[LWN Logo]

Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise news for all interests

 Main page
 Linux in the news
 Back page

Other LWN stuff:
 Daily Updates
 Linux Stocks Page
 Book reviews
 Penguin Gallery

 Use LWN headlines
 Advertise here
 Contact us

Recent features:
- RMS Interview
- 2001 Timeline
- O'Reilly Open Source Conference
- OLS 2001
- Gaël Duval
- Kernel Summit
- Singapore Linux Conference
- djbdns

Here is the permanent site for this page.

Leading items and editorials

Motif is open source - almost. The Open Group has announced that the Motif toolkit, long the standard X toolkit on commercial Unix systems, has been released under a "public license." This license looks roughly GPLish in that it requires that source be made available and disallows restrictions on redistribution. It has an interesting twist, however, in that it only allows for use of the software on "operating [OpenMotif] systems which are themselves Open Source programs."

That restriction violates section eight of the Open Source Definition, in that it ties the software to specific products. The Open Group recognizes that its license is not "open source," and deals with the issue explicitly in the Open Motif FAQ. They claim they hope to make it truly open source at some point in the future.

The license also fails to define an "operating system." Presumably it can run over the Linux kernel - but what if the user is running a proprietary X server? Can you run it on OS X, with its BSD-based kernel? According to the FAQ, the answer would appear to be "yes." Mac users may prove slow to take the opportunity to run Motif on their systems, however.

Chances are, anyway, that the license will prove good enough to get Open Motif onto the CDs of most or all of the major distributions. And that, of course, is the Open Group's goal. Motif currently is tied to a slowly dying platform - proprietary Unix systems. While commercial Motif products have been available for Linux for years, interest has been relatively low. It is, after all, not free software.

Now it is perhaps free enough, but it also looks very much like too little, too late. Two years ago, Motif might have become the toolkit (and desktop) of choice for Linux. But in that time the Linux world has learned to do very nicely without Motif, and has developed two high-quality alternatives. It is hard to imagine a newly-freed Motif attracting the same sort of incredibly vibrant and productive development team that characterizes both GNOME and KDE. Even in its heyday, Motif never generated all that much enthusiasm; why should it do so now when there are newer and better systems available?

So Open Motif looks to have a useful role in helping the porting of legacy software from proprietary Unix systems, but it may well not succeed much beyond that. It is, of course, a good thing to have more code available, and there may well be valuable lessons to learn from Open Motif. But its window of opportunity to take over the Linux desktop closed some time ago.

(See also: the LessTif project which intends to continue in its (successful, so far) effort to create a truly free Motif clone; ICS's announcement of Open Motif services; Imperial Software's announcement of its Open Motif distribution, and the new, relaunched MotifZone site).

Microsoft versus Slashdot. Most readers will have long since seen Microsoft's notice to Slashdot requiring the removal of some comments posted to the site that are alleged to violate Microsoft's copyrights. In the simple facts of the matter, Microsoft might even have a point. If we respect copyright law (which, after all, provides the force behind the GPL), we should respect it for everybody. Directly posting Microsoft's copyrighted material was probably not the best move.

Microsoft is also complaining about a couple of other things, including instructions on how to avoid the "click-wrap" license and links to the material on other sites. Its case seems rather weaker here. If we value the web at all, we certainly need to resist making linking a crime.

The real point of interest here, though, is that this affair highlights once again the form that the real counterattack against free software may take. Free software can not be bought out, it is tremendously difficult to compete against, and FUD tactics have proven mostly ineffective. It is a sad possibility that intellectual property law may work where other tactics have failed. Why compete against free software, if you can simply prevent its development and/or distribution in the first place?

The issue in question at the moment is Microsoft's extensions to the Kerberos protocol. With a few small tweaks, Microsoft has taken an open standard and turned it into a proprietary, non-interoperable mess. Now they seek to prevent the development of code which will restore interoperability to heterogeneous networks. It is hard to imagine a more transparent attempt to maintain a monopoly at the consumers' expense.

Like the DVD and CyberPatrol cases, this one threatens our right to program. For years free software was hampered by lack of acceptance, users, and developers. What a shame it will be if, now that those obstacles have been overcome, free software is blocked by intellectual property claims and lawyers. We can not afford to let things go that way.

(See also: this Technocrat article by Bruce Perens saying that the Kerberos problem could have been avoided had the Kerberos protocol been covered by a different license).

SGI pushes toward Linux. SGI has announced a new line of workstations which will, it hopes, begin to turn around the company's poor performance in recent years. The systems look more reasonable than SGI's last attempt: the pricing is reasonable, the graphics are good, and so on. These might actually be computers that somebody wants to buy.

SGI may claim that it still stands behind IRIX, but the press release tells another story. The name "IRIX" is mentioned three times; "Linux," instead, appears 25 times. (NT is mentioned eight times). These systems are being sold as Linux machines, not IRIX machines. Thus, SGI has jumped into the business of putting Linux on the desktop - a place where few have dared to go.

Happily, SGI evidently plans to go beyond its current single distribution offering by adding support for SuSE and TurboLinux as well.

On the development side, SGI has also announced the release of its C, C++, and Fortran compilers for the IA-64 architecture. According to the announcement: "These Linux compilers, which were recently demonstrated at Intel's Spring 2000 Developer Forum in Palm Springs, Calif., contain additional optimizations that take advantage of the power of the Itanium processor over those of other public compiler implementations." In other words, they appear to be positioning themselves as competition for gcc as the standard Linux compiler for the IA-64. The donation of technology is always welcome - especially for a tricky task like compiling for the IA-64 - but one hopes that SGI can find a way to fold its improvements into gcc.

In any case, the compilers join a very long list of SGI contributions to Linux. SGI has, in fact, become one of the larger corporate contributors to the system, donating code for compilers, graphics, the kernel, and more. SGI appears to be quite serious about Linux. With luck, all this work will help SGI find success in the Linux arena.

Inside this week's Linux Weekly News:

  • Security: A crop of CGI script vulnerabilities.
  • Kernel: Chasing the memory management problems
  • Distributions: The future, Red Escolar Linux, VectorLinux, TimeSys and more.
  • Development: Interbase on schedule for an open source release.
  • Commerce: Corel/Inprise deal cancelled, IBM's S/390 for Linux.
  • Back page: Linux links and letters to the editor
...plus the usual array of reports, updates, and announcements.

This Week's LWN was brought to you by:

May 18, 2000


 Main page
 Linux in the news
 Back page

See also: last week's Security page.


News and editorials

Vulnerable CGI scripts. A "theme" in security for the past week seems to have been reports of vulnerable CGI scripts. To demonstrate, below is a list of recent reports:

Why all these advisories? Every CGI programming course taught in recent years hammers hard on the difficulty in properly securing CGI scripts and certainly has warned of the dangers of using unaudited CGI scripts, whether written yourself or acquired off the Internet. This week's spate of advisories appears to have been started as a way to draw attention to the security groups putting out the advisories. However, once the example had been made, additional similar problems were quickly reported.

Lots of functionality has been added to common scripting languages, such as perl, to make it possible to write secure CGI scripts. However, it takes time and effort to learn how to do it right. The list above says that people aren't taking that time; they are writing scripts in a sloppy manner and freely borrowing such scripts from other people without either auditing them or understanding how to fix them if they do.

Now is the time to understand that such scripts not only are insecure, but that exploits for their vulnerabilities are available and are being circulated. Time to make a list of your CGI scripts now and audit them. Don't wait and expect bug fixes and updates from the authors of such scripts; they may not be forthcoming and you'll remain vulnerable in the meantime.

BugTraq Vulnerability Database Statistics. Which operating systems really have the most security problems? Have a look at the BugTraq statistics for a clue. They have made up some charts of how many security problems they have seen on each system over the years. "We leave the interpretation of these numbers to you."

We contacted Security Focus and asked a few questions about the statistics. First, because only Red Hat and Debian were directly listed, yet the sum of "Linux (aggregate)" was clearly higher than the sum of those two, we checked to make sure that Linux vulnerabilities were not being counted twice, just because they were reported on multiple distributions. They are only being counted once.

Second, we checked on how they determined that a particular vulnerability was a "Linux" vulnerability. A specific package is not considered to be "part of Linux" unless it is shipped with a specific Linux distribution. Of course, especially when Debian is included, that is a vast amount of free software, but a package won't be considered part of Linux just because it is possible to compile and run it on a Linux platform.

Last, because we'd love to know, we checked to see if statistics on how many of these vulnerabilities have been fixed were available. They are not, historically, but the ability to track this information has been recently added to the database, so such statistics will be possible to report in the future. Linux developers and distributors: make sure you are getting out fixes and updates for all the reported vulnerabilities. Otherwise, we are all bound to be embarrassed when full statistics on this topic become available.

Bruce Schneier's CRYPTO-GRAM (May 15). This month's edition of CRYPTO-GRAMeditorializes on the need to view security as a process, not a product, with the accompanying analysis of "acceptable risk". It also reports on the Cybercrime Treaty, a proposed treaty of the Council of Europe that would "make it illegal to create, post, or download any piece of software that is "designed or adapted" to break into computer systems", effectively tying the hands of systems administrators and researchers who are working to improve security.

Stoic Distro for the Paranoid (LinuxNews). LinuxNews takes a look at the recent announcement for Nexus, a new secure Linux distribution. "Unlike many currently available Linux distributions, Nexus isn't being promoted as a user-friendly proposition. 'Nexus does not try to appeal to the novice user, or even be usable by him. We sacrifice "ease of use" for power and security.'"

Security Reports

Bad ssh-1.2.27-8i rpms. John McNeely reported to BugTraq a problem with one set of ssh rpms as distributed from the Zedz Consultants web site for Red Hat 6.0 through 6.2. The ssh-1.2.27-8i rpms included a patch for PAM support that allows ssh to be used to log into any valid account. Note that the 1.2.27-7us and 1.2.27-7i rpms, also available, are not vulnerable. OpenSSH is also not impacted by this report. Removing the bad rpms and using unaffected rpms or OpenSSH is recommended. Check the Security Focus vulnerability database for more details.

kscd: KDE CD reader. kscd, the CD player provided with the KDE multimedia package, can be easily exploited to gain root privileges. If you have this package installed, the suid bit should be removed immediately. No official update for kscd has been posted, as of yet.

Netscape Warnings for invalid SSL certificates bypassed. The ACROS Security team posted an advisory detailing how a failure to issue a warning for an invalid SSL certificate, present in Netscape versions prior to 4.73, could be used to grab supposedly secured information from a third site, including potentially credit card information. Netscape has confirmed the problem, fixed it in Netscape 4.73 and made available a Personal Security Manager (PSM) to rectify the problem in older versions. Either an upgrade to 4.73 or the installation of the PSM is strongly recommended.

Netscape tmpfile vulnerability. Netscape versions 4.5 through 4.73contain a tmpfile vulnerability that can be exploited to read alternate files on the system or possibly modify them. For more information, check the SecurityFocus vulnerability database.

Kerberos buffer overruns. Multiple overruns in the MIT and Cygnus Kerberos implementations have been found and some of them have been demonstrated to be exploitable, according to this BugTraq posting. The KTH implementations have been reported not vulnerable. MIT will release krb5-1.2 with fixes for these problems "shortly".

gnapster and knapster vulnerability. A vulnerability has been reported in gnapsterand knapster which can be used to obtain any user-readable file, not just shareable MP3 files. This is the same vulnerability reported last week in FreeBSD's gnapster port in this advisory. Corrected versions of knapster and gnapster were promptly made available.

antisniff. A DNS buffer overflow in AntiSniff, a tool for detecting sniffers on a local network, can be exploited remotely to execute commands as root. L0pht, the original source of the program, has issued an advisory for the problem.

Commercial Vulnerabilities:

Vulnerabilities have been reported with the following hardware:.


xsoldier. An exploitable buffer overflow has been reported in the xsoldier game.

Linux kernel. UDP and masquerading vulnerabilities have been reported in the Linux kernel 2.2.14 and prior. Note that the Red Hat update appears to also include a fix for knfsd which is not mentioned in the SuSE advisory.

  • Red Hat (2.2.14 plus patches) (old)
  • SuSE (2.2.14 plus patches)


Security Focus releases Pager 3.0 beta. Pager 3.0 beta is a new product from SecurityFocus that will let you get your BugTraq fix in real time via a direct link to the SecurityFocus.com database. "The pager employs client-side filtering, ensuring the details you provide it about your network setup remain confidential - nothing is transmitted to the Security Focus database server. The source code for the pager is also publicly available, allowing the community to review exactly what the pager does and does not do."

Nessus 1.0. The first complete, stable version of Nessus, a free, open-sourced (GPL-ed), and frequently updated security scanner, has been announced. "Nessus performs as many security checks as you could expect from a commercial security scanner (over 400) and is very up-to-date regarding this issue. It also has its own unique features, such as services recognition (so that a web server running on port 8080 will _also_ be tested), its own scripting language, and many more (see http://www.nessus.org/features.html)".


May/June security events.

May 22-25, 5000. SANE 2000, Maastricht, The Netherlands.

June 12-14, 2000. NetSec 2000, San Francisco, California, USA.

June 25-30, 2000. 12th Annual First Conference, Chicago, Illinois, USA.

June 27-28, 2000. CSCoRE 2000, "Computer Security in a Collaborative Research Environment", Long Island, New York, USA.

Section Editor: Liz Coolbaugh

May 18, 2000

Secure Linux Projects
Bastille Linux
Khaos Linux
Secure Linux
Secure Linux (Flask)

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Conectiva Updates
Debian Alerts
LinuxPPC Security Updates
Mandrake Updates
Red Hat Errata
SuSE Announcements
Yellow Dog Errata

Security Software Archives
ZedZ.net (formerly replay.com)

Miscellaneous Resources
Comp Sec News Daily
Linux Security Audit Project
Security Focus


 Main page
 Linux in the news
 Back page

See also: last week's Kernel page.

Kernel development

The current development kernel release is 2.3.99-pre8. The -pre7 release, which came out on May 12, contained the new configuration option controlling whether devfs is automatically mounted at boot time, the new devfs FAQ, a whole new PowerPC 8620 ethernet/serial driver contributed by MontaVista Software, a number of ethernet driver, USB, and PCMCIA updates, a new Specialix RIO driver, and a new "PPP over ethernet" driver.

2.3.99-pre8 came out just hours after -pre7, and contained a large S/390 architecture update, along with a major RAID update, an Integraphics Cyber2000 frame buffer driver update, and a few other tweaks.

There is a 2.3.99-pre9 pre-prepatch available, in its second revision as of this writing. Most of this patch is a large MIPS64 update; also included is a rewrite of the parallel port documentation, a new ST TDA7432 audio processor chip driver, a number of IDE driver tweaks, a devfs update, an NFS update, and the usual array of small tweaks.

Alan Cox posted a new 2.4 jobs list on May 18.

The current stable kernel release is still 2.2.15. The 2.2.16 process continues with 2.2.16pre3. There have been, recently, some complaints about the performance of 2.2.15, but nothing specific has been found yet.

Memory management problems continue with recent development kernel releases. There is currently a great deal of effort going into stabilizing things, but it is hampered somewhat by a lack of agreement over where the problems really are and how they should be fixed.

Part of the trouble has to do with the zoned memory allocator. On some architectures, there is more than one type of memory to worry about. With i386 systems, only some of the available memory may be suitable for old-style DMA I/O, and "high" memory (above 1GB) has restrictions of its own. So the kernel's memory allocator divides memory into zones, and requests for memory specify which zone they wish to allocate from.

A common symptom seems to be that the DMA zone runs out of memory. Once that happens, the I/O system can run into difficulties because it can't get memory when it needs it. The "kswapd" process, meanwhile, goes nuts trying to free up DMA memory but never seems to get on top of the situation. The performance of the system as a whole falls apart, and users get grumpy.

One fairly reliable way to demonstrate the problem seems to be to fire up any sort of application that streams through a lot of data. The inability to do things like play MP3 files is a common complaint. Streaming data plows through a lot of memory while simultaneously keeping the I/O system busy.

Linus thus far has taken the approach of trying to simplify the memory management system as much as possible. Thus many of the recent tweaks are coming back out, in the hopes of making the basic system work; at that point some of them can maybe go back in. This work, along with a couple of fixes to the page freeing and kswapd code, appears to have improved - though perhaps not completely fixed - things in the 2.3.99-pre9 prepatch series. Rik van Riel, Juan J. Quintela, and Ingo Molnar have been working on tweaking the current code, while Andrea Arcangeli continues with his much more complicated "classzone" patch. With that much high-caliber effort being concentrated on the problem, it will probably not be around for much longer, even if the shape of the final solution is not currently clear.

Directory cache changes. Alexander Viro has posted a list of changes which will go into the 2.3 directory cache shortly. The posting includes a warning to anybody who maintains a filesystem that is not part of the standard kernel tree: talk to him soon or watch your code break. Deep filesystem changes like this may seem a little strange during an alleged feature freeze, but Mr. Viro says "This change is _really_ needed." That may be true, but it also reinforces the point that 2.4 remains a distant goal.

Other patches and updates released this week include:

  • Jeff Garzik posted a new Via 686A sound driver. This version supports playback only; recording and MIDI will come later.

  • Alan Cox has dug up some old archives of the linux-kernel mailing list and made them available on his FTP site. Check it out "if you want to know what DaveM's first post looked like, read the very first Linux code freeze announcement or just wondered what a 5 mail a day kernel list was like."

  • Graham Stoney has released a new version of his "dead function optimization" patch. This patch fixes up kernel builds so that functions that can never be called with a given configuration will not be included in the kernel image.

  • Neil Brown has posted a long and thoughtful essay on the whole devfs issue and his suggested solutions to the problem.

  • Robert de Vries has posted a new version of his POSIX timers patch.

  • Version 1.1 of the x86 performance counters driver was released by Mikael Pettersson.

  • Karim Yaghmour released a new version of the Linux Trace Toolkit, which can be used for detailed monitoring of events within the kernel.

  • iptables 1.1.0 has been released; it only works on 2.3.99-pre8 or above.

Section Editor: Jonathan Corbet

May 18, 2000

For other kernel news, see:

Other resources:


 Main page
 Linux in the news
 Back page

See also: last week's Distributions page.


Please note that security updates from the various distributions are covered in the security section.

News and Editorials

W. R. Hambrecht predicts the future of Linux distributions. The Red Herring has run a position paper by a W. R. Hambrecht analyst on open source companies. In it, they make a firm prediction for what they see as the future of Linux distributions. "Approximately 140 distribution companies exist across the globe. We believe all but the top five will be bought, will go out of business, or will be relegated to insignificance. Market-share leaders are currently defined around geographic boundaries. Red Hat has the largest global brand recognition and leading North American market share, SuSE leads in Europe, TurboLinux leads in Asia, and Conectiva leads in South America."

"Relegated to insignificance" is an interesting turn of phrase. It is a fluffy term, one easily redefined in order to prove that you are correct. If the question is, will there be around five Linux distributions that, each of them, hold a market share that is multiple times the size of other distributions, then the accuracy of their prediction can be gauged. Given the size of the world, though, that could still leave many distributions, each individually with millions of users. Particularly within individual countries, new Linux companies are just starting to develop and may become local favorites. Within those countries, those local distributions won't be seen as "insignificant". Within a specialized niche, say medicine or education, an "insignificant" distribution may still be the best and most popular choice ...

Red Escolar Linux 1.0-10. The initial release of Red Escolar Linux has been announced. Red Escolar Linux is the Linux distribution being developed and supported by the Red Escolar Project, which will be deploying the distribution throughout schools in Mexico.

TimeSys Linux/RT 1.0 released. TimeSys Corporation has announced the release of TimeSys Linux/RT 1.0, its real-time Linux distribution.

VectorLinux. VectorLinux is a small Linux distribution (150MB) intended to be a good base for creating your own home-brewed distribution. Version 0.5 has just been announced. The most unique feature of VectorLinux is that it uses midnight commander to allow the installation of packages from any other distribution, including Red Hat, Debian, Slackware, Stampede, et al.

PKlinux(mini). PKlinux(mini) is a just-announced new Linux distribution based on the Linux 2.3.99 kernel. It loads Linux into RAM, so it can be used to try Linux for the first time without requiring disk repartitioning or space. It is distributed as a ZIP file and is derived from Red Hat 6.1. (From Freshmeat).

Bastille Linux

Bastille Linux 1.1.0.pre1. Bastille Linux 1.1.0.pre1 has been released. Bastille is a security-hardening script for Red Hat-based systems. "Version 1.1.0 runs on non-virgin systems, can run multiple times, is undoable, and includes a log-only mode. "

Best Linux

Best Linux 2000 R2. Best Linux 2000 R2 has been released. It includes XFree86 4.0 and a number of other goodies, including Russian language support.

Debian GNU/Linux

Archive and Incoming have moved. Debian developers should note that Archive and Incoming have moved to their new home on ftp-master.debian.org and your uploads should be redirected appropriately.

Program now available for the first Debian Conference. The program for the first Debian Conference is now available. The conference will be held in Bordeaux, France, from the 5th to the 9th of July 2000, in conjunction with the Libre Software Meeting.

Review: Learning DEBIAN GNU/LINUX. AboutLinux has published a review of O'Reilly's Learning DEBIAN GNU/LINUX. "I really liked this book. Even though the book is supposed to be for Debian Linux, users of other distributions might want to pick up a copy as well. I wish I could be as positive about Debian 2.1. I am afraid that Debian 2.1 is now quite obsolete; and in my opinion it would be a poor starting point for someone new to Linux."

Interview: Martin 'Joey' Schulze (LinuxTag). Here is an interview (in German) with Debian developer Martin Schulze which appears on the LinuxTag site. English text is available via Babelfish.


DragonLinux v0.8. A new version of DragonLinux, version 0.8, is now available for download. DragonLinux is a UMSDOS based installation of Linux with roots in the Slackware distribution. Its target audience is brand-new Linux users.


Kernel Cousin Debian Hurd. This week's Kernel Cousin Debian Hurd gives the latest on the HURD development.


The May release of KRUD, the value-added version of Red Hat by Tummy.com, has been announced. This release is based on Red Hat 6.2, and includes a number of updates and additional goodies, crypto utilities, and more.


Review: Mandrake 7.1 beta 2 (GNULinux.com). GNULinux.com has issued a review of Mandrake 7.1 beta 2. Along with reporting the usual set of glitches that might be expected with a beta, they mentioned the part that they liked the best. "Since we are so fond of the product, we wanted to conclude on a positive note: In their descriptions, Mandrake refer to GNU/Linux instead of just Linux ..."


LuteLinux 'Lite' released. LuteLinux has announced the release of its "LuteLinux Lite" distribution. The full version will be released "later this year," and will include an (unspecified) office suite.

Red Hat Linux

Alpha Release of Red Hat for the IA-64. Red Hat announced today the release of a developer's version of Red Hat for the Intel Itanium Processor, targeting high-end workstations and servers. It is available for download at ftp://ftp.redhat.com/pub/redhat/ia64. The full release of this distribution will be made at the same time the Itanium Processor finally ships.

Slackware Linux

Netscape Communicator 4.73 is now available in slackware-current. There are also indications in the Changelog that a beta release for 7.1.0 will be coming up soon.

SuSE Linux

SuSE announces SuSE Linux for the S/390. SuSE has announced support for the IBM S/390, with a beta version of their distribution for that platform due in late June. For more on Linux support for the S/390, check this week's Commerce Page.

FTP version of SuSE 6.4 available. SuSE made available the FTP version of SuSE 6.4 at 12:00 GMT on Tuesday, May 16th. A number of mirror sites (listed in the announcement) apparently had 6.4 up even sooner.

Maclinux (MacDiscussion). MacDiscussion has an interview with Lenz Grimmer and Olaf Hering at SuSE about the new PPC version of SuSE Linux. "What is compatibility like for the vast catalog of applications? will things run 'out of the box' on SuSE PPC, or will PPC users be plagued with the same problems as most of the Red Hat derivatives, with much x86 specific code causing compatibility problems?

Lenz: Well, we try hard to work around these problems. Ideally, you won't notice any difference in ease of use and functionality."


TurboLinux for the S/390. Joining SuSE, TurboLinux also announced support for the IBM S/390 platform this week. This is currently just an agreement; the release of TurboLinux for the S/390 is scheduled for "later this year". For more on Linux support for the S/390, check this week's Commerce Page.

Section Editor: Liz Coolbaugh

May 18, 2000

Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.

Caldera OpenLinux
Debian GNU/Linux
Red Hat

Also well-known
Best Linux
Conectiva Linux

Rock Linux

Non-technical desktop
Icepack Linux
Redmond Linux

Boston University
Red Escolar

General Purpose
Alzza Linux
aXon Linux
Bad Penguin Linux
Black Cat Linux
BluePoint Linux
BYO Linux
CAEN Linux
Cafe Linux
ChainSaw Linux
Circle MUDLinux
Complete Linux
Console Linux
Corel Linux
Darkstar Linux
Elfstone Linux
ESware Linux
Eurielec Linux
eXecutive Linux
Fried Chicken
HA Linux
Halloween Linux
ix86 Linux
Lanthan Linux
Linpus Linux
Linux Cyrillic Edition
Linux MLD
LinuxOne OS
Linux Pro Plus
LNX System
Lute Linux

NoMad Linux
Omoikane GNU/Linux
PingOO Linux
Plamo Linux
Project Ballantain
Rabid Squirrel
Root Linux
Serial Terminal
TimeSys Linux/RT
Tom Linux
VA-enhanced Red Hat
Vine Linux
Virtual Linux
WinLinux 2000

GNU/Linux Ututo
Definite Linux
Red Flag
Linux Esware
Kaiwal Linux
Thai Linux Extension

Related Projects
Chinese Linux Extension

Historical (Non-active)
MCC Interim Linux
Storm Linux


 Main page
 Linux in the news
 Back page

See also: last week's Development page.

Development projects

Red Escolar Returns. This week brought renewed information from the Red Escolar Project - the project which is working to place Linux-based networks in over 100,000 Mexican schools. They've been hard at work and are now in a better place to share information on their status. This week, they issued an invitation (in both Spanish and English) for people to visit their updated web site. They are looking for volunteers to help with translating their documentation into English, test software and provide opinions. Check the Distributions Page to find their initial announcement of Red Escolar Linux on Freshmeat.


NewZilla. A new site called NewZilla is presenting itself as "the unofficial Mozilla/Netscape 6 FAQ." It's just getting going, but there's already some good information to be found there.


InterBase Open Source release imminent (Technocrat.net\). InterBase is now "The Open Source Database", according to their web site. To back this up, Michael Bernstein posted a note to Technocrat.net stating that Interbase has announced a tentative schedule for releasing Interbase 6.X under the IPL open source license. "They expect InterBase 6.0 and the source to be officially released in the June or July time frame."

A (binary) beta release of Interbase 6.0 for Linux is currently available for download. There are some useful comments posted in response to Michael's note, both supporting the IPL as a good quality open source license and comparing the strengths of Interbase and PostgreSQL. (Thanks to J.H.M. Dassen).


The BIRD Internet Routing Daemon. Martin Mares, best known for his work on the PCI subsystem in the kernel, has announced the release of BIRD - the "BIRD Internet Routing Daemon." BIRD is an attempt to implement all of the current routing protocols while remaining easy to configure; it is licensed under the GPL.

Wine 1.0 coming? The latest Wine Weekly News covers the discussion among the developers on whether it's time to create a Wine 1.0 release. Such a release certainly has been a long time in coming - the Wine folks did not set an easy task for themselves. The code is getting to a point where a 1.0 release is possible, and probably even a good idea - the project leaders think Wine could benefit from some time spent emphasizing stability rather than new features. There seems to be agreement on working toward 1.0, but no time frame for a freeze appears to have been set.

Office Applications

Gimp 1.1.22. Gimp 1.1.22 has been released. Although mostly containing bug fixes, people are encouraged to give it a test drive and report back.

On the Desktop

KDE 1.90 released. KDE 1.90, code named "Konfucious", is a new beta version of the upcoming KDE 2.0 desktop. "For the developer, KDE 1.90 provides a stable API which will enable developers to commence serious development of their application so they may time the release of their software to coincide with the release of KDE 2.0, scheduled for September 2000."

Enhancements to KOffice and the release of Konqueror, a new file manager/web browser, are the key features expected to interest desktop users, though the non-adventurous should probably wait for the official 2.0 release. (From Appwatch).

GNOME 1.1.90 final beta released. "Octothorp GNOME," otherwise known as GNOME 1.1.90, otherwise known as the "hopefully final beta release before GNOME 1.2" has been released.

GNOME at the 2nd Braunschweiger LinuxDays. Martin Baulig posted this report from the GNOME booth at the 2nd Braunschweiger LinuxDays in Germany. It sounds like a good time was had by all.

Help browser needs help. Miguel de Icaza has posted this message describing the state of the Nautilus-based help browser for GNOME. It seems that this package got off to a nice start, but is not currently maintained by anybody. So Miguel is looking for a volunteer to step in and fix it up. Drop him a note if you can help out.


FreeGIS news. Bernhard Reiter has sent in a report from the FreeGIS project, noting the availability of a new mailing list, a new version of GRASS and more.

OpenDX. OpenDX, formerly known as IBM Data Explorer, is an open-source "industrial-strength scientific/data visualization package". IBM made the source code for this tool available almost a full year ago, under the IBM Public License, a license that has been reviewed and generally approved as an open-source license. New resources for OpenDX added in the past month include a new ChangeLog and new binaries for the latest version (4.1.0), including binaries for Red Hat, SuSE and LinuxPPC. (From Python-URL).

Web site Development

April Netcraft survey. The April Netcraft survey is out. Apache continues to rise; it now runs 61.5% of all web sites. (Thanks to Fabian Wauthier).

Midgard weekly summary. Here is this week's Midgard Weekly Summary, by Ron Parker. The bulk of this issue has to do with licensing issues for Midgard documentation.

Zope 2.2.0 alpha 1 released. Zope 2.2.0 alpha 1 has been released. It contains some security updates, a new help system, the new Zope tutorial, and more.

Zope Weekly News. After a bit of an absence, the Zope Weekly News is back. Check it out for the latest in Zope-related happenings.

Section Editor: Liz Coolbaugh

May 18, 2000

Project Links
High Availability

More Information



Development tools

The aegis project is looking for developers. Aegis is a long-standing project developing a configuration management system with an impressive set of features. Among other things, it includes regression testing built into the system, distributed repositories and more. Those who think they may want to participate in this project should check out this call for developers.


Culture clash. Here's a story on the Perl.com site by a Perl trainer who ended up teaching a class full of long-time Cobol programmers. "I didn't have to explain filehandles; they already knew about filehandles. But they used jargon to talk about them that wasn't the jargon I was familiar with. 'Oh, you're establishing addressibility on the file,' someone said. They seemed pleased at how easy it was in Perl to establish addressibility on a file."

The end of Perl development? According to this article Larry Wall has proclaimed that 5.6 will be the last version of Perl. The reason? There's no more weird keyboard characters available... Of course, the article is in Segfault...


Python faqts. The Python faqts site seeks to develop an extensive knowledge base of Python tips and tricks. Here is a listing of the recent additions to the site, as an example of the sort of information that can be found there.

Python-URL (May 15). This week's Python-URL links to discussion about the effbot, performance measurement (for Zope), lightweight database objects and more.

Python to change name? According to this article, Guido plans to change the name of the Python language to "Homer." Of course, this one is from Segfault too...


Here is this week's Dr. Dobb's Tcl-URL with the latest from the Tcl/Tk world.

Section Editor: Liz Coolbaugh

Language Links
IBM Java Zone
Perl News
Daily Python-URL

 Main page
 Linux in the news
 Back page

See also: last week's Commerce page.

Linux and business

Mark your calendars. As most LWN readers will already know, when a company goes public the "insider" shareholders are prevented from selling their shares for a defined period of time. This lockup serves to keep the stock price higher while its market stabilizes. When it ends, however, the stock price can suffer as all of the insiders, who have been waiting patiently all this time, cash in some of their holdings.

Of particular interest to Linux investors is the fact that Andover.Net and VA Linux Systems both emerge from their lockup periods in early June. Andover comes out first, on June 5; a total of just under 8 million shares, or 50% of the company, will become trade-able on that day. VA comes out the next day (June 6) when 35 million shares - a full 85% of the company - will be unlocked.

The end of the lockup does not necessarily spell disaster for the stock price, however. Cobalt Networks came out of lockup on May 2 with no long-term impact. And 30% of Red Hat's shares (part of a longer lockup due to its secondary offering) were turned loose on May 3; in this case the stock's price did fall somewhat, but it is hard to attribute a cause to the drop.

(Information courtesy of IPOLockup.com).

Corel/Inprise merger cancelled. From the beginning this deal seemed a bit lopsided. Inprise is the larger company and yet Corel was to do the acquiring. Inprise would get Corel stock and Corel would gain access to Inprise application software, which it could then port to Linux. It could have been very good for Linux, but some would argue that it was never a good deal for Inprise and its shareholders. The recent drop in Corel's stock made the deal even worse for Inprise, and so now the deal has been cancelled. This paragraph from Corel's press release sums it up pretty well. "Because of significant changes since the merger was agreed to more than three months ago, Corel has concluded that it is in its best interest to terminate the agreement at this time. Corel and Inprise/Borland are parting on amicable terms and will continue to pursue opportunities for ongoing partnerships."

Inprise has already ported some of its applications to Linux. The deal with Corel might have made the process go faster. Certainly with the deal in place we would have seen Inprise applications bundled with Corel Linux OS. Since opportunities do exist for ongoing relations between Corel and Inprise we may yet see more Inprise applications ported to the Linux desktop and some will no doubt be bundled with Corel Linux. The cancellation of this deal has hurt Corel, as has the recent devaluation of its stock price, but don't count them out yet. The Debian-based Corel Linux OS is still very popular, as is its WordPerfect Office product (for Linux and other OSs). The expected Linux versions of Corel's CorelDRAW and PHOTO-PAINT are still on schedule. Corel may be down, but it is far from out.

For Inprise, the cancellation will have even less impact. They will no doubt continue porting at least some of their applications to Linux, though without Corel's expertise it may take them a bit longer. Here is Inprise's brief announcement on the cancellation.

[Editor's note: Actually Corel is larger than Inprise. The reverse was incorrectly assumed from 1st quarter 2000 performance.]

IBM announces Linux on the S/390. IBM has finally announced that Linux is available for its S/390 mainframe system. IBM will also be offering services and software (such as DB2 Connect) for the S/390 platform. (There is also a photo that goes with the press release).

TurboLinux lost no time in announcing an S/390 distribution, which will be available "later this year."

Here is SuSE's press release announcing its S/390 offering. They will have a beta version available in late June, with the real product becoming available in the third quarter of the year.

BMC Software Inc. has announced a systems management solution on Linux for S/390.

Finally, here's a Reuters article about the announcement. "'Putting mainframes and Linux guys together, well, it's almost difficult not to laugh,' said David Floyer, analyst with ITcentrix. 'You couldn't get people farther apart in culture. Linux is the ultimate open system, and the mainframe is the ultimate proprietary platform.'"

AFUL statement on ILOVEYOU virus and Linux. The Association Francophone des Utilisateurs de Linux et des Logiciels Libres (AFUL) has issued a strongly-worded statement (in French) on how Linux systems were not affected by the ILOVEYOU virus. It castigates Microsoft for continuing to ship vulnerable software, and talks of possible liability for the damages. There is a strong recommendation for businesses and governments that they should switch to free software to avoid these problems in the future. AFUL also warns against using proprietary software on Linux, and singles out StarOffice explicitly as being possibly vulnerable.

English text is available via babelfish.

Indrema Announces OpenStream Collaboration for Linux Video Project. Indrema Corporation announced the Open Source OpenStream project, a collaboration of several development groups working to create a new "royalty-free gold standard for professional video on Linux".

FreeDesk licenses VistaSource Anyware Office. VistaSource (Applix's Linux-based spinoff) has announced that FreeDesk has licensed its "Anyware Office" product. This product is essentially a version of ApplixWare which can be served over the web.

LinuxBazaar.com launches. The Linux Journal has announced the launch of the LinuxBazaar.com site. It is, of course, a place to buy Linux-related hardware and software, and thus looks like a competitor to Red Hat's Marketplace.

Press Releases:

    Commercial Products for Linux

  • Ariel Corp. (PARIS) announced the availability of RedHat 6.0 Linux for Ariel's family of PCI-based ISDN adapter cards. Ariel also announced that it will make the source code for its Linux remote access drivers available through the Open Source Initiative.

  • Avant! Corporation (FREMONT, Calif) announced that they will provide a version of Hercules-II for 64-bit Linux OS optimized for Intel's IA-64 architecture.

  • Hypercosm, Inc. announced the release of Hypercosm Studio 1.3 for Linux, 3D development tools, now available for free download.

  • NetLedger, Inc. (SAN MATEO, Calif.) announced that it has developed SMBXML, an XML standard specifically for the small to medium business community.

  • Macadamian Technologies Inc. (OTTAWA, ON) announced immediate availability of the Syndeo Collaboration Suite, server-side software that helps eBusinesses create web applications.

  • MSC Software has announced a line of Linux "cluster appliances," based on HP systems. The initial market seems to be scientific applications.

  • Oracle Corp. (REDWOOD SHORES, Calif.) announced the availability of Linux versions of its Internet application development tools Oracle Business Components for Java and Oracle Forms Developer6i.

  • Stalker Software, Inc. (MILL VALLEY, CA) announced the Linux StrongARM version of CommuniGate Pro, a portable messaging system.

    Products Using Linux

  • Indrema Corporation (LOS ANGELES) will use NVIDIA graphics processing unit (GPU) as in the Indrema L600 Entertainment System.

  • Netcom Systems received the Best of Show award at NetWorld+Interop trade show for its new TeraMetrics system.

  • VA Linux Systems, Inc. (SUNNYVALE, Calif.) announced that it has started shipping the VA Linux 2130 server, an entry-level 2U (3.5") rackmount server ideal for ISPs and lower-end server applications.

    Products with Linux Versions

  • AOpen America, Inc. (SAN JOSE, CALIFORNIA) announced the PA256 Pro and PA256DDR64, its advanced graphics processor (AGP) card family, with OpenBIOS technology.

  • Logitech (LOS ANGELES) will be shipping the WingMan Formula GP and Formula Force GP Racing Wheels in July.

  • ParaSoft (MONROVIA, Calif.) will showcase WebKing 2.0, the most recent upgrade of their Web development tool, at WebLA in Pasadena.

  • Selectica, Inc. (SAN JOSE, Calif.) announced a major enhancement to its ACE 4.5 Internet Selling System, a browser-based system.

  • SERENA Software, Inc. (BURLINGAME, Calif.) announced the general availability of eRequestMan 2.1.0, a key component of SERENA's eFull.Cycle framework for providing an automated end-to-end solution for managing changes throughout the eBusiness application life cycle.

  • SOCHRYS.COM INC. (GENEVA) announced the successful results of an independent Portability Test of its Client Desktop, which is the end-user interface application of the SOCHRYS Universal Computer.

  • WebTrends Corporation (PORTLAND, Ore.) announced the immediate availability of WebTrends Enterprise Reporting Server 3.0.

    Java Products

  • Fluence Technology Inc. (BEAVERTON, Ore.) announced the HABIST Toolkit, a new design toolkit for verification and testing of analog-to-digital (A/D) converters.

  • Multex.com, Inc. (NEW YORK) unveiled BuzzPower 4.0, an Enterprise Java based e-community software platform.

  • Tower Technology Corporation (AUSTIN, Texas) is now offering TowerJ release 3.5, an upgrade that supports Java 2.

  • Unify Corporation (SAN JOSE, Calif.) announced the immediate availability of Unify eWave ServletExec 3.0, a Java Servlet and JavaServer Pages (JSP) engine.

  • XMLSolutions Corporation (MCLEAN, Va.) announced XEDI Translator for RosettaNet, an out-of-the-box solution enabling enterprise-to-enterprise information integration.


  • The Coriolis Group, LLC (SCOTTSDALE, Ariz.) announced the launch of ExamCram.com, a website for test preparation and training on a number of subjects, including Linux.

  • GRIFFIN SOFTWARE Ltd. and SuSE Linux have partnered to provide comprehensive LINUX Technical Training and Certification in Ireland.

  • Pervasive Software Inc. (AUSTIN, Texas) launched The University of Pervasive, a free, on-line academy delivering courses taught by industry experts. A couple of Linux-related courses are listed.

  • According to this announcement from Red Hat, IBM will be delivering Red Hat Certified Engineer training at IBM's training centers "around the world." The first courses will be available soon, and will include the RHCE exam.


  • Dot Hill Systems Corp. (CARLSBAD, Calif.) announced that Northern Lights Computer Inc., a provider of turn-key Linux solutions in Japan, has chosen to resell Dot Hill's SANnet systems to its customers.

  • Hewlett-Packard Company (PALO ALTO, Calif.) announced the expansion of its Designing the Future (DTF) partner program to allow independent software vendors to tailor their applications for IA-64.

  • HostPro, Inc. and Cobalt Networks, Inc. (NAMPA, Idaho/MOUNTAIN VIEW, Calif.) announced an alliance to expand HostPro's Web hosting programs by offering dedicated server solutions on Cobalt RaQ 3 server appliances.

  • LinuxWizardry Systems, Inc. (VANCOUVER, British Columbia) announced that an agreement has been completed with Programmer's Paradise to sell its LinuxWizardry Apprentice router through its catalogs and through its web site.

  • Netgem SA (CANNES, France) is a developer of Internet TV technology operating on a Linux-based open software platform and a thin-client access device. Here are several press releases announcing agreements with other companies in France and Italy, designed to make this technology more accessible.
    • Profilo Telra Consumer Electronics, Inc. will integrate the technology with its television sets.
    • Freedomland-ITN, an Italian Internet on TV Service, has ordered an additional 230,000 netboxes.
    • Ernst & Young are helping to create "TV Friendly" guidelines for web sites.
    • Matra Grolier Network has a common offer built around the netbox and Matra Grolier Network's range of e-Solution Services.
    • D Interactive has agreed to share its expertise in the fields of Web-based Customer Relations Management and Internet via TV.
    • 9Telecom announce the signature of a protocol establishing a partnership between the two companies for Netgem's "netbox" Solutions distributed in France.
    • ConSors France, an online brokerage firm, and Netgem have agreed to partner together to create a TV portal providing financial services for consumers.
    • Internet Ireland partners to provide free Internet access via television to two elementary schools using Netgem's netbox. The Irish and French students will be linked via Internet on TV for a real-time project in international studies.

  • Rackspace.com (SAN ANTONIO) announced that it has partnered with two Internet e-commerce companies to give Rackspace.com customers a broad variety of turnkey solutions to fit their e-commerce needs. Akopia will provide its Tallyman solution, and Mercantec SoftCart was selected to provide solutions that encompass the shopping cart front-end, transaction processing mid-layer, merchant accounts and a storefront management system.

  • TurboLinux Japan, Inc. and VMware Inc. (PALO ALTO, Calif., and TOKYO) announced a business partnership to bundle TurboLinux Workstation Japanese Version 6.0 with VMware Express for Linux .

    Investments and Acquisitions

  • Base88 Inc. (HONG KONG, CHINA) is to receive $3 billion (Hong Kong currency) for the development of the Internet, telecommunications, wireless and Linux systems, as part of a MOU agreement with Beijing's Peking University, to establish the capitol's first technology incubation center.

  • TeamLinux Corporation (AUSTIN, Texas) announced that it has completed its first round of private financing raising over $4  million.

  • TimeSys Corp. (PITTSBURGH) announced that it has received strategic investments from leading wireless and telecommunication groups. TimeSys products include TimeSys Linux/RT, Real-Time Java and SuiteTime family of tools developed for real-time embedded systems.

    Financial Results

  • EBIZ Enterprises Inc. (SCOTTSDALE, Ariz) announced that sales for its third quarter of fiscal 2000 ended March 31, 2000 were $2,223,655 compared to $4,062,451 for the quarter ended March 31, 1999.

    Linux At Work

  • AIG Direct (Philadelphia, PA) has signed a contract with LinuxForce to provide interim service and support for their E-commerce site.

  • The Department of Veterans Affairs, Acquisition Operations and Analysis Service (FAIRFAX, Va.) awarded a contract to PEC Solutions, to build and deploy information gateways. These gateways will be built on a Red Hat Linux platform.

  • NetNumina Solutions (BOSTON) announced it has built a `graduation destination' site for Boston-based start-up eGrad2000, using JavaScript, DreamWeaver, My SQL and Linux.

  • ObjectSpace (DALLAS) announced that it has provided Earthcars.com, a nationwide automotive Web systems provider, with B2B infrastructure products and consulting services. ObjectSpace's solution includes the Oracle database backed by the Linux OS in conjunction with Enterprise Java Beans for the core business logic.

  • Pervasive Software Inc. (AUSTIN, Texas) announced that Buylink, an on-line business-to-business marketplace for wholesalers and retailers of specialty consumer products, has chosen Pervasive's Tango 2000 Web application development environment on Linux to develop its site.


  • eOn Communications Corporation (MEMPHIS, Tenn) announced the resignation of J. Michael O'Dell as president and chief executive officer and as a member of the board directors. O'Dell cited personal reasons for his decision. David S. Lee, eOn's founder and chairman of its board of directors, will serve as interim CEO.

  • Linux NetworX Inc. (SANDY, UTAH) named Richard Schuh chief operations officer.

  • OpenSales, Inc. (SAN MATEO, Calif.) announced that it has used its recently acquired Series A funding to successfully attract Fortune 500 executives to the company's management team.


  • Dell (ROUND ROCK, Texas) said that since the introduction of DellHost in February, more than 2,000 small- and medium-sized businesses have chosen DellHost to reach their customers via the Web. Forty percent of DellHost customers are new to Dell, and 50 percent have chosen to host their sites with the Linux operating system.

  • Linuxcare, Inc. (SINGAPORE) announced the opening of its Singapore office, the appointment of Angus McDougall as its managing director for Asia Pacific, and a partnership with eLinux to be the primary provider in Singapore of Linuxcare University training courses.

  • Loran Technologies (OTTAWA, ONTARIO) announced its Linux-based Kinnetics management appliance won the Best of Show Award for Network Management at NetWorld+Interop.

  • Red Hat, Inc. (RESEARCH TRIANGLE PARK, N.C) announced it received the Computer Reseller News Test Center Editors' Choice award for Red Hat Linux 6.2 Professional Edition.

  • Schwartz Communications, Inc. (WALTHAM, Mass.) won an award for its campaign on behalf of Red Hat, Inc. called "Making Linux Mainstream: Going from the Weird to the Wonderful."

  • Software Publishing Corporation (SPC) (TEANECK, N.J.) unveiled Harvard Graphics Pro Presentations, a product suite for chart-intensive presentations. SPC is currently doing a feasibility study on the technical requirements, market opportunities and cost of development involved in creating a version of Harvard Graphics for the Linux operating system.

  • Survey.com (SAN JOSE, Calif.) completed a survey revealing that just under two-thirds of respondents (64.2%) identify Red Hat Linux as the primary open-source UNIX distribution used by their organization.

Section Editor: Rebecca Sobol.

May 18, 2000


 Main page
 Linux in the news
 Back page

See also: last week's Linux in the news page.

Linux in the news

Recommended Reading

Upside looks at the Digital Millennium Copyright Act from a critical point of view. "So, for example, while the 'anti-device' provision makes the distribution of the DeCSS utility illegal, the 'anti-circumvention' provision would make the very act of cracking the DVD encryption illegal. Of course, that's assuming you agree with the MPAA when it claims that the CSS encryption is an 'effective' technological copyright protection."

Bill Joy, Bob Fabry, Ken Thompson, Eric Allman, Kirk McKusick, John Gage and others involved in and responsible for Berkeley Unix, the legacy that has become FreeBSD, OpenBSD and more, are the topic of this Salon article, which is the next installment in Andrew Leonard's "Free Software Project" book. It is long, but full of fun, historical facts. "Unfortunately for AT&T, the version of Unix that the company was then pushing, System 5, turned out to incorporate large chunks of code originally written by BSD hackers -- including the TCP/IP stack. Berkeley released all its code under an extraordinarily liberal license -- basically, users could do anything they wanted with BSD code as long as they retained the University of California copyright. But AT&T had stripped the UC copyrights and begun marketing the software as its own. Hackers like McKusick were peeved. "

O'Reilly editor Andy Oram has written a pair of articles on Gnutella and Freenet. This one on the O'Reilly Network concentrates on the technology behind the two systems. "Freenet seems more scalable than Gnutella. One would imagine that it could be impaired by flooding with irrelevant material (writing a script that dumped the contents of your 8-gig disk into it once every hour, for instance) but that kind of attack actually has little impact. So long as nobody asks for material, it doesn't go anywhere."

A companion article on Web Review, instead, looks at the social and policy issues. "If you check my biography, you will see that I make my living selling content. I do not extend knee-jerk sympathy to systems publicized as ways to circumvent copyright enforcement. But investigating Gnutella, Freenet, and Napster, I have been pleasantly surprised to find that they're intriguing innovations in the best tradition of the Internet heroes."

Salon's Andrew Leonard reports on the Microsoft/Slashdot confrontation. "In contrast to other disputes involving copyrighted information -- such as the Napster controversy -- this particular tangle cannot easily be painted as one in which hackers are ripping off corporations or depriving artists of revenue. Instead, Microsoft is attempting to co-opt a popular public technology and, after having been confronted about that, is attempting to control the transmission of information revealing its actions."


CBC considers Corel's future after the failure of its merger with Inprise. "During and after a morning conference call with Corel officials, rumours swirled about the company's possible financing schemes and whether they would send Corel into a 'death spiral.'"

Upside looks at the demise of the Corel/Inprise merger. "To make matters worse, said Tera Capital's Stewart, Corel's options for raising short-term cash have grown exceedingly slim. Although the company has made an aggressive push into the Linux distribution business, Linux sales have actually fallen for the last two quarters as the company faces competitive pressure from established players such as Red Hat (RHAT) and Caldera (CALD)."

LinuxStockNews has a Rant and Rave column about Corel, followed by an interview with Dr. Cowpland. Dr. Cowpland was interviewed before the Corel/Inprise deal was cancelled. "Dr. MC - We are continuing to port our flagship products to Linux - including CorelDRAW and PHOTO-PAINT. The CorelDRAW Graphics Suite will be ready to ship in July ..."


Here's an article in Upside about OpenBSD and its mission to produce the most secure system possible. "Like craft brewers, [OpenBSD leader Theo] de Raadt and the OpenBSD development team prefer to let the software age a little, offering only two updates per year. As for graphic user interfaces and other user-friendly bells and whistles, de Raadt sees such decorative trimming as the cracker's best friend."

From Salon comes this history of 386BSD, the earliest of Intel-based BSD systems. "The Jolitzes had a very different style. Like Torvalds, they placed a premium on quality control, but unlike him, they seem to have tried to control quality by doing most of the work themselves. This inevitably made their release cycle slow, but it was also an implied snub to would-be collaborators -- who took their contributions elsewhere."


Here's an article in Upside about Slashdot's recent difficulties. "Nevertheless, the content deemed objectionable by Microsoft does walk the fine line between free speech and copyright violation, say some legal observers."

Wired News covers recent events at Slashdot. "The response from Slashdot regulars was fast and furious. In the first hour, hundreds of readers weighed in, many condemning Microsoft's action as another example of the company's desire to crush free-wheeling discussion in general, and the Linux community in particular."

Here's News.com's take on Microsoft and Slashdot. "Regardless of whether Microsoft is successful in getting the information removed from Slashdot, legal analysts say material that found its way on to the Internet may no longer be entitled to trade secret protections."

The Los Angeles Times talks about Slashdot. "The boys mix up an addictive blend of high tech and low culture. They might print a riff on robots you can build with Legos, or mourn the passing of Shel Silverstein, the grade-schoolers' poet laureate. But they devote their most obsessive attention to Linux, the computer operating system that was first written by Finnish programmer Linus Torvalds and continually improved by armies of volunteers around the globe."


AsiaBizTech has run this interview with TurboLinux CEO Cliff Miller. "As far as I can see, Japan has a 'boom culture' in which as soon as something becomes popular, it spreads very rapidly. That observation can be applied not only to Windows NT, but also to Macintosh products. At one time, Mac grew to command a whopping 15 percent to 20 percent share of the market here. I think there's a possibility that Linux will suddenly take off in a similar way. We can probably look forward to faster growth here than in the United States."

EE Times reports on the new SGI systems. "The SGI workstations will support Red Hat Linux 6.1, and SGI plans to also announce support for versions of Linux from SuSE GmbH and TurboLinux Inc."

The Ottawa Citizen follows up on the Puffin Group, which was acquired by Linuxcare late last year. "Sixty employees lost jobs, the chief executive was fired and a stock offering that would have made him a millionaire has been yanked. But Linux developer Christopher Beard says he and partner Alex deVries are not discouraged at the rapid fall from grace of Linuxcare Inc., a San Francisco-based company."

LinuxNews looks at Rackspace.com and its new office in Hong Kong. "The Asian office is a natural step in Rackspace.com's expansion outside the U.S. and London, where it established an office in January of this year."

EE Times talks with Michael Tiemann, Red Hat's CTO and founder of Cygnus. "'We're the largest company in Linux, but by no means do we have a majority of the market,' Tiemann said. 'The development of Linux is a little like a coalition government: You need 50 groups to cooperate, or the coalition collapses.'"

Here's an Upside article about Intel's interest in Linux. "Given Linux's enormous momentum in the server marketplace, however, Intel has taken steps to shake off its image as Microsoft's perpetual hardware sidekick. In addition to being one of the first companies to invest in Red Hat (RHAT) back in 1998, Intel has also forged partnerships with VA Linux (LNUX), TurboLinux and SuSE to give Linux engineers a sneak preview at the IA-64 architecture." There is also a piece about MontaVista's new office in Paris.

Tim O'Reilly has posted a followup to his article about Linuxcare after a conversation with Linuxcare CTO Dave Sifry. "Just as a man who wandered in a desert immediately sates his thirst upon finding an oasis, it is only after he has drank his fill that he realizes he is hungry. Our customers have begun to sate their thirst and are recognizing that open source software and the open source process can do a lot more for them than just email, file, print, web, and DNS! They are deploying open source solutions in datacenters, in telco closets, in ERP systems, and in embedded systems, to name just a few."

This IT Week column looks at Linuxcare and the changing face of Linux support. "One reason for Linux's popularity is that it can be much cheaper than alternatives. Linux is estimated to be up to 15 times cheaper than NetWare or Windows NT solutions in applications such as departmental file and printer serving. But lack of support can be a drawback."

CNet's article on Dell's recent higher-than-expected reported earnings per share has a couple of interesting points ... particularly if you tie them together. First, in explaining the higher earnings: "Dell attributed the strong quarter to sales of servers, storage and PCs associated with use and construction of the Internet."
Then, later on, they comment: "Overall, 2 to 4 percent of Dell computers ship with Linux, but in some markets, such as Internet companies and small or medium-sized businesses, about 25 percent of machines sold come with Linux. In government and research markets, the percentage goes as high as 50 percent, Dell said." Draw your own conclusions. (From LinuxToday).

The New Zealand Herald looks at a Linux deployment by the New Zealand government. "The Government's rental housing agency, Housing New Zealand, is about to shift one of its core financial applications to run on the open source Linux operating system. The change will bring possible savings of hundreds of thousands of dollars." (Thanks to Ian McDonald).

Information Week looks at Linux on the desktop and concludes that it's not quite there yet. "There are some incentives for moving Linux to the desktop. First, the price is attractive. IT managers can acquire the open-source operating system for little or no cost. Also, IT departments can modify or customize the open-source code of Linux to meet their users' needs. Perhaps most significantly, IT managers are seeing clear value in Linux's performance and stability."

ZDNet's John Taschek has returned with another inflammatory article. "Bob Young, chairman and founder of Red Hat, launched a personal attack that could only come from a person who has seen nearly $1 billion of paper wealth disappear in a matter of weeks. Perhaps I was wrong, and this industry is being beaten into a defensive trench by monopolies that push their agendas down everyone's throat, stifling nascent, struggling startups. No. What we have here is enormous hypocrisy."


Internet.com's ISP Planet offers this introduction to SSH. "If you're still administering *NIX servers over the Internet using rsh or telnet, stop. OpenSSH is an inexpensive improvement well worth the minimal effort required to install and configure it." (Thanks to R. McGuinness).

The latest in the series of tutorial articles on LinuxPapers is this one on dealing with syslog. "Even if you are only running your own Linux box at home, sooner or later you will face the task of having to solve some strange problems (PPP has stopped working, X is not starting anymore, and so on), where the only hint is some messages left in a log file. To prepare yourself for this, you should start peeking into log files right now, even if everything is working correctly (or, at least, that's what you think...)."

Here's an article in Test & Measurement World on writing data acquisition device drivers for Linux. "Linux gives you access to device drivers as if they were files. Linux users are accustomed to controlling a driver through shell commands and scripts. Therefore, your driver should include a minimal set of functions accessible using read() and write() operations at the Linux shell command." (Thanks to Jay R. Ashworth).

Brian Despain explains the importance of open standards and open source for anyone building an e-commerce system. "Not having the source code to your company's internal e-mail client isn't that important. Not having the source code to your e-commerce solution can prove devastating. For example, in June 1999, ICat, a division of Intel and at that time a leading e-commerce solution, informed its entire customer base that ICat would no longer be supported. ICat also informed these customers that they would be bound by the terms of their license and no source code would be forthcoming.

For the IT managers and CEOs who bet the safe on closed source, lost. For this reason, access not only to source code, but the ability to change source code is paramount."


Here's an article on LinuxNews on the Linux Internationalization Initiative's (Li18nux) Globalization specification, and its recent merger with the Linux Standard Base (LSB). "The group's efforts are designed to be open to everyone, and serve as formal proposals to the Free Standards Group (FSG), which announced its incorporation earlier this week. The FSG is a mind meld of sorts between LI18NUX and the Linux Standard Base (LSB), which are combining efforts toward creating a unified Linux specification."

The Wireless Developer Network interviews Eric Raymond. "Linux will be everywhere, in thicker or thinner disguises. Turnkey versions will run the appliances (and your cellphone and the web browser on your refrigerator door). Your 64-bit-monster PC will boot with a penguin logo into a desktop you won't easily be able to tell from Microsoft Office (except that it doesn't crash). You probably won't know how to get to the Linux underlayer on the PlayStation VI in your TV room -- but your kids will."

Monty Manley talks about why he's made the choice to spend his personal time actively developing on Linux, even though his day job is spent in the Corporate IT world, developing on NT. "As a programmer, I enjoy myself much more when I'm programming in Linux. There is no helpless sense of fatality as there is in Windows; in Linux, when a library or component breaks or does not work as expected, I can simply go in there and fix it. In Windows-land, I must live by the Band-Aid and the workaround. In Linux I can be assured that my software sits on a robust and well-tested base; in Windows, I can only pray that the system will stay stable for more than a week at a time."

John Perry Barlow, co-founder of the Electronic Frontier Foundation and Grateful Dead lyricist writes about Napster.com. "There's plenty of action in this zone, and since one of my current missions in life is to kill the music business and midwife the birth of the musician business and audience business, I'm keeping plenty busy."

The New York Times has run this John Markoff column on distributed network file distribution programs and the threats they pose to copyright protections. "Many computer industry executives contend that if the recording industry's suit against Napster succeeds, it will simply lead digital-music enthusiasts to use alternatives, like Gnutella and Freenet, which are even less open to copyright enforcement." The New York Times is a registration-required site. (Thanks to Paul R Hewitt).

This osOpinion columnist tells us what remains to be done for Linux to take over. "Please don't open the World Domination champagne before I can explain to my boss how to get things working himself."

Jerry Pournelle describes his experiences setting up a Linux server in this TechWeb article. "Outfits like Red Hat and Corel do try to develop documentation and user manuals, but they're always a few steps behind. It's hard to get bright people to work on things that don't interest them much. This problem is built into the open software movement and little can be done about it. Linux will always have more people working on code than documenting it."

From Terra in Brazil comes this anti-Linux column (in Portuguese). It brings out a lot of the old "no support" issues and such that were mostly dealt with years ago. Oh, by the way, it's written by Hélio Azevedo, the Windows 2000 marketing manager in Brazil. English text is available via Babelfish. (Thanks to César A. K. Grossmann).

Section Editor: Rebecca Sobol

May 18, 2000


 Main page
 Linux in the news
 Back page

See also: last week's Announcements page.



Dr. Bob's Kylix Kicks. Dr. Bob's Kylix Kicks is a news site dedicated to Inprise's "Kylix" product, which is Delphi and C++Builder for Linux.

TUCOWS.com Unix Themes site launches. TUCOWS.com (LWN's parent company) has announced the launch of its new Unix Themes site. It contains a large collection of themes ready for download, along with tools and components which may be used in the creation of new themes. Time to go dress up that desktop.


Germany addresses software patents and free software. Atul Chitnis, a frequent LWN contributor from India, is vacationing in Germany right now. He sent us a note about this conference (Babelfish translation) on May 18th, in Berlin, by the German government "on the political and economical aspects of software patents, during which they are also addressing the meaning and effects of free software, as well as its relevance to security in the IT environment."

Here is a followup in German (or in English) with information on planned participation by members of the Linux community. Best of luck to them.

Free Training and Testing for Linux at LinuxWorld. IDG World Expo announced that free "Boot Camps" and testing for Sair Linux and GNU Certified Administrator (LCA) Level will be offered for the first time at LinuxWorld Conference & Expo, August 14-17, 2000 in San Jose, CA.

Report from Windows World (Dublin). Donncha O Caoimh has posted a report (with pictures) about the experience of running a Linux booth at the Windows World expo in Dublin. It sounds like they had a good time.

Web sites

GeekTek, Inc. Launches YourOfficeGeek.com GeekTek, Inc. announced the new website of its IT consulting division YourOfficeGeek. This is a 'connect jobs with workers' sort of site.

User Group News

LUG meeting in Assen, the Netherlands The HCC department of Groningen will meet on May 24 in Assen, the Netherlands. The local Linux Users Group will meet then too.

Midland Bay City Saginaw Linux Users Group (MBSLUG) MBSLUG will be holding a night of public demonstrations of the Linux Operating System on Friday June 23, 2000 starting at 6:00pm at Barnes and Nobles Bookstore on Tittabawassee in Saginaw.

May 18, 2000



Software Announcements

Package Version Description
abook 0.4.6 An addressbook program.
Aegis 3.22 Transaction-based software configuration management system
Affiliate Ads 0.1-pre1 Reporting.net Affiliate Advertisement script - pre
Aileron May 15, 2000 Email client for WindowMaker, similar to NeXTSTEP's Mail.app
amSerialManager 1.0 Serial manager for paid software.
Anfy 0.92 A set of 40 Java applets for use in Web pages.
Another way to scroll another way to scroll 1.0.0 oldschool intro, p100, vga
Apache Compile Kit 6.0 A compilation kit for Apache with PHP and other modules.
apachedb 0.11 Logs Apache transfers into a mysql database.
Ape Ache 20000515 An Apache access_log file processor.
APG 1.2 A Java app that generates Web photo galleries.
Arping 0.2 ARP level ping utility.
atarux 1.0 Software and hardware designs to connect an atari 8-bit to a Linux box.
autostatus 1.2-beta patches A fast, hierarchical network monitoring system
AxKit 0.63 The Apache XML delivery toolkit.
Bastille Linux 1.1.0.pre1 A comprehensive hardening program for Redhat Linux 6.0.
BCLF 0.4 BCLF - Binary Common Logging Format
beecrypt 0.9.4 A cryptography library.
BetterC 1.0.0 Programming by contract support library for C/C++
bibmaster 0.2 BibTeX database manager
Bifrost Heimdal Tileable wallpapers
BigBrother news-script 0.9.5 Frontend for the news section of the German TV show "BigBrother".
Bind 8.2.3 T5B (RC3) Berkeley Internet Name Domain
binutils Provides programs to assemble and manipulate binary andobject files.
BIRD 0.0.0 A daemon for dynamic routing of IP and IPv6
BlackArts 1.1.10 arts is a system for creating quick knowledge bases from email messages
Bluefish 0.4 Gtk based HTML editor
bplay 0.8 A command-line large-scale-buffering OSS audio player.
brag 1.0.0 Download and assemble multipart binaries from newsgroups.
buffer 0.8 A large-scale command-line general-purpose data buffer.
bzip2 1.0.0 Very high-quality data compression program
Cannon Smash 0.3.9 3D tabletennis game
Castor 0.8.5 Java to XML binding, Java Data Objects (O/R) and DSML.
CCCC 3.pre37 A source code metric analyzer for ANSI C, C++, and Java.
ccirc 0.98 An irc client written in shell scripts and telnet.
ccsh 0.0.4 C language based scripting language
cd cover creator 0.9 Creates covers for CDs
cdd 0.1.3 A CD drive controlling program in assembly language.
CDDB 0.9 This module/script gets the CDDB info for an audio cd
CDDB.py 1.1 Audio CD track title access in Python via CDDB
centerICQ 2.11.5 A textmode-based ICQ clone for Linux.
cksfv 1.0 Simple File Verification program. Does crc32 checksums on files.
ClusterNFS 0.90 Enhanced NFS server.
coco 0.2 Country code functions for PHP developers.
Common UNIX Printing System 1.1b4 Internet Printing System for UNIX
CoreLinux++ 0.4.21 A set of C++ class libraries to support common patterns in software development.
Courier 0.20 ESMTP/IMAP/POP3/Webmail server.
CSCMail 1.6.1 Gtk E-Mail Client written in Perl
cscope 15.0bl2 A text screen-based source browser.
CTSim 0.5.3 A computed tomography simulator.
DACT 0.3.21 Dynamic Compression Routines
deborphan 0.1.3 A Debian orphaned library finder.
DG Printer Setup 1.0.3 Printer installation and configuration tool for Caldera OpenLinux.
DiaryChat 1.0 Chat server software.
dircproxy 0.5.4 A detachable IRC proxy with logging support.
DIRT 0.6a Dynamic Image Rendering Technology.
DNSMan 0.41 Web-based DNS zone administrator.
Double Choco Latte 20000515 Software Configuration Management/Bug/Enhancement Tracking Software
Downloader for X 1.16 Downloads files from the Internet via both FTP and HTTP
dsniff 2.0 Sniffing utilities for network security testing.
E-Forecast 0.1 Weather forecast in an Epplet
EasyTAG 0.4 A utility for tagging MP3 files.
Eddie (Essential Distributed Diagnostic and Information Engine) 0.22 A monitoring and system information gathering tool.
eEMU 3.0 System and Application Monitoring Package.
EHeadlines 1.4.1 Root Menu news system.
EiC 4.2.7 A bytecode C interpreter/compiler
Email Security through Procmail 1.110 Email filter to remove remote security exploits of email clients
EnRus dictionary tools 1.0-000517snap Tcl/Tk scripts for manipulating textual (plain or gzipped) dictionary base.
Etherboot 4.6.1 Source code for making TCP/IP boot ROMs to boot Linux and other OSes.
EVBU 0.3 A simulator for the 68HC11 and EVBU.
ExecTrace 0.1 Linux only debugging tool
Expresso Framework 1.05 A library of extensible Java components for building Web applications.
fairsched 0.43-2.3.99-pre7 A fair CPU scheduler for Linux.
faqprocessor.cgi 0.6 Simple but powerful tool for posting FAQs on the Web.
feh 0.9.0 Fast image viewer / indexer / montager which uses imlib2.
FileRunner 2.5.1 simple and efficient filemanager
floppyfw 1.0.4 A Linux firewall on a single floppy.
Foundation 0.1 A real-time multi-player space conquest game.
Freeclient 0.5.2 Freenet cli client and library written in C.
FTX 1.1b8 A text editor for Url Encoded Text.
FunnelWeb 3.2 Literate programming tool
Fusion GS 1.36 Telnet BBS-like system.
FutureSQL Web Database Administration Tool 1.3 A web database administration tool.
g-page 0.10 Sends text messages to wireless receivers (pagers).
Gameboy Development Kit 2.94 Development kit and C compiler for the Nintendo Gameboy
gdbm_primitive 1.13 Shell primitives for working with GDBMs.
gdgl 0.1 Gwydion Dylan OpenGL bindings.
getquotes 1.03 Get and cache stock quotes from Yahoo Finance.
ghydraulic 0.2.1 Hydraulic network analysis software.
gIDE 0.3.0 GTK-based Integrated Development Environment for C
GiNaC 0.6.0 A C++ library for symbolic calculations.
Gini 1.0 A Jini clone.
GKrellM 0.9.9 System monitor package
gLife 0.2.1 An artificial life simulator that tries to emulate an artificial society.
gmanedit 0.1.1 A GNOME/GTK man page editor.
gnewt 0.06 A Newt-compatible, GTK+-based library.
gnome seti_applet 0.2.2 Gnome applet which displays the state of a seti@home process.
Gnome Toaster 0.4 2000-05-13 create CDRs the easy way with Gnome/Gtk
gnome-find 0.2 An easy-to-use GUI of find.
gnomerar 0.3.6 A GUI frontend to rar.
GNU Parted 1.0.15 A partition editor, for creating, destroying, resizing and copying partitions.
Gnumeric 0.53 Spreadsheet, a new foundation for spreadsheet development, part of GNOME
gnuvoice 1.0.1 Voicemail/speakerphone/caller ID program
GooseEgg 0.0.19b OpenGL 3d Modeler for various game models.
grepmail 4.40 Searches a normal or gzipped mailbox for a given regularexpression
Grin 0.1.1 A news and email client for GNOME.
gShieldConf 0.2 A tool for editing gShield configuration files.
GtkAda 1.2.7 Ada95 toolkit based on GTK+
GtkExtra-- 0.6.2 C++ wrappers for GtkExtra, for use with Gtk--.
GTKeyboard 1.1 Graphical Keyboard for the physically disabled
GtkHx 0.3.9 A GTK+ Hotline client.
gtkmail 1.0.2 gtk-- mail client
gtv 0.07 A program for looking up German television shows.
gView 0.1.14 GTK/ImLib Image Viewer
gViewConfig 0.8 GTK system information program
Gxrio 0.06 A graphical Rio utility.
hagelslag 0.5 A Gnutella clone.
Hollywood Plus/DXR3 Linux Drivers 0.6 Linux drivers for the Hollywood Plus and DXR3 DVD decoder boards.
HtmlHeadLine.sh 3.1 Script that automatically fetches news headlines.
Hu-Go! 1.23 A PC engine emulator.
ICQd 05142000 An ICQ message sender and receiver.
id3lib 3.7.8 An ID3v1/ID3v2 tagging library.
IDS 0.22 CGI that produces image galleries on-the-fly.
infested/x 0.95a4 A script for x-chat.
intel2gas 1.3.2 A converter between the NASM and GAS asm format (Intel/AT&T)
Internet Document and Report Server 1.1.2 An Internet-based report server.
ipmkchains 0.13 A Linux Firewall Chain Manipulation Tool.
iptables 1.1.0 A Linux kernel packet control tool.
irclog2html.pl 1.5 IRC log file colouriser.
ISDN Router 0.68 A masquerading ISDN router on one disk.
Jacal 0.03 Linux and NT automated installer
Java Test Driver 2.0 Test driver for Java class libraries
JAZZ++ 4.1.3 Beta An audio-capable MIDI sequencer.
Jellybean 0.07 A Perl Object Web server.
JFS for Linux 0.0.7 The IBM JFS source code.
JoCaml beta-2000-05-15 A language for distributed programming based on OCaml.
juice 0.03d User friendly dialog-based frontend for mpg123 and other players.
Jungle Monkey 0.1.6 A distributed file-sharing program.
Kard 1.1 An educational game for very young children.
KBabel 0.5 Easy-to-use PO-file editor with many features.
kcmdhcpd 0.2.9pre A configure program for the ISC DHCP-Server for the KDE-project.
Kit Client 1.0b6 KDE-based client for the AOL Instant Messenger (AIM) service.
KMatrix 1.2 A KDE animated background based on The Matrix movie.
Kmerge 0.2 A KDE utility to diff and merge files.
Kniffel 0.1.1 KDE-Game
Knight Rider MP3 Player 0.8-1 An interactive car MP3 player.
Komba 0.2.6 Samba share browser
kruiser 4.0 second release Win95-like file manager for KDE with many features
KSEG 0.2 A geometry exploration program like Sketchpad, Cabri, and Cinderella.
kShowmail 0.3 Watch and delete mail on POP3 servers.
KSI Scheme 3.2.2 An implementation of the Scheme programming language
KUnit 0.1.2 Unit converter
KWav2CD 0.4 A CDRDao frontend to create audio CDs from .wav files.
Lago 0.5.2 A portable, multi-threaded database.
librhttpr 0.5.8 HTTP request library
Lilo 21.4.3 Linux boot loader
Linux Intrusion Detection System 0.9.4 Linux Kernel-Based Intrusion Detect System
Linux SMBus BIOS driver 2.2.14-5 Linux device driver to call an SMBus BIOS.
Linux Trace Toolkit 0.9.2 Catalogs system events in minute detail.
Linux-SRT 3.1 A real-time system for Linux.
Linuxconf 1.18r3 Sophisticated administrative tool
log4j 0.8.4d Fast and flexible logging tool written in Java.
Login.pm 0.2 Website authentication and session tracking system.
logmanage 1.99.5 a tool for managing web statistics for multiple users
Lout 3.21 Document formatting system
Market 0.3.0 A stock market simulation PBeM game server.
mbackup 0.3 Modular backup client/server
mergetrees 0.9.0 Three-way merge of directory trees
METAGRAF-3D 1.0.2 A graphical editor for MetaPost.
mfm 1.5 A graphical frontend for mtools
MIND 1.00 DICOM query/transfer tool
miniWeb 0.2 A Web application server intended to run CGIs as root.
minordomo A minimalistic mailing list manager
MixMagic 0.1.3 A hard drive sound mixer for GNOME.
mkrdns 1.6 Program to automatically generate reverse DNS zone files (PTR records)
mod_layout 1.7 Layout module for Apache.
mod_litbook 1.0.9 Experimental design in referencing www documents.
mondo rescue 0.958 Generates bootable rescue CD ISOs.
moon-buggy 0.5.1 A game in which you drive a car across the moon.
Moonshine 1.1.3 An application development environment for Linux.
MozGlade 0.2.1 Interface to Mozilla rendering engine using libglade
mp3_check 1.6 A utility which analyzes MP3 files for errors and standards conformance.
mpatrol 1.2.0 A library for controlling and tracing dynamic memory allocations.
MRTd 2.2.2a Routing protocol daemon (BGP, RIP, OSPF) and tools
mtv A realtime MPEG Video+Audio player
MTX 1.2.6 program for controlling the robotic mechanism of DDS autoloaders
multiform 0.06 handler for multi-page HTML forms
Muttdb scripts 0.0.1 Scripts to access a mysql database from mutt.
MySQL 3.23.15 SQL (Structured Query Language) database server
mysql_to_rdf 0.0.1 PHP Class to generate a Netscape channel from MySQL database items.
nail 9.11 A MIME-capable version of the Berkeley Mail user agent.
nano 0.9.7 Pico editor clone with enhancements.
nbsmtp 0.3 A config-free simple SMTP sender.
NeoMail 0.97 A Web-based interface to user mail spools on a system.
neon 0.1.0 HTTP and WebDAV client library
NetPBM 9.2 The classic image manipulation/conversion utils
Nope 0.9.6 Lightweight Zope/Slashdot style interactive website engine.
note 1.0.5 commandline note tool
nwrk-matrix 0.9.2 Simulates The Matrix code.
oe2mbx 1.0 Windows Outlook Express 5 mailbox to standard Unix mailbox convertor.
oMail-Webmail 0.94.1 Webmail solution based on qmail and optionally vmailmgr.
OpaL Away Message Generator 0.1.1 An away-message generator.
OpaL Repository Maintainer 0.0.3 A repository maintainence tool.
Open Motif Everywhere 2.1.30 A distribution of the Motif GUI toolkit built from The Open Group official sourc
OpenGUI 2.30 A very wonderfull C/C++ graphics library
opennap 0.26 An open source Napster server.
OpenWeasel Portal Toolkit RC1 Modular PHP3 toolkit for constructing web portals
Oregano 0.15 Schematic capture and circuit simulation application
Overflow 0.1.2 A visual scientific programming environment.
PACT 0.9 SNMP accounting tool.
Paralogger 0.89 Script to ease the process of setting up a root tail window
PatentMailer 1 Scripts for Retrieving and E-mailing Patents in PDF Format (CGI)
PCPMON 1.2.0 Graphical monitor for performance monitoring tool PCP
PDScanner 0.99.0 A GNOME port scanner.
peep 0.5.3 A network-file-stdio connectivity utility.
pgDBAPI 0.2 A Postgresql driver for Python.
Phonebook.php3 1.1 A sleek company phonebook written in PHP3.
PHP Helpdesk 0.02 A PHP helpdesk with a MySQL backend.
phpMyChat 0.11.0 chat system based on PHP and MySQL
phpOpenCounter 2.1.0 A versatile and efficient site and visitor-tracking system.
phpProjectManagement 0.1.1b Web-based project management.
phpShop 0.3 E-Commerce System based on PHP and PHPLIB.
pi-address 0.3.5 X11 based Address Manager for Palm Pilot Address DB
pic-o-week 0.1 beta 1 Provides a web tool to include "picture of the week" images.
PIMd 2.1.0-alpha28 A PIM-2 Multicast Router.
PIMP 2.51 A Web mail client.
pip 0.2 Make any program a filter.
PKlinux-mini 1.0 Mini linux distribution
png2html.php 0.2 PHP script that takes a png image and outputs an html version of it.
POSIX ACLs for Linux 0.6.0-pre17 Kernel patches for ACLs, Ext2 file system implementation, and user utilities
Postfix 19991231-pl07 The Postfix MTA
PostgreSQL 7.0 Robust, next-generation, Object-Relational DBMS(ORDBMS)
PostgreSQL JDBC Driver 7.0 JDBC driver for the PostgreSQL DBS
Postlister 1.10 A feature-rich PHP/MySQL mailing list program.
PowerPak 2K0511 An attempt at a high-level game SDK
PPPStatus 0.2.1 console-based PPP status monitor
PresTiMeL 20000511 A tool to create HTML presentations.
printerdb-utils 1.3-1 Editing functions for RedHat's printerdb configuration file.
Probe 0.01 Website-usage analysis tool
projectr 1.0a Perl slide presentation software.
Prometheus-Library 3.0 Object-oriented PHP API
PyBiff 0.1.3 Extensible email monitor.
Pybliographer 1.0.0 tool for bibliographic databases manipulation
QCL 0.4.0 The Quantum Computation Language.
qperfmeter 1.0.1 performance meter for linux based on Qt and libgtop
Qt Architect 2.1 A GUI dialog designer for the Qt widget set.
QtChat 0.9.5 A Yahoo! chat client for X-Windows.
QtEZ 0.91.1 Qt based rapid application development environment
Quanta Plus 1.0.2 A web editor for KDE supporting HTML and more.
QUB 0.2.8 A front-end for playing any boardgame on your computer.
quickedit 0.1 Simple sound editor for KDE.
Quosack 0.2 Remote service checker with pager notification.
qwen 3.03c Energy levels and wave functions of semiconductor quantum wells.
RealTimeBattle 1.0.4 RealTimeBattle, a robot programming game for Unix
recycle-logs 1.03 A log file recycling/rotation manager.
Red Escolar Linux 1.0-10 Modified Red Hat for GNU/Linux schools in Mexico.
Report Magic for Analog 1.42 Create tabular reports and graphs from Analog web statistics.
Rhyming Dictionary 0.3 A rhyming dictionary.
ripit 1.7 Front-end for Ripping/Encoding/Tagging MP3s
RMC 0.60 A MUD client for X.
RotNN.py 1.0 Python library to do rotational encryption (rot13, for instance)
rxvt 2.7.3 A VT102 emulator for the X window system
Sablotron 0.35 XSLT processor
SaveBuddy 0.1 SaveBuddy saves the buddylist on signoff.
sawfish.el 1.16 Emacs mode for editing sawmill code and interacting with sawmill
ScanErrLog 0.8 Apache Error_Log parser and presenter.
Seawall 3.0 An easy-to-configure, ipchains-based firewall/gateway.
SecurityFocus Pager 3.0 Release Candidate 1 An application for tracking content and vulnerabilities posted to SecurityFocus.
Sendmail 8.11.0.Beta1 Powerful and flexible Mail Transport Agent
senso 0.5 A little game just to have fun.
Sensor Sweep Applet 0.19.2 A GNOME panel applet that monitors system health through the lm_sensors modules.
Shadowlands Forum 1.9.4-devel26 Low-resource, robust, friendly telnet chat server with authentication
Shiva 0.2.0 A Java Instant Messaging package.
si 0.9 /proc system information viewer
Siag Office 3.3.6 Free office package for Unix
simscomputing.Open Source 0.10 A web application for announcing Open Source Java packages.
Sirobot 0.11.23 A Web fetch tool similar to wget.
SkinLF 0.2.2a A skin "Look And Feel" for Java Swing
slashem 0.0.6E1F2 variant of the Rogue-like console game Nethack
slen 2.02b Kronig-Penney calculation for semiconductor superlattices.
Smart BootManager 3.1-1 A OS Independant boot manager.
smunge 1.3.2 An LDAP enabled POP3 proxy for load balancing/redundant clusters.
SocratEase 1.7 Web-based training package for building, delivering and tracking online courses
Solid POP3 0.15 an implementation of a POP3 server.
Soma 0.79 A Multithreaded HTTP/1.1 webserver written in Java.
Sonize 0.6.2 An mp3 sound organizer.
Soupermail 1.0.7 Generic form to email handler
spam.pl 0.17 Perl script for sending automatic complaints on spam
spliff 1.0 A GUI mail watcher inspired by TkRat's Watcher utility.
Spruce 0.6.5 Simple email client coded for X with the Gtk widget set
SQL Relay 0.8 Oracle database connection daemon and API.
Squid 2.3.STABLE3 High performance Web proxy cache
SquirrelMail 0.4 A PHP4 Web-based email reader.
ssh-gui 0.7.0 SSH GUI front-end and configurator
stats.cgi 4a Perl script for web site statistics
Stereograph 0.19.1 A powerful truecolor stereogram generator.
StockTracker 1.6 Stock Tracking tool for X-windows.
SWARM 0.26 Simulation of an ARM processor in C++.
Sweep 0.0.9 A sound wave editor.
Tcl/Tk 8.3.1 A portable scripting environment for Unix, Windows, andMacintosh
TCPDUMP Filter 2.0 A program to filter the output from tcpdump and display it as ASCII.
tcpstat 1.2 Displays network interface statistics.
TeXmacs 0.2.4g W.Y.S.I.W.Y.G. technical text editor
tgw 2.8 A tcp gateway.
the Anomy mail sanitizer 1.9 An efficient filter for sanitizing email messages.
The Gimp 1.1.22 The GNU Image Manipulation Program
The Romalizer 0.60 A Tcl script to analyze your MAME roms and report errors.
Thorn 0.1.a1 UML Modeling Application
TileLib 0.4 Allegro graphics library for tile based games.
tinc 1.0pre1 Virtual private network daemon
tipa 0.6.24 International Phonetic Alphabet fonts for TeX
Toaster 0.8.9 C program testing tool for working with gdb.
TORCS 0.0.20 A 3D open racing car simulator.
tsocks 1.4 Transparent SOCKS proxying library
Turquoise SuperStat 1.4 A statistics program for Fidonet and Usenet message areas.
twin 0.3.1 A text-mode window manager and terminal emulator.
UdmSearch 3.0.15 Fast WWW search engine for your site
unarc 0.2.1 Unpack archives into their own directory.
UnrealIRCd 3.1-beta2 An IRC daemon with numerous new features and optimations.
User-mode Linux 0.23-2.3.99-pre8 User-mode port of the Linux kernel
util-linux 2.10k Miscellaneous system utilities
Vanilla 0.3.6 An extensible WikiClone written in REBOL.
vbs 0.9 Make mail attachments unexecutable.
VCDpad 0.7 Pad VCD MPEGs to be usable with vcdtools.
VectorLinux 0.5 A small fast linux distribution.
vgrabbj 0.4.0 A framegrabber for cameras and other video devices.
Vide 0.2.6 File manager with vi keybindings
ViewCVS 0.5 Tool for viewing CVS repositories using a Web browser
Virtual X68000 X68000 emulator
VTun 2.2 Virtual Tunnels over TCP/IP networks.
Wallpaper Control 0.1-1 BETA A graphical wallpaper manager.
Watchdog Service Cluster A modular multiple-platform High Availability system.
WebAccountant 0.1alpha New open source project to develop a quality web-based accounting system.
WebEvent Calendar 3.3 WebEvent is web calendar software for your web site.
webfs 1.2 Lightweight HTTP server for static content
Website META Language 2.0.0 Webdesign HTML-generation toolkit
WIMS 2.23 Interactive Mathematics Web Application Server.
WMKeyboard 0.41 A keyboard map manager.
wmlm 0.99c Dockapp to monitor lm_sensors
wmswallow 0.6.1 A WindowMaker dock applet that makes any application dockable.
wmtheme 0.6.6 A window manager theme utility.
WN 2.3.9 A simple, robust Webserver whose design emphasizes security
WorldForge::Atlas-C++ WorldForge::Atlas 0.2.3 A C++ implementation of the network protocol Atlas used by WorldForge.
WorldForge::Cyphesis 2000-05-04 AI/ALife server used by the WorldForge project.
WorldForge::Uclient 0.7.4 2d client for WorldForge
WorldPrint 1.10 A filter for Netscape to print non-latin1 pages using true type fonts.
WPC 0.2b web password security checker
WreckedNet IRCd 1.2.1 WreckedNet's DreamForge-derivative IRCd.
Xclasses 1.0.0 C++ layout library for the X Window System
XCmail 1.1 MIME and POP3 capable mailtool for X11
XDBM 1.0.16 Database Manager designed specifically to hold XML data
Xdialog 1.4.3 An X11 version of cdialog.
XEmacs CHILL Mode 20000506 XEmacs CHILL Mode
xIrc 2.3.4
Xmame/xmess 0.37b2.2 The Unix version of the Multiple Arcade Machine Emulator
XMMS-Shell 0.2.1 Control XMMS from the command line.
Xplanet 0.60 An Xearth wannabe
Xplot 0.2.0 A simple XY dataset grapher built with GTK.
XPLSISNJASP 0.7 An XMMS plugin for a light show via parallel port.
xscorch 0.1.1 Annihilate enemy tanks using overpowered guns.
xterm patch #133 A terminal emulator for the X Window System
Xterminal 1.0.3 Object Oriented User Interface with a client-serverarchitecture
XTux May 11 Humorous Arcade game for X
Yard 2.0 A suite of Perl scripts for creating rescue disks for Linux
ZenToe.cgi 0.-1.20000514D A Slashdot-like WebChat using only Perl.

Our software announcements are provided courtesy of FreshMeat


 Main page
 Linux in the news
 Back page

See also: last week's Back page page.

Linux links of the week

Are you curious about the occasional references to the "Wiki Wiki Web" or just "Wiki"? Wiki sites take a new approach to web pages by allowing anybody to make changes to any page on the site. Wiki sites are thus truly cooperative developments. It sounds like a recipe for chaos, but, thus far, it seems to work fairly well. See the original Wiki Wiki Web site at the Portland Pattern Repository for a starting point. Have some patience at the beginning, getting started with Wiki takes a bit of effort. See also the ZWiki site for a Zope-based implementation.

For a distinctively read-only experience, instead, William Gibson's classic novel Neuromancer is online.

Section Editor: Jon Corbet

May 18, 2000



Letters to the editor

Letters to the editor should be sent to letters@lwn.net. Preference will be given to letters which are short, to the point, and well written. If you want your email address "anti-spammed" in some way please be sure to let us know. We do not have a policy against anonymous letters, but we will be reluctant to include them.
Date: Thu, 11 May 2000 10:49:17 +0100
From: kevin lyda <kevin@suberic.net>
To: Nathan Myers <ncm@cantrip.org>, letters@lwn.net
Subject: proprietary distros?

Nathan Myers wrote:
> Perhaps once Potato is out, Debian will just take over the world; 
> then all those people working on proprietary distros can go home and 
> do something productive instead. :-)

huh?  one of the most propreitary distro's i know is corel - based on
debian.  mandrake is based on redhat, and seems quite open.  redhat's
distro is gpl'ed so people are free to copy it (like mandrake and a
number of other distro's outside the states).

redhat for one has done a great deal to increase the amount of gpl'd code
available, including but not limited to their own distribution.  to call
mandrake and redhat [proprietary] is a disservice to the entire free
software community by watering down the true meaning of propreitary.

kevin@suberic.net       "we were goin' for breakfast.  in canada.  we
fork()'ed on 37058400    made a deal: if she'd stop hookin', i'd stop
meatspace place: home    shootin' people.  maybe we were aiming high."
                                                   --porter, "payback"
Date: Thu, 11 May 2000 13:29:03 -0700
To: letters@lwn.net
From: Peter Lawson <peter.lawson@noaa.gov>
Subject: LoveBug "virus"

As a biologist, I see an obvious analog to the epidemic of LoveBug
infections.  In agriculture, large fields of genetically identical plants
are vulnerable to novel diseases precisely because there is no variability
among the plants. Each is equally vulnerable and each spreads the disease
in the same way.  The large population of Windows computers running Outlook
is a monoculture, just as large fields of corn or soybeans may be.  A
virulent virus spreads rapidly through the fields of Outlook just as it
would spread through a field of corn.

Nicholas Petreley comes closest to suggesting this analogy in his
LinuxWorld article when he pointed out that linux users are less vulnerable
to this kind of attack because there is so much variety in the mail
programs we use.  The problem is clear -- Microsoft has suppressed
variability in the software world with its monopolistic practices,
rendering the largest segment of the community vulnerable to relatively
simple attacks.  The solution is also clear -- do whatever it takes to
allow variability in software to flourish, as it would in a fair,
competitive environment.  This is the best evidence I have seen of the harm
that the Microsoft hegemony is causing in the computer world.


Peter Lawson
Date: Thu, 11 May 2000 13:05:58 -0700 (PDT)
From: Colin Kuskie <ckuskie@cadence.com>
To: lwn@lwn.net
Subject: Programs that run random code

  It is fair to say that no self-respecting open source project would
  intentionally put out software which would run code from random
  users on the net.

This quote, from the main page of the May 11, 2000 Linux Weekly News
is a little inaccurate.  Perhaps it's picking nits, but I'll give a
couple of examples:

- I'm pretty sure that Mozilla runs Javascript, which is code from
  random users on the net.  Likewise with Java.  And I don't think
  that anyone really believes that either is as secure as they

- Macro capabilities inside the open-source spreadsheets and word
  processors are just as dangerous.  Imagine if you could get root
  to run a Gnumeric spreadsheet with Scheme/Python/Perl bindings.

- Script-Fu for Gimp.

- The TCL browser plug-in.

Now, arguably later on you do say:

  It is true that Linux is highly unlikely to be caught by such a simple,
  email-borne bit of nastiness. But nobody would claim that Linux systems
  are 100% free of vulnerabilities.  A suitably talented malware author
  who wanted to shoot down some of those smug Linux people would not have
  that hard of a time creating an embarrassing incident

I would say that the immunity of Linux users comes from another
source.  We have an innate distrust for closed source.  It's my opinion
that most Linux users would actually read the source to executable code
before executing it, especially if it's a small attachment to an

As our user base expands, that will no longer be true.  It will be up
to us to educate and to guarantee that the applications that they use
will by default protect the user, at the cost of not having embedded
spreadsheets and HTML in our email.  Aside from the fact that embedding
those things in email is stupid, it's a small cost compared to the
estimated six billion dollars in damage from ILOVEYOU.

Colin Kuskie

Date: Fri, 12 May 2000 11:40:26 +0100
From: Edmund GRIMLEY EVANS <edmundo@rano.org>
To: letters@lwn.net
Subject: Linux viruses

There was an entertaining discussion in the mutt-dev mailing list
about how Linux can be made to support viruses just as well as
Microsoft. Thomas Roessler suggested one recipe, which can probably be
adapted to work with mail clients other than Mutt (www.mutt.org):

  application/x-sh; sh %s; copiousoutput

  auto_view application/x-sh

I hope I am right in assuming that no reader of LWN is sufficiently
stupid to actually use this recipe ...

Date: Thu, 11 May 2000 13:29:11 -0400
From: Pierre Baillargeon <pb@artquest.net>
Subject: Re: The trouble with redirects
To: letters@lwn.net

At the end of the article you mention that fixing the problem would "not 
be an easy problem to fix; it's buried pretty deeply in the structure of 
the web."

Well, the the fix may be better applied on the other side of the web: 
the browser. Wouldn't it be trivial just to ask the user approval for 
redirection, just like it is currently possible with cookies? Browsers 
could even detect that the URL contains a submission and only request 
the approval for such requests.

By putting the fix in the hand of the users, security conscious people 
can actively defend themselves against site which refuse to implement 
the proposed fixes. A knowledgeable coder could put this idea in 
practice in Mozilla now, providing yet another example of the benefits 
of free software: the possible quick response-time to a security problem.

From: "Chris Adams" <chris@improbable.org>
To: "letters@lwn.net" <letters@lwn.net>
Date: Thu, 11 May 2000 18:13:56 -0700
Subject: Re: The trouble with redirects

Hash: SHA1


"The folks at Digital Creations have, in the process of tracking down a
security problem with the Zope application server, turned up a security
difficulty with the web as a whole. Given the way the web and
authentication-based sites work, a suitably unpleasant attacker could,
through the use of HTTP redirects and (perhaps) malevolent Javascript code,
cause actions to be taken on your behalf simply by getting you to look at
the wrong web page. The implications of this problem are stunning. Expect
to hear more about it in the near future. "

It's probably easier than we'd like to exploit. If the attacker can figure
out the URL to use (which is easy if you don't have a home-grown system)
they just need to get you to look at something while logged in; this is
particularly easy if we're talking about sites like Slashdot.org or
kuro5hin where they receive hundreds of unknown URLs every day.

Fortunately, the fix is extremely simple - probably a single line of code.
Basically what needs to be changed is the use of predictable form
parameters. The easiest solution is to require the use of a session
variable in the form data (e.g. "Confirm=$RANDOM_SESSION_VARIABLE" instead
of "Confirm=Yes"); I added this to some PHP scripts in a single line of
code. If this is done, there's no way to construct the redirect in such a
fashion that an action will be made automatically since the browser never
sends the attacker's server the cookies stored by the trusted server. Using
the session  identifier cookie's value is the easiest way as it requires no
changes other than the check and the value must be unguessable in any case
(or an attacker could directly hijack the session); more paranoid folks
would use a random session variable.

Chris Adams

Version: PGPsdk version 1.7.1 (C) 1997-1999 Network Associates, Inc. and its affiliated companies.


Date: Fri, 12 May 2000 20:28:46 -0700
From: Carl Thompson <cet@carlthompson.net>
To: lwn@lwn.net
Subject: Re: The trouble with redirects

Linux Weekly News wrote about the browser redirect security problem:

> ...

> This will not be an easy problem to fix; it's buried pretty deeply in
> the structure of the web.  Short-term fixes can include user training
> (always log out immediately), defensive server measures (look at the
> referrer header, time out logins aggresively), or HTTP fixes
> (specially mark redirects or Javascript-submitted requests). None are
> perfect, and none can be implemented immediately.

This is not accurate.  HTTP redirects are handled by the client software
(browser).  When the client requests a web page from a server, the server
can return a web page that has a "302 redirect" message in its headers. 
(The body of the returned page would typically say that the requested page
has moved elsewhere.  However, the body is usually not seen because the
client sees the redirect and automatically loads the page specified by the
redirect instead.)  What this means is that this problem can be very easily
fixed by fixing clients (browsers) to do any of the following:

* Ignore redirect messages
* Don't send authentication or cookies to pages to which the client
  was redirected
* Pop up a warning box for all pages that are redirected
* Pop up a warning box only for pages that are redirected to pages
  that require authentication or cookies

All of these are relatively trivial modifications to the client software
only that can be implemented immediately.  No HTTP protocol or server fixes
are necessary.  The problem is definitely not "buried pretty deeply in the
structure of the web."

Having read the article at


it's clear that the true problem is the author's insistence on attempting to
find a server side solution to a client side issue.

> ...

Carl Thompson
Date: Thu, 11 May 2000 21:28:18 -0500 (CDT)
From: Dave Finton <surazal@nerp.net>
To: letters@lwn.net
Subject: Where mp3 users and businesses have it wrong

MP3 and/or similar formats have the potential to flip the entire media
industry on its head.  It's no wonder the lawyers have come out
a'marching.  Scarcely a day or week goes by without some major new
development about such-and-such a band suing so-and-so mp3 company.  How
can we fight this, when the current state of laws lean heavily towards the
copyright holders?

The problem is our insistence of taking old media and converting it over
to the new.  The old media doesn't want to give up their current
position.  So why force them?  What we should be doing it creating
original content (lots of it) and distributing that through these brave
new formats.

It would be the best strategy to follow because 1) the media companies
can't sue when they don't own the copyright of the distributed content in
the first place and 2) the DMCA would protect the new media just as
effectively as the old.  If this strategy were followed to the point of
critical mass (much like the internet did) the new media would simply
supplant the old in a manner similar to how the internet is slowly
supplanting newspapers and TV today.

One way to do this would be to encourage independent labels to jump on
board.  MP3.com and napster both have been moderately successful in
signing up some bands; let's continue the trend.

At any rate, it sure beats a no-holds-barred lawsuit.

                          - Dave Finton

P.S. I know this isn't directly related to Linux but the open nature of
mp3's lend themselves to being the favorite format of open source
enthusiasts (as well as many other people as I've seen in my
experience)... and it's definitely an important matter when the DMCA is
involved no matter what.  So I apologize for being somewhat
off-topic.  :^)

| If an infinite number of monkeys typed randomly at    |
|   an infinite number of typewriters for an infinite   |
|   amount of time, they would eventually type out      |
|   this sentencdfjg sd84wUUlksaWQE~kd ::.              |
| ----------------------------------------------------- |
|      Name:      Dave Finton                           |
|      E-mail:    surazal@nerp.net                      |
|      Web Page:  http://surazal.nerp.net/              |

Eklektix, Inc. Linux powered! Copyright © 2000 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds