status page was updated yesterday. Determining how it changed was harder, though it appears that they marked at least one change in red. Previous, the JCK tests were being run only on green threads with the JIT turned off. Now they are being run on both green and native threads, still with the JIT turned off. that indicates a lot more than it seems. Some very good progress with threads under Java 2 must have been made over the past couple of months.

In fact, the Java 2: Port Status page confirms this.

Big news! We've made significant progress with the problems plaguing the native threads implementation. Some core parts of the native threads library have been reimplemented to better utilize Linux threads. We also believe we have discovered why interrupts were being "lost", and understand how to work around the problems.
Perhaps, with a bit of luck, this was the logjam that was holding up the project and we'll start to see more results in the near future.

Java Advanged Imaging for Linux moved forward a step. The Blackdown team has been licensed for access to the source code and a first pass at the port has been done. It will be made available for downloading as soon as it validates properly.

A Native-Code JDK1.2 Profiler has been announced.


Coy - like Carp, only Prettier was the title of Damian Conway's talk on his coy.pm module at the Perl conference. He's made his talk available for review. It's definitely worth reviewing, even for people uninterested in perl!

Perl.com is requesting Monterey trip reports, to add to those they already have. They also ran a story on the conference, by Brent Michalski.


This week's Python-URL!, from David Ascher, takes a look at XML issues, Turing completeness and other light topics.

The Front Range Pythoneers is a new Python User Group starting up in Northern Colorado. Check out their announcement for directions to the first meeting.

A Python class for dealing with RPM files was announced by Morten Kjeldgaard. It should be useful for any of a number of system administration tasks.


Tcl URL! for September 6th contains a pointer to a long thread on Tcl and Perl, which it mentions was both informative and constructive, which was nice to hear. Also included are pointers to the Tcl conference keynote, a comparison of Python and Tcl and a pointer to the 7th USENIX Tcl/Tk Conference, which will be held in February of 2000, in Austin, Texas.

Section Editor: Liz Coolbaugh

September 9, 1999



Development projects


GnuPG 1.0 has finally been released. GnuPG is a GPL implementation of the OpenPG standard. Most importantly, its release provides a free alternative to commercial PGP software.


This week's Gnome Summary mentions that the new Gnome News Site has made his weekly summary almost superfluous. However, many people will still appreciate getting a "Week at a Glance" type view of the Gnome development, in addition to the minute-by-minute updates provided on the news site.

In particular, this week's issue talks a bit about the Sawmill window manager, a candidate for "coolest" Bonobo component, along with the weekly wrapup on commits and software releases.

GNOME Configuration Files is the title of a new whitepaper in development by Miguel de Icaza. It talks about the configuration files behind Gnome, where to find them and what to do with them.


Harmony lives! Harmony, remember, was the effort to build a replacement for the Qt libraries under the GPL; it essentially faded away when Troll Tech changed the Qt license. But Adam Richter still hasn't given up; here's an update he just posted to the Harmony list regarding a new snapshot that has been made available. People are still developing on this code; it may yet achieve its goal.

High Availability

Packet authentication for heartbeat was a topic discussed off-list by several people, with the results summarized by Alan Robertson back to the linux-ha list. It drew some discussion, but the overall reactions seems to be favorable.

Also popping up this week was the issue of FHS compatibility for the heartbeat code. Alan has outlined plans for bringing the software into compliance and asked for comments.


Geoff Hutchison wrote in with a development update for ht://Dig, the web indexing and search system. With several outstanding bugfixes, there will be a 3.1.3 release for all production servers in the next few days. In the meantime, work is reaching completion on the first beta release of 3.2.0. In the last two weeks, the database formats have stabilized, and full phrase searching is supported in the latest snapshot. At this point, the last major hurdle to the 3.2.0b1 release is a cleanup of the connection and transport code.

On a related topic, Geoff also talked a bit about plans for adding support for multibyte characters. Check out his message for more details.


Here's this week's KDE summary by Navindra Umanee.


Version 1.2.1 of the Midgard web application platform has been released.

This week's Midgard Weekly Summary covers a lot of future development plans for Midgard.


The current development snapshot of Mozilla is M9, which was released on August 26th. Although originally it was hoped that there would only be 9 or 10 snapshots before their first beta, browsing through the Mozilla.org status and newsbot pages indicates that probably M13 will be the last snapshot before the beta is released. Chris Hofmann commented several times in his posting, "The key thing to do for beta is make the bug system reflect reality, and then drive the bug list to zero."


The Wine Weekly News for September 7th is out.


Amos Latteier is back and his Zope Weekly News focuses this week on how to understand and put to use all the cool new stuff in Zope 2. Remember, Zope is a free, Open Source application server and portal toolkit used for building high-performance, dynamic web sites.

Section Editor: Liz Coolbaugh

Project Links
High Availability
More Information

 Main page
 Linux in the news
 Back page

See also: last week's Commerce page.

Linux and business

What is Red Hat up to now that their silent period is over? Here's a few of the things they tossed out this week for starters:
  • Gateway has become the latest mainstream PC vendor to offer pre-installed Linux systems. Their systems come with, of course, Red Hat, for a $229 fee. So far, only the "ALR" server series is available with Linux. Press releases on this subject were put out by both Red Hat and Gateway.

  • The opening of the Japanese office has been announced. It will be headed up by Masanobu Hirano, who previously was the leader of Hyperion Japan, a proprietary software firm. A Japanese version of Red Hat 6.0 is due out from this office in October (distinct, now, from the Laser5 distribution which comes out next week).

  • An announcement has been made that the Burlington Coat Factory will be purchasing support from Red Hat for all of their in-store systems. Burlington has stated in the past that it had no need for support contracts; the question is thus raised: what changed? Since the terms of the support agreement are not public, we may never know.

  • V-One announced an "Internet Extranet Server" product which is essentially Red Hat Linux with a set of added virtual private network software.

Red Hat's stock price promptly headed for the sky, peaking at over $135 per share on Wednesday, September 8 before falling back somewhat. Investors clearly think Red Hat is going somewhere.

Red Hat also announced "Lorax," a beta version of the 6.1 release. Lorax is covered on the Distributions page.

Cosource.com racks up first success. Cosource.com has announced the completion of its first sponsored open source development project - an enhancement to the XFCE desktop environment. The work is done, the developer has been paid, and Cosource has a proof - even if small - of its business concept.

Press Releases:

    Hardware and Software Products:

  • Caldera Systems announced that their "Lizard" installer is now available for download. Interestingly, they have chosen Troll Tech's QPL as the license for this software.

  • Knox Software and Cobalt Networks announced the availability of Arkeia software for Cobalt RaQ and Qube family of products.

  • Mylex Corporation announced that VA Linux Systems has incorporated Mylex RAID controllers into its entire line of Linux servers.

  • RiverSoft announced a new release of its OpenRiver network management product. Version 2.2 of OpenRiver will include Linux support.

  • Sangoma has several announcements including PCI based S514 Card availability, WANPIPE versions 2.06 and 2.07 for Linux 2.2.x, and more.

  • Tech Soft America announced the availability of its "Hoops 3D Application Framework" for Linux. As part of the port, the framework has been integrated with the Qt toolkit.

  • Total Impact announced that it will integrate its TotalMP technology with IBMs PowerPC Open Platform (POP) motherboard to form a PowerPC based Linux system.

    Other Stuff:

  • GBdirect announces more updates to their Training Pages web site.

  • Right Now Technologies announced Right Now Web 3.0. Right Now Web is used by Caldera Systems to manage technical support.

Section Editor: Jon Corbet.

September 9, 1999


 Main page
 Linux in the news
 Back page

See also: last week's Linux in the news page.

Linux in the news

Recommended Reading:

PC World has run a lengthy article about PC operating systems; included therein is a substantial section on Linux. It has problems in spots (it says, for example, that you essentially can not order a computer with Linux installed), but covers a lot of ground. "As Windows users, we were dumbstruck by OpenLinux's reliability: In a month of use, we experienced only two application crashes, neither of which brought the operating system down. In fact, we never had to reboot the OS."

Robert X. Cringely rides again with Why Microsoft and Intel both lost ground this week to the open source movement. The article, examines the acquisition of StarDivision and the end of Windows NT on the Alpha processor. "Compaq will still be using the chips in their Tandem Himalaya servers. Samsung is also designing Alpha motherboards that fit PC models. What's more, the AMD Athlon chip runs on the Alpha EV6 processor bus, allowing the potential reappearance of Alphas in mass-market CPU boards. But what operating system will nearly all of these Compaq and third party machines be running? Thanks to Microsoft this week, nearly all of them will run Linux." (Thanks to Larry Davison).

Sun and StarOffice:

The Economist covers Sun's plans with StarDivision. "By acquiring Star Division, founded in 1985 by Marco Borries, then aged 16, Sun is taking direct aim at Microsoft's Office, which includes word processors and spreadsheets. This cash cow, which generates about 40% of Microsoft's revenues, is now threatened by Sun's promise to give away Star Division's much-admired competing product, StarOffice, which can work alongside Microsoft applications and also runs on Linux and Sun's own Solaris operating system."

Nicholas Petreley looks at Sun and StarOffice in this InfoWorld editorial. "But I am actually quite ambivalent about the possibility that Sun could cause irreparable damage to Microsoft Office as a product. I happen to prefer StarOffice 5.1 to Microsoft Office 2000, but I don't want to see innovation in the office-suite market grind to a halt the way it did in the browser market. Notice how Netscape's browser has stagnated ever since it stopped making the company any real money. Microsoft hasn't done much with IE, either, at least not since it came close to feature parity with Netscape Communicator."

allNetDevices sees big things in Sun's plans for StarOffice. "Our prediction: StarOffice will spur growth of handhelds and thin clients and will become the leading application suite for those devices. That, in turn, will lead to erosion of Microsoft Office's market share on the desktop." (Found in OS News).

Red Hat:

Here's a Reuters article about the latest craziness with Red Hat's stock price. "In addition, influential Wall Street brokerage Goldman Sachs initiated coverage of Red Hat with a market outperformer rating, saying it was well-positioned as Linux open source software becomes mainstream, and that its share price wasbenefiting from a scarcity of opportunities to otherwise invest in Linux."

News.com reports on the billionaires of Red Hat. "Red Hat founder and chief technical officer Marc Ewing, age 30, owns 9.088 million shares in the company, while CEO Robert Young owns 9.081 million shares. At $108 per share, Ewing holds Red Hat stock worth $981 million while Young holds a stake worth approximately $980 million. Should the stock hit $110.11, both will be billionaires."

AsiaBizTech reports on Red Hat's Japanese office. "The company is proceeding with the work of converting the latest version of Red Hat Linux6.0 into Japanese, and is expected to put it on the market in October 1999, at the latest. It says that it will provide a free-of-charge upgrade service to the Japanese version of Red Hat Linux6.0 for users of the Japanese version of redhat Linux5.2, which has been available from Itsutsubashi Research Co., Ltd."

News.com interviews Red Hat's Marc Ewing. "Any time you're sort of slacking off or saying you're thinking of taking a day off our president says, 'You know, I'll bet Bill Gates is working today.'" (Thanks to Alberto Schiavon).

Also in News.com: this article about the deal with Gateway and the new Japanese office. "Red Hat's decision to set up its own international office is a change of direction for the company, which previously had partnered with Itsutsubshi Research to develop and market Red Hat Linux for Japan. 'They had asked for more money than we wanted to pay,' said Red Hat spokeswoman Melissa London. 'We wanted to work together but realized wasn't going to work out. They wanted huge amounts of money.'" (See also last week's LWN for more info on the Japan office and Itsutsubshi Research).

TechWeb covers Bob Young's talk to the New York Linux Users Group. "'We feel sympathy for Microsoft.... Because of our visibility, the volume of support requests are going up.'"

Sm@rt Reseller ran this article about the Red Hat trademark blowup. "While new gray-market distributors of commercial Linux binaries can be expected to complain loudly about this re-enforcement of Red Hat's trademark and products, the development is music to the ears of official Linux resellers."

Joe Brockmeier of the Linux Mall sounds off on the coverage of the Red Hat trademark issue. "I don't think that the press has really been reporting the truth, here. Red Hat's policy isn't new, but every story makes out like it has only been this way since Red Hat went public."


EE Times looks at Nokia's new mobile TV/Internet product. "Nokia's MediaScreen, with an embedded computer running the Linux operating system and a GSM phone used as a return channel, was shown in action as both a portable device within a booth and as a mobile unit installed in a car that could be seen cruising the IFA exhibition halls."

Some motherboard manufacturers are considering more direct support for Linux, according to this Computer Reseller News article. "Elitegroup Computer Systems Inc., Fremont, Calif., plans this summer to unveil a low-cost Linux PC system featuring a motherboard integrated with software and hardware specifically for use with Linux."

Other Business:

General Motors is considering putting Linux into 7,500 dealerships, according to this ComputerWorld article. "David E. Hutka, operations manager of GM Access, the dealership network, told Computerworld senior writer David Orenstein that the automaker is considering a move from Windows to Linux only because of how much the Microsoft Corp. operating system taxes server hardware."

Linux in a three-piece suit is a lengthy set of business case studies in ComputerWorld. "Like any integrated oil company, Amerada Hess Corp. lives and dies by the quality of its seismographic analysis. Its proprietary 3-D analysis software used to run on expensive AIX-based, IBM RS/6000 SP2 computers in the company's Houston offices. Now it runs on Linux, installed on 96 network-clustered Dell Computer Corp. workstation Model 410 machines."

This brief IT-Director.com article suggests that HP may be about to drop HPUX and fully adopt Linux. "The proposition is simply this: at the moment Linux lacks a number of scalability functions. It scales in the sense that it has been implemented on configurations with 32 nodes and more, but such implementations are far from fully tailored and tuned. The question then is; who is going to step forward and try and fill this gap and, more importantly, will it be Hewlett-Packard?" (Found in NNL).

Linux makes inroads into Windows/Unix territory says the Australian Financial Review. "Office products supplier Corporate Express, for instance, uses Linux for its e-commerce and EDI operations, while TAB Queensland runs Linux on 1,000 computers for branch communications and in its phone-betting call centres."

Linuxcare isn't in a hurry to do its IPO, according to this News.com article. "Instead, [CEO] Sarrat is busy signing Linux-support contracts so the company has a solid revenue stream before launching an IPO. Linuxcare, which provides technical support and training for Linux, is raising enough in corporate investments 'to have enough flexibility to pick our IPO time whenever we want next year,' he said. What's going on here--sober, rational thought in the midst the hype that surrounds Linux?"

Here's a Reuters article (in TechWeb) about Corel's stock price (yet again). "Owned largely by retail investors, the stock can rise or fall based on gossip circulating in chat rooms. Interest in Linux will continue to have an impact as investors learn more about the technology's market potential."

Will Linux replace Windows? asks the Philidelphia Inquirer in this introductory article. "For some area companies, it already has." (Thanks to Dave Lugo).

Reviews and Comparisons:

Here's a News.com article comparing Caldera Systems and Red Hat. "Caldera and Red Hat may be similar in some ways, but their product focus is different. Where Caldera has chosen to focus on relatively unsophisticated users, Red Hat sees big opportunity in expanding into ever more powerful servers. That could change in coming months, with the release of a new version of Caldera Systems' Linux aimed specifically at servers."

Salon Magazine looks at the pains of installing Linux on laptop systems. "It's just no fun to buy a new IBM Thinkpad and then discover that no matter how good a hacker you are, you simply can't get the built-in modem to work with Linux."

PC World provides a set of second steps with Red Hat Linux - things to do after the installation. "Unlike a certain operating system out of Redmond, Washington, Linux offers a remarkably stable and secure platform. Unfortunately, any computer connected to the Internet will--at some point--attract trespassers. And a standard Red Hat installation provides online thugs with plenty of ways to hack into your system."

AboutLinux looks at the effects of optimization settings on AMD Athlon performance. "...by following the optimization settings shown in the article, you can get up to 73% improvement on some types of code."

OS Opinion Editorials:


Here's a CNN article remarking on the lack of glitz at Linus Torvalds' LinuxWorld keynote. "The truth is, of course, that the Silicon Valley style wouldn't suit Linux any more than a tie-dye T-shirt would suit Oracle style magnate Larry Ellison. In fact, such glitzy launches and buzzword-infested speeches are the antithesis of everything Linux has come to represent -- namely, grassroots software developers making products for the community, not profit."

The Boston Globe casts doubt on the future of Linux by comparing it to Java and quoting a lot of Microsoft executives. "Plainly there's no need to mourn for Java's fate. But its success as a sort of welding tool for computer networks is a long way from the early visions of Java partisans. Talk to Microsoft executives and they'll tell you that a similar fate awaits Linux. Charles Fitzgerald, director of business development in Microsoft's software development unit, says the Linux hype has already peaked." (Found in Slashdot).

Section Editor: Rebecca Sobol

September 9, 1999


 Main page
 Linux in the news
 Back page

See also: last week's Announcements page.



The September Linux Gazette is out. It contains, among many other interesting articles, Mike Orr's first Linux Humor column. Although the two jokes there have been floating around for a while, it is nice to have them properly recorded for posterity. If you have more material in that vein, consider sending it his way.


The 1999 Pluto Meeting will be September 24-25, in Padova, Italy. Kernel Hacker Andrea Arcangeli will be speaking. Pluto is one of the older Linux user groups, dating back to 1992. Please see the announcement (in both Italian and English) for details.

OSDI 2000, the fourth Symposium on Operating System Design and Implementation, will be held in October of 2000 in San Diego.

Miranda Page Tiemann, daughter of Cygnus founder Michael Tiemann, was born on August 29. Congratulations!

User Group News

Hey Luggers! Linux.com is looking for you! The LUG project at Linux.com is looking for able bodies to perform various tasks for the LUG community. Linux.com is looking for LUG representatives reponsible for representing all LUGs in a state, area, or country. They also have positions available to volunteer time to support LUG resources, projects, and more. For more information, visit their website or email Kara Pritchard.

USCLUG Fall Semester InstallFest Details:
When: 1999-09-09, 11am-5pm
Where: TSC-206, University Park Campus Los Angeles
URL: sclug.usc.edu/installfest.html

September 9, 1999



Software Announcements

Package Version Description
4DOM 0.8.0 A CORBA-aware implementation of the W3C's Document Object Model in Python
AbiWord 0.7.5 Fully featured word processor
afbackup 3.2.3 Client-server backup system
Aglaophone 090299 System for real-time audio processing and analysis
aimirc 0.16 AOL Instant Messenger to Internet Relay Chat gateway
AlsaPlayer 0.99.27 PCM (audio) player for Linux/ALSA
Anachronism 0.5 RTS strategy
analog 3.32 WWW logfile analysis program
anpa 1.0 ANPA newswire digester
apsfilter 5.1.3 Intelligent line printer input filter
Artistic Style 1.11.1 Indentation and reformatting filters for C, C++, Java
asDrinks 1.9.2 News headlines from nerd/UNIX type sites in your AfterStep startmenu
asfatm 0.39a Hardware monitoring wharf/dock app
aspbm 1.1 AfterStep Phone bill monitor
auth_ldap 1.4.0 LDAP authentication for Apache
autoinst 1.0.1 RedHat RPM Autoinstaller plugin for Netscape
autorun 2.3 CDROM mounter for beginners and lazy users
bbjd 1.0.2 Interactive strategy tables
bdist 0.8.7 Build distribution file containing all relevant files in a programming project
Blackbox 0.51.2 WindowManager for X11 written in C++
Broadcast2000 beta 2 Non linear audio and video editor
Bzflag 1.7c 3D multiplayer tank battle game
casting 1.0 Shoutcast launcher plugin for netscape
cdctl 0.14-devel Controls your CD-ROM drive under linux.
CDR-Toaster 1.02 Tk frontend for cd-burning. Uses mkisofs and cdrecord
cdrecord 1.8a26 Allows the creation of both audio and data CDs
CGI Tool Box 0.2.4 CGI Library
CGIWrap 3.6.4 Wrapper for securely allowing all users to use CGI scripts
CIS 0.1 A Web-application System used to
Cistron Radius Server 1.6.0 Free Radius Server with many features
cman 1.6i Rolodex, contact manager, non-gui (ncurses version)
code2html 0.8.4 Converts a program's source code to syntax highlighted HTML
ColdStore 990904 gigabyte-scale persistent object store
Common UNIX Printing System 1.0b9 Internet Printing System for UNIX
Cook 2.10 A tool for constructing files, and maintainingreferential integrity between fil
dbMetrix 0.1.9 GUI Database Tool
DB_Browser 1.3b1 Web-based utility to browse and modify a postgres database
DejaSearch 1.65 DejaSearch is a frontend to DejaNews, the leading Usenet archive
dfm 0.99.4 Filemanager like OS/2 WPS
divine 0.5.1 automatic IP configuration detection for laptops
DLDialog 1.2.2 Displays dialog boxes in terminal and X11 mode to interact with scripts
Download Area 1.1 Pack of CGI scripts that makes specific
Downloader for X Downloads files from the Internet via both FTP and HTTP
DPS-FTP 0.5.0 Bulletproof-like ftp client
Dr Geo 0.8.3 Interactive Geometry
EasyStat 2.1 EasyStat is a statistical application for web pages.
ELKS 0.0.79 A subset of the Linux kernel that runs in 8086 real mode and 286 protected mode
Empire 4.2.6 Complex internet multi-player real-time wargame.
Entity 0.3.2 Allows you to use XML and Perl to build graphical user interfaces.
Epeios 19990907 Collection of general purposes C++ libraries working under UNIX and Windows.
EPIpage3 0.2 page3.com women download perl script
Etherboot 4.2.7 Source code for making TCP/IP boot ROMs to boot Linux and other OSes
eThreads 1.1 Highly customizable database driven forum software
Euphoria Programming Language 2.2 Simple, flexible, powerful programming language for Linux, DOS and Windows
Eview 1.2 Viewer for embroiding file formats
Evolutionware Beta 1 Web-based ISP/ASP Management Tool
eXtace 1.2.0 ESD FFT visual plugin, eye-candy
EzRPM 1.2 RPM dependency checker and installer
fetchnews 0.3 'fetchmail' for NNTP protocols
Flash 4 Plugin for Netscape 4.0r12 Flash 4 plugin for Netscape
freeLoop 0.2 Create/modifies (drum-) loops
FreeSpeech 0.0.1 Speech Recognition
freshmeat.php3 2.0 Retrieves the latest freshmeat news for a webpage
fryit 0.3.7 Graphical frontend for cdrecord.
Funbot 1.0.0 Modular Perl bot for IRC
G-BOOK DeLUXE 1.4 PERL Based guestbook CGI
Gaby 1.9.10 A small personal databases manager using GTK+
GAG 2.1 A graphical boot manager, with a lot of interesting features.
Galway 0.23 Guile-gtk HTML Editor
GCO 0.1 Comic book database
gcombust 0.1.21 gtk+ frontend for mkisofs and cdrecord
gd 1.6.3 A library used to create PNG images
gdcd 0.0.2 GTK CD player with Cover Art Index and CDDB support
Genes 0.0 Personal genealogy database
GeneWeb 2.06 A combo web interface and genealogy program combined on steroids
Genius 0.4.6 An arbitrary precision integer and multiple precision floatingpoint calculator
gentoo 0.11.9 Two-pane filemanager using GTK+, 100% GUI configurable
Getleft 0.6.3 Tcl/Tk site grabber powered by Curl
gFTP 2.0.4 A multithreaded ftp client for X Windows
GIP 0.3 Make installation/uninstallation easier
Giram 0.1.2 Giram is a modeller, written in GTK+
GMMF 0.04 Godot's Modular Firewall
Gmurf 0.5.1-pre2 A wave audio processor for Linux to mix and edit waves.
Gnome Display Manager 2.0 Beta 2 Gnome version of the X Display Manager (xdm)
Gnome Toaster 1999-09-04 create CDRs the easy way with Gnome/Gtk
GNU C library 2.1.2 The GNU C library is used as the C library in the GNU system
GNU Maverik 5.2 Free Virtual Reality system for GNU/Linux PCs and Silicon Graphics workstations
GNU Pth 1.1.5 GNU Portable Threads
GNU shtool 1.4.6 Shell Script Collection
GOB 0.90.2 Preprocessor for building GTK+ Object
GOFAI-WMT Organize your free format information into a semantic network structure.
Gone 19990905 Newsreader for the Gnome Desktop Environment
GPeriodic 1.2.6 Periodic Table Reference and Browser
GProc 0.3.0 Managing process from the Gnome panel
gPS 0.3.4 GTK-based process status reporting like ps, top and task manager
Groovy Java Filesystem 1.0 A Java minifilesystem for records storage
Gsh 0.1.3 Shell with an integrated terminal window.
Gtk See 0.4.0 An image viewer based on the X-Window system and GTK+
GTK+XFce 3.1.0 Easy-to-use and easy-to-configure environment for X11
gtk-engines-extra 0.5 Extra themes and engines for GTK toolkit
GTK-J 0.1 Gtk Bindings for Java
gtml 3.5.1 An HTML pre-processor specially designed for maintaining web sites.
gx10 0.4.1 X10 controller
GXAnim 0.40 GTK+ front end for Xanim movie player
gxsnmp 0.0.13 snmp managment frontend
HarnMaker 0.1.3 A character generator for the HarnMaster role playing game.
HSX 3.00b Hotline Server clone for Unix
Hypermail 2 alpha 24 Mail(box) to HTML converter with threads and MIME support.
IBM International Classes for Unicode for C/C++ 1.2.4 IBM Classes for Unicode (ICU) enable you to write fully cross-platform programs
IntraSite 1.0.2 Intranet Website with news, search, etc.
Intrasite DialUp Firewall 1.0.0 An easy to configure DialUp Firewall script with transparent proxy support etc.
Ishmail 1.3.4 Very powerful GUI e-mail tool
jCIFS 0.0 Implementation of SMB/CIFS in Java
jmake 1.04 jmake is a tool for software developers that like to write code, not makefiles.
jonama 1.1.4 SSL proxy
jPOS 1.0pre1 100% java ISO-8583/ANSI X9.2 implementation
jukebox 0.9 Jukebox for mp3-files with html-interface and playerdaemon
karma 0.5.0 Oracle Database Monitor
kdesu 0.98 A KDE front end to the UNIX su(1) command.
kernel-alert 0.2 Perl script to send e-mail as new kernels become available.
Kife 0.2.1 Frontend for Kinstall data base
King of the Hill 0.7.6 Full client/server multiplayer artillery game in the scorched earth tradition
Kinstall 0.4.1 Program installator from source
KLILO 0.2.1 GUI to configure the lilo bootmanager
kmc_utils 0.3.2 Control and grab images from a Kodak Motion Corder high speed camera.
kmp_mysql 1.1.5 MySql plugin for KMySql
KMySQL 1.1.9 A MySql client for KDE.
KShell 0.2 Wrapper to shell that restricts hosts, ttys, multiple logins and more.
KWebSearch 1.0 KDE Web Search Engine Frontend
kwintv 0.7.4 Watch TV in a window on your PC screen
LANdb 0.6 Provides network managers with a means of cataloging network connections.
LCL 19990904 The LinuxClassLibrary
libglade 0.5 XML-based runtime user interface loader for GNOME
libmcal 0.4 Modular Calendar Library
liboop 0.4 Low-level event loop dispatcher.
libptb 0.0.3 Library to develop apps with user customizable toolbars and menus
Libra 0.1.1 Ada '95 Data Structures and Networking Library
LinPyro 0.22 A pyromaniacs game for Linux.
LinuxTaRT 2.51 Feature-rich email signature generator
Login Page System 2.2 CGI scripts that allow to place WWW behind user identification system
mail2sms 0.32 Convert a mail to a short message
masqidentd 1.1.1 Ident daemon for Linux systems that use IP Masquerade
MasqMail 0.0.1 Offline Mail Transfer Agent
Matt's MP3 Selector 0.8 Ncurses based mpg123 frontend
matterial 19990905 Non-linear production system
Mcal 0.2 libmcal powered unix cal replacement
mcal-drivers 0.2 Calendar drivers for libmcal
Memchan 2.0 In-Memory channels for Tcl
memtest86 2.0a Find bad RAM chips
Metaverse 0.2 Free Multiplatform Visual Chat software written in Tcl/TK
mfm 0.5 A graphical frontend for mtools
mGSTEP 0.202 An attempt at creating a small lite derivative of GNUstep
MHDns 1.2a Dynamic DNS Client/Server
Midgard 1.2.1 A PHP Application Server Suite - Web building with Web-based tools
MM 1.0.11 Shared Memory Library
mod_backhand 1.0.1 Local-area, heterogeneous web cluster load balancing module for Apache.
mod_dav 0.9.10-1.3.6 DAV protocol extensions for Apache
mod_ssl 2.4.2-1.3.9 Apache Interface to OpenSSL
mrtg 2.8.8 Multi Router Traffic Grapher
MultiMail 0.29 Offline Mail Reader (QWK)
Myth II: Soulblighter for Linux patch 1.3a Patch for the battle-strategy game from Loki
N64 Controller Driver Module N64 controller driver module for the Linux joystick driver
NAMG 0.1.5 Downloads mail from a NetAddress account and forwards it locally
ncp 0.4 Copy files quickly inside your LAN
ncps 0.41 ncurses based process killer
Neslie 2.2.0 FTN Type2+ packet/message viewer
netcomics 0.10 A perl script that downloads today's comics from the Web
netfilter 0.1.7 New NAT/packet-filtering infrastructure for Linux 2.3.5
NetSaint 0.0.4 A relatively simple active network monitor
NetWoorms 1.3 Multiplayer, networked game, similar to 'nibbles' that runs on the console
noflushd 1.7.4 Daemon that sends idle disks to sleep (for kernels 2.2.11+)
NTFS for Linux 990831 Read-only NTFS module for Linux
nView 0.25 Simple text file browser to suit redhat.
OBM 0.2.2 Intranet application to help manage a company or a contact database.
OpenBasic 0.1.3 Commercial Quality BASIC compiler and run time environment
Orac 1.1.16 Database Administration Tool
Oracle Session Monitor 2.0 X11 program that can be used to manage user sessions on your Oracle Database
Pagecast 2.0 alpha 1 Automates submitting lists of URL's to various Internet search engines.
Pan 0.4.9 Gnome/GTK Newsreader
Paralogger 0.80 Script to ease the process of setting up a root tail window
pavuk 0.9pl19 Webgrabber with an optional Xt or GTK GUI
Penguin Saviour 1.2 2D rpg engine (Playable)
Perlfect Search 3.03 Web site indexer and search engine.
phpIRC 0.9b PHP IRC layer (IRC client for PHP)
Planet-Intra 3.60-2 Instant intranet portal
play688 1.4 Play tunes for Ericsson GH688 cellular phones on Linux boxen
plsc 0.1 Oracle PL/SQL compliation front-end
povfront 1.2 GTK+ graphical interface for povray
PowerPak 990905 An attempt at a high-level game SDK
ProFTPD 1.2.0pre5 Advanced, incrediblyconfigurable and secure FTP daemon
PROL 0.04 Fast Web Journal/Web Log Hybrid
PTlink ircd 3.1b New featured ircd with a great services integration
PTlink Services 1.0.0 IRC Registration Services
PVFS 1.4.0 A parallel file system for clusters of PCs
Pybliographer 0.9.1 tool for bibliographic databases manipulation
pyChing 0.9.1 Cast and interpret I Ching hexagrams
pydf 0.5 colourised df(1)-clone
PyKDE 0.9 Python bindings for QT 1.42 and KDE1.1 Code your KDE applications in python.
PyQt 0.9 Python bindings for the Qt GUI toolkit
Python/Tk Empire Interface 1.10 Cross Platform Empire GUI Client
QDraw 0.5 Games oriented 3D graphics api
QuickList 0.8.0 MS Works like database application
Qvwm 1.1.1 Windows 95 like window manager for the X Window System
R 0.65.0 A language and environment for statistical computing.
RC EJB 0.7 Free implementation of the Enterprise Java Beans specification
rCalc 0.1 Fast and light symbolic calculator for GNOME.
RearSite 0.85 Tool for updating personal www pages
RedHat CD Kit 1.0 Tools for creating bootable RedHat installation CDs.
RePop 0.2 A pop3 daemon that seamlessly glues together a list of pop3 mailboxes.
RFCutil 1.6 fast util to search the rfc-index for a topic and display it with lynx
ripperX 0.99 GTK program to rip and encode mp3 files
rlpr 2.02 Print from remote sites to your local printer w/o configuring remote site
ROCK Linux 1.3.1 Linux Distribution for high skilled Linux User and Admins
rrlogind 2.34 Login client for Time Warner Cable and Media One cable modem services
Rush ircd 2.7.5 An amazing ircd. with a ton of new features
SARA 2.0.8 SATAN/SAINT like security auditing tool - takes advantage of nmap if present
sawmill 0.5 Extensible window manager
ScryMUD 2.0.3 Original MUD Server and Java Client
segfault.php3 2.0 segfault.php3 retrieves the latest segfault news for a webpage.
sfront 0.40 Translates MPEG 4 Structured Audio to C
Sing Along Disc Player 2.1.1 CD player with spectrum analyser, oscillator, mixer and remote DB support
Sketch 0.7.2 Vector drawing program, implemented in python
slashdot.php3 2.0 Retrieves the latest slashdot news for a webpage
SmartWorker 0.82 Web Application Development / Deployment Framework
solariscentral.php3 2.0 Retrieves the latest news from SolarisCentral
Sope 0.03 Playstation emulator for Unix
soundLib 0.2dr Small interface to initialize OSS and load/play .WAV samples
SoundTracker 0.3.2 A music tracker for X / GTK+
Space Racer 0.1.7 An OpenGL Car Game
SPAST 1.0 Simple Procmail Anti-Spam Template
Sporum 1.1.2 A better web-based dicussion board software
Spread 3.11 Group Communications Toolkit for Reliable Multicast
Spruce 0.5.0 Simple email client coded for X with the Gtk widget set
Squaroid 0.30 Make points by creating squares on a 8x8 fields board
sredird 1.1.6 RFC 2217 compliant serial port redirector
STk 4.0.0 Scheme with TK bindings
Sula Primerix II 0.09.5a Extensible multi-server IRC Client for X
System Info 0.7 System Information Perl Script
Tcp Listen 1.0 TCP/UDP/ICMP/IP packet reporter
Test Environment Toolkit 3.3a A toolkit for test development and management
The GNU Privacy Guard 1.0 GPLed PGP replacement tool
The SCOOBS Context Based Search Engine 1.02 A Java Based XML Search Engine that allows searching with context.
themeleme.sh 0.4 A script for WindowMaker theme makers
TmCde broker 0.2.0 Time-code calculator (broker part)
TmCde JAVA frontend 0.2.1 Time-code calculator (JAVA frontend part)
Trailer 2.2 Squid Ipchains monitoring program that is uniqe in its sort
TuxNES 0.70 Nintendo Entertainment System (NES) Emulator
TWiki 01 Sep 1999 Web based collaboration tool
UCD-SNMP 4.0.1 Various tools relating to the Simple Network Managemnet Protocol
UESQLC 0.4.2 Universal Embedded SQL Compiler for C++
Unix Desktop Environment 0.2.6-BETA A new GUI for Unix with a completely new look'n'feel
Vim 5.5a Popular vi clone that features syntax highlighting and an X11 interface
VM 6.75 Emacs-based mail reader
Voyager Application Server 3.1.1 Build scalable, secure, distributed, transaction-oriented applications with VAS.
vpnstarter 0.pre2.0 (build 22) Tool for simplifying management and configuration of free VPN solutions.
vpopmail 3.4.8 qmail addon package for virtual domain email
VSX-PCTS 4.4.2A A verification suite for assessing your systems conformance to ISO/IEC 9945-1
Wacom Driver for XFree86 alpha 9 Wacom driver for XFree86
WaveForge 0.0.4 A Sound Forge Wave Editor Clone for Linux.
WebAlbum 0.34 A perl script which produces html photo albums.
whowatch 1.3 Console program which displays in real time list of logged users.
wmbp6 1.6 DockApp monitoring sensors for temperatures and fans speed.
wu-ftpd 2.6.0pre1 FTP Daemon for UNIX systems
wvDecryptTest 0 microsoft word 97 password validator and *almost* decrypter
Würstelstand 1.2 German Hot-dog booth simulation
X-Chat 1.2.0 GTK+ Based IRC Client. Alot like AmIRC (Amiga).
X-Tract Build 320 XML Script processor
XDBM 19990905 Database Manager designed specifically to hold XML data
XFB 0.2.0 Hardware-accelerated fullscreen 2D graphics library
XFCom_Rage128 1.3 XFCom server for ATI Rage128 based cards
XFree86 3.9.16 Freely redistributable implementation of the X Window System
xlnotice 0.1.1 Login time public notice board for X
xmms-mr 0.1.0 XMMS plugin for X10 mouseRemote control
XSane 0.34 A GTK-based X11 frontend for SANE, also a GIMP plugin
XShipWars 1.15 Space oriented highly graphical network game system.
xspeakfree 0.7 TCL/TK frontend for Speak Freely
Yodl 1.31.16 Yet oneOther Document Language
Zope 2.0.0 Web application platform used for building high-performance, dynamic web sites.

Our software announcements are provided courtesy of FreshMeat


 Main page
 Linux in the news
 Back page

See also: last week's Back page page.

Linux links of the week

OpenH323.org is the home of the OpenH332 project, which is producing a free implementation of the H.323 protocol stack. H.323 is an audio/video conferencing protocol, used by such proprietary applications as NetMeeting. Soon, there will be no need to use non-free software to take part in these gatherings.

An extensive collection of system administration material (tutorials, resources, etc) can be found at sysads.com.ph.

Section Editor: Jon Corbet

September 9, 1999



Letters to the editor

Letters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them.
From: Mike Richardson <mike@quaking.demon.co.uk>
To: letters@lwn.net
Subject: Exporting Office Suites to Browsers
Date: Thu, 2 Sep 1999 13:35:46 +0100

Ah! So, exporting software to users' machines has popped up again.
Personally, I rather think that it will submerge once again. Desktop
machines a pretty cheap, management like to have 'their' machine
with 'their' software and 'their' data, its more sexy, etc., etc.

But, maybe there is something here that can benefit the Linux (and
Unix in general) community at the expence of M$oft and Windoze.
I think we should distinguish two cases. First, there are the "home"
users who are distinguished by virtue of having relatively slow,
typically dialup, access to the InterNet. Exporting software is a dead
duck in this case - too slow and/or too expensive (either due to
connection times or pay-per-use).

The second case, though, is the "corporate" user. In this case there
is a high-speed permanant connection to the company servers. In
this case the incremental cost of using the exported software is
essentially zero; the company pays for it up-front and network
usage has little cost.

But! There is still the question of whether web browsers are stable
enough to trust with this sort of activity - and the answer is, they
probably are not.  But! But! In the Linux/Unix world, we don't have 
to worry about needing a web browser as the front end, we have
a perfectly good system already, viz X11.

So, my point is this. A lot of effort is going into KDE and Gnome at
the moment, and some truly excellent applications are appearing or
are in the pipeline. But, the packaging for them is essentially single-
machine. Maybe what we need here is some _explicitly_ client/server
based packaging ......

Just my two'n'sixpence worth
Mike Richardson
From: Greg Owen <gowen@SoftLock.com>
To: "'letters@lwn.net'" <letters@lwn.net>
Subject: Security page and kernel modules
Date: Thu, 2 Sep 1999 10:56:45 -0400 

	I was a bit suprised to see no mention of the recent code postings
which allow intruders to use loadable kernel modules to hide their control
and presence in this weeks security page.  I learned about it this week
using Kernel Traffic item http://www.kt.opensrc.org/kt19990830_32.html#13.

	It seems to me there is a quick and dirty lesson here - if you have
a machine you want secured, use a static kernel and disable module loading.
I've done this in the past, but didn't know there was such a good reason!

	As always, thanks for the otherwise impeccable newsletter.

    gowen -- Greg Owen -- gowen@softlock.com
Date: Fri, 03 Sep 1999 01:56:07 -0400
From: Joe Drew <hoserhead@bigfoot.com>
To: editor@lwn.net
Subject: Caldera 2.3 under NDA

It sounds bad, but after I'd thought about it a bit it seems like it's
Ok, the GPL and other assorted Free Software licenses say "You've got
these rights, and you have to do these things in order to keep them."
But along comes Caldera, with its new packaging and distribution of
these pieces of Free Software. Caldera says "Ok, if you want to get your
hands on this CD you've got to sign this piece of paper which says that
you have decided to not exercise your rights under the GPL, and if you
do we can sue you into the ground and back." 
Seems ok to me.

Joe Drew

"Larry Flynt is right!"
Date: Thu, 2 Sep 1999 16:32:49 +0200
From: Luca Berra <bluca@comedia.it>
To: letters@lwn.net
Cc: linux-lvm@msede.com
Subject: A petition to get LVM into the kernel

Good morining,
In the kernel page of issue 9902 concerning the linux-lvm petition Jon
Corbet states:

'... Attempting to replace those criteria with "special interest group"
pressure is not the way to get a better kernel. Hopefully those
wanting LVM in the kernel can discuss the matter with Linus and find
out what, if anything, is blocking that inclusion.'

Actually before deciding to make a petition we did.
in fact you'll find LVM in some of -ac patches.

The idea of the petition came when someone reported to
Heinz Mauelshagen the linux-lvm mantainer "that Linus wants to wait
before putting LVM into the stock kernel to see if enough people are
interested to have this."

We decided that having a document that summarizes the reasons why
we feel that LVM is needed in the stock kernel, and have it subscribed
by anyone who is interested was the best way to let him know.

Luca Berra -- bluca@comedia.it
    Communications Media & Services S.r.l.
Eklektix, Inc. Linux powered! Copyright © 1999 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds