| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for September 26, 2002A new era for LWN When the plans for LWN.net were being laid, back toward the end of 1997, we (Liz Coolbaugh and Jonathan Corbet) set out to create a high-quality news source that would allow the Linux community to keep up with the incredible pace of its development. Plus, of course, we wanted to draw attention to an ill-advised support operation that we were launching at the same time. The support offerings are long since forgotten, but LWN has grown with the community it reports on. LWN, now approaching its fifth anniversary, processes a great deal of news and requires several people for its production. As readers of these pages have been told too many times, advertising does not cover even a fraction of the costs of producing LWN, and similar types of revenue, such as corporate sponsorships, are mostly unavailable.Back in July, we had come to the conclusion that LWN was not a sustainable operation, and that it was time for us to move on to other endeavors. The result was an amazing and unexpected show of support from our readers, in the form of donations, that caused us to rethink things. An unexpected show of, well, something else from our (former) credit card processor slowed that rethink greatly, but the time has now come. LWN is now at a definitive, and possibly final, crossroads. We will now try to transition LWN into a subscription-based publication, supported by the readers that benefit from it. If LWN is valuable enough to its readers to earn that support, we will continue to produce it - and try to make it better. If not, well, then we will search for some other way to use our skills in the free software community. Here's the deal: a basic LWN subscription will cost $5/month, with options for those wanting to pay a little less or a little more. Starting October 3, the LWN Weekly Edition will be available only to subscribers for the week following its publication; thereafter it will be freely available to all. Some other features, such as the ability to receive news via email, will be available to subscribers only. Other new features which we may introduce in the future will also be restricted to subscribers, at least initially. The LWN front page and the news items posted there will remain free, as will our security database, kernel patch page, and various other features of the site. What this means is that all news posted to LWN will continue to be freely available - if you are sufficiently patient. But we strongly hope that most of our regular readers will consider becoming subscribers in order to have immediate access to our content, and, most importantly, to help keep LWN operating. Those of you working in the software field may want to consider asking your employers to fund an LWN subscription as a useful tool for your job. Or, even better, have them talk to us about group subscriptions, which can provide access to LWN's subscription content for an entire group, company, or university at substantial savings in cost. We have a lot of ideas for where we would like to take LWN. We would like to cover many important development projects the way we cover Linux kernel development now. We would like to have Linux in Business coverage that is more than a pile of press releases. It would be great to be able to pay for occasional articles by well-known authors. We will release our site code as free software as soon as we find the time to do it. It would be nice, even, to have a search engine that truly works well for the first time ever. But first we have to stabilize LWN and turn it into a sustainable operation, and an important part of that process is now in the hands of our readers. With sufficient support from you, we can take LWN forward and make it better than ever: a reader-supported community news resource which need not worry about keeping big advertisers happy. If LWN is worthwhile to you, now is the time to act; please consider signing up for a subscription today.
The Native POSIX Thread Library Readers of the LWN Kernel Page have been aware of the intensive effort to improve threading performance on Linux - at least from the kernel point of view. Now, with the announcement of version 0.1 of the Native POSIX Thread Library (NPTL), the user-space side of this project has come into view. This article will take a look at the technical and performance aspects of NPTL; the next will wander briefly into the political issues.Threads, of course, are processes (or something that looks like processes) that share an address space and various other resources. Multi-threaded applications can be tricky to write (they end up presenting the same sorts of problems with race conditions that operating system programmers have to deal with), but they can be a good solution to a number of programming challenges. Your web browser, for example, likely keeps one thread around to respond quickly to user events (mouse clicks and such) while another thread downloads a web page and yet another one renders it onto the screen. Java programs also tend to be highly threaded. Some applications can create many thousands of threads; obviously, such applications can only be reasonably run on systems with top-quality thread support. Threading can be implemented entirely in user space, in kernel space, or a combination of both. User-space threads are traditionally lighter weight, since they do not require system calls and do not run in independent processes. They can be tricky to make work in all situations, however, and a pure user-space implementation can not make good use of multiprocessor systems, since all threads run within a single process. So most operating systems provide some degree of kernel support for threading. Linux has long had this support via the flexible clone() system call, which allows a great deal of control over which resources are to be shared with the new thread, and which are to be private. Pure kernel-based threads are often perceived as being slow, however, since the kernel scheduler must be invoked to switch between threads. So conventional wisdom has often said that the best way to get good thread performance is with the "M:N model." M:N is a hybrid approach, where M user space threads run on each of N kernel threads. The multiple kernel threads allow the application to use all processors on the system, while keeping the performance benefits of doing (most) switching between user-space threads. Many people have said that the key to fixing the (not great) performance of Linux threads is adopting the M:N approach. So it is interesting to note that NPTL has, instead, stayed with the 1:1 pure kernel thread model. NPTL authors Ulrich Drepper and Ingo Molnar took a close look at the problem, and came to the conclusion that 1:1 was, in the end, the more promising approach. Their reasoning can be found in the NPTL white paper (available in PDF format); the main points are:
Finally, the 1:1 implementation is generally simpler, since user space need not duplicate functionality already found in the kernel.
Of course, all of that means little if the 1:1 model is unable to perform
up to expectations. The benchmarking process has just begun, but the
initial signs are encouraging. Ingo ran one
Ulrich Drepper has posted some other benchmarks which mostly measure thread creation and shutdown time; some of his results can be seen in the chart to the right.. Such a test should naturally favor the M:N model, since user-space thread creation and destruction can be performed without any system calls. And, in fact, the M:N Next Generation POSIX Threading (NGPT) implementation beat standard Linux threads by at least a factor of two in these tests. The NPTL library, however, beat NGPT by about a factor of four. So the initial indications are that NPTL can deliver the goods. And this is only the 0.1 release.
On the NPTL process At the first encounter, the Native POSIX Thread Library looks like ideal grist for the Red Hat basher's mill. The library appears to have sprung fully formed from the head of glibc maintainer (and Red Hat employee) Ulrich Drepper, who has made his plans clear:
Unless major flaws in the design are found this code is intended to
become the standard POSIX thread library on Linux system and it
will be included in the GNU C library distribution.
Installing this library is not easy, since it requires some fairly bleeding-edge software: a 2.5.36 kernel, gcc 3.2, and a current glibc 2.3 snapshot. In fact, the "only environment known to date which works" is an updated version of the "(Null)" Red Hat beta. And, of course, this development has seemingly ignored the longstanding efforts of the Next Generation POSIX Threading project, which is at release 2.0.2. A certain (relatively small) amount of grumbling along these lines has been seen on the net. But it's uncalled for. NPTL was developed independently from NGPT for a straightforward reason: the NPTL developers wanted to try a very different approach. NGPT is designed around the M:N model, which, as noted above, NPTL avoids. There was no way to integrate the NPTL approach into NGPT without massive changes. The NPTL developers did, however, work with the NGPT hackers with regard to the kernel changes; those enhancements will benefit both projects in the end. A new library at version 0.1 can probably be forgiven for using bleeding-edge tools; it is a bleeding-edge tool, after all. By the time NPTL has stabilized, the environments available to users will have caught up substantially. Ingo Molnar, author of the kernel side of the NPTL work, tells us that he intends to backport the kernel changes to the 2.4 kernel once things have stabilized in 2.5. (Whether 2.4 maintainer Marcelo Tosatti will accept them is a separate issue, of course). And, in the end, this development has been going on for less than two months - it is a very new initiative. This development shows some of the best aspects of the free software model. Two hackers with some good ideas have proved those ideas in the way the community accepts best: with code. We will all benefit from this work.
Looking the OpenSSL gift horse in the mouth Sun's announcement of its donation of an elliptic curve encryption implementation to the OpenSSL project was generally well received. After all, the donation of more open source code has got to be a good thing. As it turns out, however, some people are looking at this gift and wondering how free it really is.If you look at the OpenSSL LICENSE file in the current snapshot, nothing has changed; it's a fairly straightforward BSD-style license. But the Sun-contributed code contains its own license text which differs from the OpenSSL license. In particular, it contains this rather impenetrable language:
In addition, Sun covenants to all licensees who provide a
reciprocal covenant with respect to their own patents if any, not
to sue under current and future patent claims necessarily infringed
by the making, using, practicing, selling, offering for sale and/or
otherwise disposing of the Contribution as delivered hereunder (or
portions thereof)...
One would that Sun, by virtue of having released the code under a free license, would have given up the right to sue people for using that code. This clause, however, seems to put a string on it: Sun explicitly says it won't sue, but only if you don't sue them either. The limitation seems to only apply to suits over the elliptical curve code itself, but it's hard to say for sure; the language is not all that clear. For those who object to this language, the distinction does not matter. If you start attaching strings to free code, they say, it is no longer free. The most vocal of the dissenters is, of course, OpenBSD hacker Theo de Raadt, who states:
It means that OpenSSL is becoming a non-free software project,
because the code from Sun contains licenses which invoke patent
litigation; the licence on the new code basically builds a contract
that says "if you use this code, you cannot sue Sun". In such a
way, by means of the slippery slope, a free software project
becomes not as free, and eventually, less and less free.
Theo has gone as far as suggesting a fork in the OpenSSL project as a way of maintaining a version that is, to his eyes, truly free. Whether or not this particular bit of language bothers people, there is an issue here: companies often have a hard time resisting the temptation to attach their own language to free software licenses. The tendency toward custom licenses for each company and project has subsided somewhat, but it is not completely gone. It will always be necessary to scrutinize software licenses carefully, whether they are presented as free or not.
The Lulu Tech Circus For those of you who are curious about what Bob Young has been up to since he left Red Hat: the Lulu Tech Circus is happening in Raleigh, NC starting September 27. It has the look of a fun event for people who like to play with free software, and with cool technology in general. Wish we could be there...
Page editor: Jonathan Corbet Security Thanks for reading This is my last week as LWN.net's Security Page Editor. I've opted to pass the Security Page duties on to an excellent editor so I can focus my time for LWN.net on administrivia and infrastructure issues."Thank You" to everyone who has read the security page this year. I'll miss the pleasure of providing you with our weekly security summary.
Safe Travels,
Security news OpenSSL worm in the news The OpenSSL worm, has been referred to in various reports as Apache/mod_ssl worm, linux.slapper.worm, bugtraq.c worm and Modap worm. Please check out last week's security page for more information.This week CNET continued their coverage with a report that the worm "has reached a plateau after infecting about 7,000 servers and turning the hosts into a peer-to-peer network that could be used to attack other computers." Personal Computer World covers the recent Slapper C varient "which, has infected 1,500 servers already and is spreading, although a source point has not been identified at this time."
Open-source group gets Sun security gift (CNET News.com) CNET covers the recent donation by Sun of their "elliptic curve" cryptography technology to the open source community. "Elliptic curve cryptography will enable secure communications with devices that don't have as much calculating power as most desktop computers, said Whitfield Diffie, Sun's chief security officer and a pioneer of the Diffie-Hellman "public key" cryptography method used today in SSL and other encryption systems."
London man charged with making virus (Reuters) Reuters News Agency reports the arrest of the suspected author of "the malicious "T0rn" virus that attacked Linux computer systems". The suspect was assested at his home in Surbiton, southwest of London, England.
T0rn, which later was modified by a Chinese virus-writing group to
create another worm known as Lion, circulated in the digital wild for
much of 2001, but did relatively little harm.
Security reports phpWebSite 0.8.3 fixes PHP source injection vulnerability Tim Vandermeersch reports a PHP source injection vulnerabilty in phpWebSite which is fixed in version 0.8.3. Upgrading is recommended; the vulnerability allows remote execution of arbitrary PHP code by an attacker.
Xoops RC3 script injection vulnerability David Suzanne reports a script injection vulnerability in Xoops RC3; the current version.
XOOPS is a dynamic OO (Object Oriented) based open source portal script written in PHP. XOOPS is the ideal tool for developing small to large dynamic community websites, intra company portals, corporate portals, weblogs and much more.
JAWmail cross-site scripting vulnerabilities Ulf Harnhammar reports cross-site scripting vulnerabilities in JAWmail 1.0-rc1. Versions 2.0-rc1 and later are not vulnerable.
There are several cross-site scripting holes in JAWmail that are
triggered by reading incoming e-mail messages. An attacker can
use them to take over a victim's e-mail account by simply sending
certain malicious e-mails to the victim.
Squirrel Mail 1.2.8 fixes cross site scripting vulnerabilities SquirrelMail 1.2.8 fixes all of the cross site scripting vulnerabilities described in this post.
SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. SquirrelMail has a all the functionality you would want from an email client, including strong MIME support, address books, and folder manipulation.
New vulnerabilities Multiple vulnerabilities in Zope 2.5.1
Tomcat 4.x JSP source code exposure vulnerability
Updated vulnerabilities Heap corruption vulnerability in at
bind buffer overflow vulnerability in DNS resolver libraries
Potential unauthorized root access vulnerability in dietlibc
Ethereal buffer overflow, infinite loop and memory management vulnerabilities
Filename disclosure vulnerability in fam
GNU fileutils race condition
Potential remote root exploit in glibc
Buffer overflow in groff
HylaFAX 4.1.3 fixes multiple vulnerabilities
UW imapd remotely exploitable buffer overflow
Cross-site scripting vulnerability in Konqueror for KDE 3.0.3
Kerberos 5 unauthorized root access to KDC host vulnerability
LPRng accepts jobs from any host.
Cross-site scripting vulnerability in mhonarc
PHP Remote Compromise/DOS Vulnerability
Mozilla XMLHttpRequest file disclosure vulnerability
String format bug in pam_ldap logging
OpenSSL remotely-exploitable buffer overflow vulnerabilities
Safemode vulnerability in PHP
Remotely exploitable vulnerability in pine
Buffer overflow vulnerabilities in PostgreSQL
Buffer overflow vulnerabilities in purity
PXE server denial of service vulnerability
Local arbitrary code execution vulnerability in Python
Sharutils potential privilege escalation using uudecode
Multiple vulnerabilities fixed in Squid-2.4.STABLE7
Tcl/Tk local root vulnerability
Malformed NFS packet buffer overflow vulnerability in tcpdump
Multiple vendor telnetd vulnerability
Local root vulnerability in chfn
webalizer: reverse DNS buffer overflow vulnerability
Webmin/Usermin vulnerabilities
Multiple vulnerabilities in wordtrans
Problems with libgtop_daemon
Wwwoffle remote privilege escalation vulnerability
xchat IC server based dns query vulnerability
Local privilege escalation vulnerability in XFree86
Denial of service vulnerability in xinetd
Resources OWASP Guide to Building Secure Web Applications v1.1 The Open Web Application Security Project announces the release of an updated version of the Open Web Application Security Project Guide to Building Secure Web Applications. The guide is available from here in PDF and HTML format.
Linux Security Week and Advisory Watch The September 23rd Linux Security Week and September 20th Linux Advisory Watch newsletters from LinuxSecurity.com are available.
RATS 2.0 released The RATS Team announces the release of RATS 2.0.
RATS, the Rough Auditing Tool for Security, is a security auditing utility
for C, C++, Python, Perl and PHP code. RATS scans source code, finding
potentially dangerous function calls. The goal of this project is not
to definitively find bugs. The current goal is to provide a reasonable
starting point for performing manual security audits. RATS is released
under version 2 of the GNU Public License (GPL).
The Art of Unspoofing Sean Trifero and Brian Knox have published The Art of Unspoofing, an article on various ways to detect who might be behind a DoS attack. A post of the article garnered this response by Sean Trifero to some pointed comments.
Events CanSecWest/core03 call for papers CanSecWest/core03 computer security training conference will be held April 16-18 2003 in Vancouver, British Columbia, Canada.
Submissions and presentation proposals for tutorials
for this conference will be accepted during the months
of September and October 2002, with preference given
to submissions made in September.
ToorCon 2002 Conference in San Diego this weekend The ToorCon 2002 folks sent out a reminder that the conference is this weekend!
We would like to invite everyone to ToorCon 2002 this year which is on the
27-29th of September. We have just recently released our finalized speaker
lineup and it looks like it'll be one of ToorCon's best years yet. This is a
final reminder that ToorCon will be this weekend, so mark your calendars if
you haven't already!
ToorCon 2002 will be held September 27-29th in San Diego, CA, USA.
A Gathering of Big Crypto Brains (Wired) Wired reports on the annual COSAC conference held recently in Naas, Ireland.
Speakers also give hands-on demonstrations. In a conference highlight,
Yokohama National University professor Tsutomu Matsumoto and some of
his graduate students showed how easy it is to trick biometric
fingerprint-scanning systems with fake fingers.
Upcoming Security Events
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.
Page editor: Dennis Tenney
Kernel development Release status Kernel release status The current development kernel is 2.5.38, which was released by Linus on September 21. It contains a bunch of IA-64 updates, more partition handling and filesystem work, a JFS update, some IDE changes, and a few important bug fixes. The long-format changlog is available with the details.Linus released 2.5.37 on September 20. Among other things, this release included a bunch more memory management and performance work from Andrew Morton, James Bottomley's x86 "subarchitecture" work (finally), an ACPI update, more threading performance work, an IrDA update, some IDE and block I/O enhancements, some device model work, various architecture updates, and the removal of Keith Owens from the MAINTAINERS file. Again, see the long-format changelog for the details. Linus's BitKeeper tree, which will become 2.5.39, contains some preemptible kernel fixes, a temporary disk elevator fix to deal with some performance problems (see below for the likely form of the real fix), some thread fixups, a USB update, more VM and block I/O work, an ISDN update, the removal of the global blk_size array (Al Viro: "it is an ex-parrot"), and various other fixes and updates. The current stable kernel is 2.4.19; there have been no 2.4.20 prepatches or -ac patches over the last week.
Kernel development news Some followups from last week Andrew Morton sent us a note stating that last week's discussion of the new API for putting processes to sleep missed an important objective of that work. The new interface is nice, but what he was really setting out to do was to improve wakeup performance. The new code removes waiting processes from the wait queue immediately at wakeup time, rather than letting the processes remove themselves whenever they get around to it. The result is that subsequent wakeups, if they come quickly, will run faster because they do not need to deal with processes that have already been awakened.We also mentioned, last week, a posting on the leading-edge features used in the TPC benchmark results posted by HP. Lest anybody think that HP was using a highly patched, special-purpose kernel, they have posted a followup stating that a stock Red Hat kernel (from Advanced Server 2.1) was used in the benchmark runs. Ingo Molnar's new process ID allocator - and the objections to it - were covered last week. Ingo posted a new version of the patch which addressed some of the complaints, and which was to Linus's liking; it was merged into the 2.5.37 kernel.
A new deadline I/O scheduler One of the results of all the recent VM improvements in the 2.5 tree is that the shortcomings of the current block I/O scheduler are becoming more apparent. The scheduler (or "elevator") tries to join adjacent requests together, and to sort requests along the disk in order to minimize seeks and optimize I/O performance. Unfortunately, the current scheduler is not all that good at treating requests fairly. In the name of overall performance, the scheduler can cause the starvation of individual requests for a very long time. Requests eventually get serviced, but if the starved request is satisfying a page fault in the X server, the user can get seriously annoyed in the mean time.The scheduler shortcomings have always been there, but they are more apparent now because the VM subsystem does a more effective job of filling the disk request queues. Now that the scheduler problems can't hide behind VM problems, they need to be addressed. To that end, Jens Axboe has dusted off and fixed up his deadline I/O scheduler patch, and is looking for people to try it out and report on how it works. His initial results are good:
The Andrew Morton Interactive Workload (AMIW) rates the current
kernel poorly, on my test machine it completes in 1-2 minutes
depending on your luck. 2.5.38-BK does a lot better, but mainly
because it's being extremely unfair. This deadline io scheduler
finishes the AMIW in anywhere from ~0.5 seconds to ~3-4 seconds,
depending on the io load.
The "AMIW" works, essentially, by creating a great deal of disk write traffic, then seeing how long it takes to list out a large directory while the writes are being handled. The idea behind the deadline scheduler is that all read requests get satisfied within a specified time period - 1/2 second by default. (Write requests do not have specific deadlines; processes usually can not continue until their reads are performed, but writes can generally be deferred indefinitely). The deadline performance is achieved by sorting I/O requests into several different queues:
With these lists, the operation of the scheduler is not that hard. Incoming requests are merged into the proper sort_list in the usual way: they are sorted by sector number, and merged with adjacent requests. (The real operation is complicated by barrier operations and a hashing mechanism designed to improve the performance of the scheduler itself, but the basic idea is as described.) Read requests are also given a deadline time stamp and put on the end of the read_fifo list. When the block driver is ready to start another disk I/O request, the core algorithm of the deadline scheduler comes into play. In simplified form, it works like this:
The definition of "a long time" for write request starvation is simply two iterations of the scheduler algorithm. After two sets of read requests have been moved to the dispatch queue, the scheduler will send over a set of writes. A "set," by default, can be as many as 64 contiguous requests - but a request that requires a disk seek counts the same as 16 contiguous requests. There has been no word from Linus on this patch; barring problems, however, it would be surprising if some form of it were not merged in the near future.
Keeping disks busy Some of the changes that have been stressing the I/O scheduler have gone in very recently. A couple of patches from Andrew Morton are currently sitting in Linus's 2.5.39 BitKeeper tree; they are worth a look.In the end, much of the work done by the VM subsystem is deciding which pages to move to which disks, and when. A good set of decisions will lead to good performance; but if the VM is not smart in which pages it shoves out, performance can suffer. Some of Andrew's recent efforts stem from an important observation that has been somewhat overlooked until now: there is little point in trying to write pages to disks which are already overwhelmed with requests. If you want to try to direct your efforts toward disks which are not overly busy, you first need some sort of indication of just how much work each drive has to do. So Andrew has added a new set of functions that report on whether a device's request queue is congested or not. The test used is simplistic: a device's read or write queue is not congested if at least 25% of the allocated request queue entries (a fixed number of these is allocated at queue creation time) are available for use. A simple test is good enough, though, especially considering that the size of a request queue tends to be volatile. Once you can test for a congested state, you can start making smarter decisions. Once these functions were in, Linus merged another patch which causes the ext2 filesystem to cut back on speculative readahead operations if the underlying device is busy. If the disks are backed up, presumably there are more important things for them to be doing than reading ahead data that may or may not be used. More impressive performance gains, however, can be had by looking at the pdflush subsystem. pdflush is a set of kernel threads whose job it is to write dirty file data back to the underlying filesystems. A fair amount of effort goes into keeping separate pdflush threads from trying to write back to the same device, and to simply keeping the right number of pdflush threads around. With the new scheme, life gets easier. pdflush does its best to simply pass over pages when the destination queue is congested; instead, it concentrates on pages that can be written to less busy devices. Thus pdflush no longer blocks on request queues, and can concentrate on keeping them all full. A side benefit is that a single pdflush thread may now be sufficient. According to Andrew: "This code can keep sixty spindles saturated - we've never been able to do that before." It is increasingly apparent that the 2.6 kernel is going to be an amazing performer in numerous areas, thanks to work like this.
Doing things in the kernel Kernel developers often put a great deal of effort into keeping tasks out of the kernel; the thinking is that if a task can be done in user space, there's where it should happen. Keeping things out of the kernel helps to keep the kernel code smaller, and it makes it easier for users to set their own policies. Sometimes, however, there are reasons to move tasks which have been performed in user space for a long time over the line and into the kernel. A couple of patches have been circulating recently which do exactly that.Ingo Molnar's kksymoops patch performs the same task as the classic "ksymoops" utility: it takes the numeric "oops" output from a kernel panic and attaches symbolic information so it actually makes sense to humans. Or, at least to kernel hackers, who really are human, despite occasional rumors to the contrary. Why move this task into the kernel? Anybody who has actually used ksymoops to get a symbolic trace knows that it can be quite a pain to set up, especially when loadable modules are involved. Without quite a bit of information on the run-time configuration of the actual kernel that was running when the oops happened, ksymoops can not do its job. Expecting casual users (or customers) to set up ksymoops and use it properly when reporting problems is asking too much. But the kernel itself knows a lot about its current configuration. It's actually not all that hard for the kernel to generate symbolic names for its own addresses; it's just a matter of keeping a symbol table around. If the kernel can generate useful oops reports from the beginning, the kernel developers will get better information on crashes, and problems will get fixed more quickly. It's probably worth the trouble. Then, there is Rusty Russell's loadable module rewrite. The insmod utility has traditionally done much of the work of loading modules, including tasks like parsing the executable file and doing symbol binding and relocation. Rusty's patch, instead, moves these tasks into the kernel. Thus, with this patch, the kernel is in the business of picking apart ELF binaries and linking symbols itself. Surely this sort of work belongs in user space, right? Rusty's answer is:
Whether Rusty will succeed in convincing the other kernel developers remains to be seen. One way or another, he has made it clear that the proper place to draw the line between kernel and user space is not always obvious.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Janitorial
Memory management
Networking
Architecture-specific
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet
Distributions Distribution News Debian GNU/Linux The Debian Weekly News for September 24, 2002 is out. There's a Debian Cluster serving as a research tool at Syddansk Universitet (University of Southern Denmark); SE Linux for Woody; and much more.Rob Bradford supplied Bits from the RNE, a request for feedback on the 3.0r1 release notes. Here's Gerfried Fuchs, the Website Translation Coordinator, with Bits from a WTC. Translators are needed to help keep non-English web sites up-to-date. "So, if you are interested and like to help to make the website more useful for the people in your country who aren't that good in english feel free to contact one of your translation coordinators..." Raphaël Hertzog introduces the Package Tracking System. There are some new tools to help Debian developers keep track of their packages and any outstanding bug reports.
EnGarde Secure Professional launched Guardian Digital has sent out a press release announcing the launch of EnGarde Secure Professional, a hardened Linux distribution which, they claim, can be securely set up and run without the need for a Linux administrator on staff.
Mandrake Linux MandrakeSoft has announced the release of Mandrake Linux 9.0, codenamed "Dolphin." It includes all the latest stuff: 2.4.19 kernel, GNOME 2.0.1, KDE 3.0.3, OpenOffice 1.0.1, Mozilla 1.1, GCC 3.2, etc. This release is certified as being compliant with the Linux Standard Base 1.2. Enhanced security is also claimed: "In early 2000, MandrakeSoft first introduced the concept of "security levels" to the Linux world; in Mandrake Linux 9.0, that concept is expanded with the integration of professional Intrusion detection tools and utilities, encrypted communication support, encrypted filesystems, secured authentication, and more."As is typical with Mandrake releases, this distribution is available for download immediately; the retail version can be purchased for delivery within a few weeks. Mandrake Linux ProSuite 9.0 has been registered as conforming to the LSB Runtime Environment for IA32 version 1.2 product standard. The Mandrake Linux Community Newsletter for September 19 is out. It looks at the new "Linux-Campus Courseware" offering, Kohan: Immortal Sovereigns, the OpenBrick, and more.
SCO Linux 4.0 Open Beta The SCO Group has an open beta of SCO Linux 4.0 powered by UnitedLinux, available with free registration. SCO Linux 4.0 is the successor to OpenLinux Server 3.1.1. This beta should provide users with a taste of how United Linux will effect the products formerly branded Caldera Open Linux.
New Distributions BanShee Linux/R BanShee Linux/R is a two-floppy rescue system using uClibc and Busybox to make sure that the system is as small as possible. Initial verion 0.5 was released September 18, 2002.
eLSD, Linux Society Distro eLSD is a new distribution from the Linux Society. Derived from Devil-Linux this initrd-centric, bootable CD distribution comes in three flavors.0.1 - Devil-Linux offered as a build and burn kit. 0.2 - This version begins to make changes towards the eLSD goals by creating a bigger divide between the initrd/linuxrc boot and the init/boot in the OS. It also boots w/o the floppy that includes the /etc filesystem. 0.3 - This version actually converts Devil-Linux into an optional hard drive boot OS. The boot process occurs entirely in the initrd phase and then accesses the harddrive. This kit offers a robust kernel, two custom initrds -- one that boots to busybox/tinylogin -- and grub and parted support.
Firegate Server The Firegate Server from Wiresoft is a self-managing server operating system designed for small and mid-sized businesses. It securely connects offices to the Internet and to each other, protecting valuable electronic information. Office staff can securely surf the web, send and receive email, host the company Web site, share files, host a customer database, and more. It is controlled through a simple Web browser or mobile telephone interface and managed by an artificial intelligence-based administration service. This package is a Linux-based system which also contains proprietary software. The Firegate Server, SMB Edition 7.1, was released September 25, 2002.
MoviX MoviX is a CD-ready tiny (~5MB) Slackware-based Linux distribution containing all you need to boot a PC from CD (using syslinux) and automagically play all the avi files you put in the CD root with mplayer through the framebuffer. You can use it to play all your movies, even on a diskless PC. Version 0.3 was released with minor feature enchancements, less than a week after the initial version, 0.2.
Serverdisk diskette distro Serverdisk diskette distro is a Linux floppy disk distribution which includes FTP and HTTP servers. Just a small server, not intended to be a rescue disk or standalone firewall. The initial version, 0.1, was released September 19, 2002.
Minor distribution updates ClumpOS ClumpOS has released R7.0. This release has been updated for Linux 2.4.19/MOSIX 1.8.0.
herbix herbix has fixed some bugs in v1.0-41.
Kaiwal Linux becomes GrandLinux Thai distribution Kaiwal Linux has changed its name to GrandLinux. GrandLinux 4.4 is available now. The website is in Thai. (Thanks to Joe Klemmer)
uClinux uClinux has released 2.5.38-uc0 with major feature enhancements.
SnapGear Embedded Linux Technical Bulletin #13 - Using Flash Memory with uClinux SnapGear's Greg Ungerer discusses theory and methods for building uClinux systems that boot, run and operate using Flash memory.
Warewulf Warewulf has released v1.1 with minor feature enhancements.
Wolverine Firewall and VPN Server The Coyote Linux Wolverine Firewall and VPN Server released 1.0RC2 (build 254) with minor bug fixes.
Distribution reviews Review: Lindows 2.0 has beautiful skin, iffy personality (Register) Here's a review of Lindows 2.0, courtesy of NewsForge. "Because Lindows is marketed to the disgruntled Windows user, I figured I'd try to do it justice and install it on a Windows ME system. I put the CD in, it "auto-started" and told me I didn't have one gigabyte available on the "C:" drive. The only option was to exit. Why couldn't I select a different drive letter? There's plenty of space on the D partition. But there was no way to do that."
Page editor: Rebecca Sobol
Development The Phoenix 0.1 Lightweight Browser Mozilla.org has released version 0.1 of Phoenix, a lighweight web browser. "Phoenix is a redesign of the Mozilla browser component, similar to Galeon, K-Meleon and Chimera, but written using the XUL user interface language and designed to be cross-platform."The Phoenix release notes and FAQ state that Phoenix is primarily designed to be fast, but without sacrificing features. Some of the currently implemented features include:
System Applications Audio Projects PHP Audio Extension Tony Leake has released his PHP Audio Extension, which connects PHP to the Ecasound ECI interface. "The PHP Audio extension is currently a wrapper for Ecasound, in the future higher level functions will be written for those who want audio processing in their PHP applications without learning the Ecasound syntax."
Clusters and Grids Heartbeat 0.4.9d released. Version 0.4.9d (beta) of heartbeat has been released by the High Availability Linux Project. Heartbeat "implements serial, UDP, and PPP/UDP heartbeats together with IP address takeover including a nice resource model including resource groups. It currently supports multiple IP addresses and a simple two-node primary/secondary model." New features include performance improvements, an applicaton heartbeat daemon, new ipfail code, a CCM membership daemon, improved documentation, and a PILS library. (Thanks to Alan Robertson.)
Database Software Full transaction support added to MySQL MySQL Inc. has put out a press release announcing the addition of a fully ACID-compliant transaction engine (called "InnoDB") to the popular MySQL database management system. "Consistent with all MySQL offerings, InnoDB is easy to use and highly reliable, having been battle-tested by the Open Source community."
Knoda 0.5.4 released. Version 0.5.4 of the Knoda database access GUI for KDE has been released. Changes include a Postgres driver, drag and drop support, copy and paste fields for forms and reports, column sorting, UI improvements, FreeBSD support, and lots of bug fixes.
Introduction to Xindice (IBM developerWorks) Arun Gaikwad introduces Xindece, an XML database system. "This article is an introduction to an Open Source Native XML Database System, called Xindice (pronounced zeen-dea-chay). It is also an introduction to Native XML Database concepts."
Education Linux in education report Issue #79 of the Seul/Edu Linux in education report is out. Topics include the DebianEdu project, Linux in Indian schools, manuals for the computer illiterate, Red Hat on educational Linux, the Office Admin and Teacher Admin modules, MIT's Lifelong Kindergarten project, and more.
Electronics New Icarus Verilog snapshot The 20020921 development snapshot of the Icarus Verilog electronic simulation language compiler has been released. The changes are listed in the release notes.
Embedded Systems First public release of wxEmbedded The first beta version of wxEmbedded is available for testing. wxEmbedded is the project name for support for small devices in wxWindows (currently PDAs are the primary target).
BusyBox 0.60.4 released Version 0.60.4 (stable) of BusyBox has been released. "BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides minimalist replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc." This is a bug fix release, see the Changelog file for a detailed list of changes.
Libraries Native POSIX Thread Library 0.1 released Readers of the LWN.net Kernel Page have been following the effort to provide Linux with "world class" threading support - at least, from the kernel point of view (see, for example the August 15 and August 22 Kernel Pages). The user-space side of this work has been harder to follow - until now. Ulrich Drepper has announced the release of version 0.1 of the Native POSIX Thread Library. Click below to read the full announcement, which includes a fair amount of information on what Ulrich and kernel developer Ingo Molnar have been up to. "Unless major flaws in the design are found this code is intended to become the standard POSIX thread library on Linux system and it will be included in the GNU C library distribution."
Peer to Peer Internet Radio the P2P Way (O'Reilly) Howard Wen talks about internet broadcasting with Peer to Peer technology. "First there was AM. Then FM. Now, the next evolution in radio broadcast technology could very well be "P2P." What could be even more controversial than Internet radio/audio broadcasting--which has made headlines this year over the issue of royalty payments--and P2P file sharing? Probably the merging together of these banes of the music industry. Two P2P clients, PeerCast and Streamer, are exactly that. Without the need to have your own dedicated server, these programs let you stream audio files to other users on a P2P network. Essentially, you can run your own Internet radio station whenever you start up your computer and get online."
Web Site Development Zope Members News The latest Zope Members News headlines include: Alternative implementation of ZPT - with i18n!, First book ever about CMF/Plone!, PropertyList 0.1 Released, and PropertyObject & -folder 1.1 released.
mnoGoSearch-php-3.2.0.beta7 available Version 3.2.0.beta7 of the PHP frontend to the mnoGoSearch web site search engine software is available. See the ChangeLog file for a list of changes.
Embedding Web Servers (Perl.com) Perl.com has an article by Robert Spier on Embedding Web Servers with Perl.
Desktop Applications Audio Applications Sweep Sound Editor Conrad Parker has sent us a status update from the Sweep sound editor project. "Sweep is a full-featured open source sound editor, now used in production at Pixar and rapidly gaining popularity elsewhere. It features a character called Scrubby who is a very intuitive "scrub" tool and makes editing sounds a breeze. You can use Sweep for general sound editing on your Linux desktop, and thanks to Scrubby you can also use it as a tool for live DJing and experimental music. Sweep has undergone many changes recently to make it ready for widespread use, and I'd like to invite readers to try out the latest version (0.5.6)."
Desktop Environments GNOME Summary The GNOME Summary for September 12-18, 2002 is out with the latest GNOME development news.
The latest FootNotes This week's entries on FootNotes include Dropline GNOME 1.1.1, Workrave 0.1.0, Sodipodi 0.26, GStreamer 0.4.1, Gentoo Gnome 2.0.2, and more.
Outlook Competition: Enter Kroupware and Kaplan KDE.News looks at the Kroupware Project, part of a full-blown open-source groupware solution for KDE and commissioned by the German government. "But Don Sanders, KMail hacker, went one step further. He managed to transform KMail into a KPart and demonstrated how the different PIM components can be embedded in the pre-existing framework by Matthias Hoelzer-Kluepfel and Daniel Molkentin known as Kaplan"
Gspoof 2.1.1 relased Stable version 2.1.1 of Gsproof is available. "Gspoof is a GTK+ program written in C language which makes easier and accurate the building and the sending of TCP packet with a data-payload or not. It's possible to modify TCP/IP fields also Ethernet header working to Link Level." This release features bug fixes and support for libreadline.
GUI Packages FLTK 1.1.0rc7 Now Available Version 1.1.0rc7 of FLTK, the Fast, Light ToolKit, is available. "FLTK 1.1.0rc7 is now available for download and is a candidate for the final 1.1.0 release. This release contains several portability and bug fixes."
Interoperability Kernel Cousin Wine #136 Issue #136 of Kernel Cousin Wine is out. Topics include the ZDNet User Poll, a Linux Journal review, work on NetAPI32.DLL and WinASPI.DLL, mixing Unix and Windows calls, and Perl regression tests.
Office Applications AbiWord Weekly News #110 The AbiWord Weekly News for September 23, 2002 is available. AbiWord 1.0.3 "Désir Satisfait" is now available, and more AbiWord news in this issue.
Kernel Cousin GNUe #47 Issue #47 of Kernel Cousin GNUe is out with the latest GNU enterprise development news.
Gnucash 1.8 proposed schedule The Gnucash 1.8 proposed schedule is out, with an updated HBCI planned-feature list.
Web Browsers Mozilla Independent Status Reports The latest Mozilla Independent Status Reports include updates for Composite, Themes, Games, Bitflux Editor, TagZilla, Livelizard, Diggler, and MultiZilla.
Languages and Tools Caml The Caml Hump This week, the new software on The Caml Hump includes toolpage, OCaml-SOAP, VisualML, OCamake, bdb, nML, and DML/de Caml.
Haskell gtk+ haskell binding 0.14.10 released Version 0.14.10 of Gtk+HS, the Haskell binding for the GUI toolkit GTK+, is available. "This release features a range of new widgets over the previous release and supports the use of the library as a GHC package."
Java RelativeLayout, a Constraint-Based Layout Manager (O'Reilly) James Elliott covers the RelativeLayout layout manager on O'Reilly. "Layout managers fall firmly into the periphery when talking about Swing. They're something you use all the time with Swing containers, but they predate Swing and you can use them just as well with an AWT application. Still, layout managers play such a fundamental role in arranging the pieces of your user interface that you need to develop a good understanding of at least a couple of them so that you can work effectively. And they hold the promise of enabling your application to look polished as it moves from platform to platform, gracefully adapting to new font metrics and component shapes."
Resin: The Instant Application Server Daniel Solin writes about Resin on O'Reilly. "Imagine a Java Web application server that runs on Unix, delivers incredible performance, is really easy to set up, and inexpensive to boot. Even crazier, imagine that this little app server offers all of the features you expect from a modern Java server, including JSP/servlets, XML/XSL, and EJB/CMP. You can stop imagining. It actually exists, and it goes by the name of Resin."
Lisp LML and aFTPd first public releases The first public release of the aFTPd Lisp ftp server, and the LML Lisp Markup Language library for generating HTML and XHTML documents have been released.
Perl This week on Perl 6 The September 9-16, 2002 edition of This week on Perl 6 is out. Topics include: Goal Call for 0.0.9, Scheme Implementation Details, chr, ord etc., Lexicals, IMCC 0.0.9 Runs 100%, Problem Parsing Builtins, building core.ops op_hash at runtime, Problems with 64-bit integer builds, and more.
This Week on perl5-porters (use Perl) The September 16-22, 2002 edition of This Week on perl5-porters is out Topics include pedantic compilation, the default install location, closures in BEGIN blocks, perlopentut, smoke reports, and more.
PerlQt-3 released. Version 3 of PerlQt, a Perl Object Oriented interface to the Qt GUI Toolkit, is now available.
PHP PHP Weekly Summary #104 Issue #104 of the PHP Weekly Summary looks at XSLT, Sablotron and PHP, Redefining class errors, changing .phps, and fixing ext/mbstring, OpenSSL additions, and ext/FriBiDi.
PEAR Weekly News This week's Pear Weekly News is out. "The mailing list has been very active during the past week, a sign to the return of an active cadence of updates, adds or fixes on pear. The subjects were various, from the classic 'Naming convention & coding standards' to the automatic translation system or peardoc. Sebastian Bergmann and Kristian Köhntopp have worked intensively on XML_Transformer, that will make us happy to see a new and very good stable release. This week has seen not less than four stable releases, that is itself a very good news, and one beta."
Python The State of the Python-XML Art (O'Reilly) Uche Ogbuji introduces his new Python-XML column on O'Reilly's XML.com site. "Welcome to the first Python-XML column. Every month I'll offer tips and techniques for XML processing in Python and close coverage of particular packages. Python is an excellent language for XML processing, and there is a wealth of tools and resources to help the intrepid developer be productive. In what follows I'll survey these tools and resources, giving a sense of how broadly Python supports XML technologies and giving you a head start on the more in-depth topics to follow." An extensive list of XML software for Python is included.
This week's Python-URL Dr. Dobb's Python-URL for September 24 is out with the latest from the Python development community.
The Daily Python-URL This week's Daily Python-URL topics include the CAMFR 1.0 Maxwell solver, PyANT 0.26, What's so special about Python 2.2?, the PyTone mp3 jukebox, the FOAFBot IRC bot, and more.
Scheme Scheme Weekly News The September 23, 2002 edition of the Scheme Weekly News is out with the latest Scheme developments.
Tcl/Tk Tcl/Tk 8.4.0 Released Stable version 8.4.0 of Tcl/Tk was recently released. Click below for the announcement. This is a fairly major update, see the release notes for the full story.
Dr. Dobb's Tcl-URL! The September 22 edition of the Dr. Dobb's Tcl-URL! is out with an assortment of articles about Tcl/Tk, including the announcement of Tcl 8.4 final.
XML XML Canonicalization (O'Reilly) Bilal Siddiqui writes about XML Canonicalization on O'Reilly's XML.com. "This two part series discusses the W3C Recommendations Canonical XML and Exclusive XML Canonicalization. In this first part I describe the process of XML canonicalization, that is, of finding the simplified form of an XML document, as defined by the Canonical XML specification. We'll start by illustrating when and why we would need to canonicalize an XML document."
Euro-XML (O'Reilly) Rick Jelliffe illustrates several character encoding techniques for XML on O'Reilly. "There are three ways of representing the euro in XML:* numeric character references, * character entity references, and * direct characters. This article examines these and other more arcane but important ramifications."
Brother, Can You Spare a DIME? (O'Reilly) Rick Salz covers DIME on O'Reilly's XML.com. "This month we look at Direct Internet Message Encapsulation (DIME), a binary message format; and we'll also look briefly at the WS-Attachments specification, which provides a generic framework for SOAP attachments, and a definition for a DIME-based instantiation of that framework."
Page editor: Forrest Cook
Linux in Business Business News Campaign for Digital Rights responds to patent office paper; Plans protests at party conferences The Campaign for Digital Rights plans protests of a consultation paper released by the UK Patent Office. The paper details plans to implement the European copyright directive. CDR believes that this legislation is flawed and will have disastrous effects on British research, innovation, music recording studios and software development.
Regal deploying Linux in hundreds of theaters Here's another 'big commercial Linux deployment' press release from IBM. This time around, it's Regal Entertainment Group, a large movie theater chain, which is making the leap: it is using some 2400 Linux-based point of sale systems, with the final number expected to grow to around 3500. "Regal is also testing a new, in-theater, Linux-based kiosk that will enable movie patrons to purchase tickets or retrieve tickets purchased from an online service." The POS systems are running Red Hat Linux.
Press Releases Open Source Announcements
Distributions and Bundled Products
Software for Linux
Products and Services Using Linux
Hardware with Linux support
Cross Platform/Porting Product
Linux at Work
Java Products
Books and Documentation
Training and Certification
Trade Shows and Conferences
Partnerships
Miscellaneous
Page editor: Rebecca Sobol
Linux in the news Recommended Reading European Union Researches the Benefits of Open Source Software (O'Reilly Network) O'Reilly reports on the research project "Free/Libre and Open Source Software: Survey and Study", funded by the European Union, which explores the reasons behind the widespread use and support of free software. "This is, to my knowledge, the first large-scale, rigorous study concerning any aspect of free software. It involves interviews with thousands of developers and hundreds of businesses, with carefully-chosen questions and a correlation of results."
Building the underground computer railroad (Salon) Here's a Salon article on anti-globalization groups which are fixing up old computers and sending them off to developing countries. "If you just look at their specifications, the systems the activists are building here seem almost worthless, Pentium 100-class machines with about a gigabyte of hard drive space and 80 megs of RAM. The sort of computer that went for thousands in 1996, but that wouldn't fetch $50 on eBay today. But if you wipe Windows off these systems and replace it with a Linux-based operating system, and if you just plan to use them for the Web and e-mail, they can be quite useful..." Nobody seems to see any irony in installing a globally-developed operating system on computers and sending them around the world as a way of fighting globalization.
UnitedLinux might not be very GPL-friendly (NewsForge) NewsForge has an article about the UnitedLinux closed-beta NDA's compatibility with the GPL. "Is UnitedLinux down with the idea behind software libre, or are they just trying to become a Red Hat killer and Linux oligopoly in order to make some fast bucks?"
A Bounty on Spammers (CIO Insight) Lawrence Lessig suggests new methods for dealing with spam, and also looks at copyright issues. "But at least with the spam problem, there is a much simpler solution that, so far, Congress has failed to see. Imagine a law that had two parts—a labeling part and a bounty part. Part A says that any unsolicited commercial e-mail must include in its subject line the tag [ADV:]. Part B says that the first person to track down a spammer violating the labeling requirement will, upon providing proof to the Federal Trade Commission, be entitled to $10,000 to be paid by the spammer."
Less RMS, more freedom - FSF pitches to wider audience (Register) The Register looks at the changing role of the Free Software Foundation. Quoting Bradley Kuhn: "Of course, I love the Free Software community and am an active member of it. However, there was always one aspect of our community that didn't sit right with me: the idea that you had to 'prove your hacker credentials' to be taken seriously."
Companies Jumpy Caldera needs vision correction (ZDNet) This editorial goes through the business history of Caldera, suggesting where they have gone wrong in the past, and where they are going wrong in the present. "It doesn't take a degree in rocket science to imagine what the investors, including Ray Noorda, have been pushing for at recent Caldera board meetings: ditch Linux, and stick with the Unix cash cow. Oh, and change the name, just for good measure."
Ballmer: We'll outsmart open source (ZDNet) ZDNet is carrying Microsoft president Steve Ballmer's latest comments about Linux. "'Linux is not about free software, it is about community,' he said. 'It's not like Novell, it isn't going to run out of money--it started off bankrupt, in a way.'"
MS design switch thwarts Xbox mod chips (Register) Accordint to the Register, Microsoft has modified the hardware for its Xbox game platform, which will thwart the porting of Linux to the platform. "Microsoft has made some modifications to the internal design of Xbox in the name of security, the most immediate upshot being apparently that existing mod chips won't work with the new design. According to a posting last week on the Xboxhacker BBS (reproduced here, the first of the new designs have been spotted in Australia."
Red Hat 8.0 To Launch This Month (TechWeb) TechWeb reports that Red Hat Linux 8.0 will be released with a large emphasis on the desktop. "Red Hat has never been a major advocate of Linux on the desktop, but version 8.0 will demonstrate a change of heart. The Raleigh, N.C.-based company, whose namesake Linux distribution is the de facto standard in the United States, maintains Linux is not geared for the typical consumer or business secretary but does have practical use for a select group of corporate and technical users"
Open-source group gets Sun security gift (News.com) CNET has a few more details about Wednesday's announcement that Sun gave elliptic curve cryptography to OpenSSL. "The deployment schedule is on the order of several years to a decade unless something comes along in the interim. I would conjecture that by 2010 or so, this will be widely used."
Sun's Linux PC cheaper, McNealy boasts (News.com) CNET has published a nice summary of Sun's Linux initiatives. "Sun Microsystems will get into the PC business next year, selling Linux-based desktops that will cost less than half to own and operate than comparable systems running Windows, Sun CEO Scott McNealy said Wednesday."
Sun releases Liberty Alliance tool (News.com) Here's a brief News.com article on Sun's first Liberty Alliance release. "Sun executives say the Java-based tool is the first open-source implementation of the Liberty Alliance standard and a prototype of Sun's forthcoming server software, called Identity Server 6.0, which will manage computer user's access and authentication."
Business CEO of Raleigh, N.C.-Based Red Hat Speculates on Future of Technology (Nando) The Raleigh, N.C. News & Observer takes a look at what keeps Red Hat CEO up at night. "It has nothing to do with Wall Street investors and analysts who are still waiting for Red Hat's big pop -- some sort of return on the traction the alternative Linux operating system is getting in the marketplace."
Interviews Practical Matters Rule IBM's Tactics with Competitors The Seattle Times has an interview with Steve Mills, head of IBM's software division. "The reality is the world is very heterogeneous; it's not Windows-only and the overwhelming majority of business transactions in medium and large businesses are not running on Windows. They're running on a wide variety of Unix systems and IBM mainframes. It's a very complex world, and that world's not going to change very quickly."
Open source haunts Microsoft (ZDNet) ZDNet interviews the program manager of Microsoft's Shared Source Initiative, Microsoft's answer to Open Source. "The fact is that Linux is now competing with Windows. That is good because it is spurring us on and making us compete better, but equally, it is difficult for us to say Windows has better management tools than Linux because all of a sudden people say we are attacking open source."
At the center of the patent storm (News.com) News.com talks with Danny Weitzner, chair of the W3C patent policy working group. "The open-source community has played a really important role at the W3C because, clearly, royalty-bearing standards create a fundamental problem for open-source software. But the need for royalty-free standards would exist even if there were no open-source solutions."
Resources Building a Linux Minicluster using commodity components (LinuxDevices.com) The Embedded Reasoning Institute of the Sandia National Laboratories recently constructed a 4-node Linux cluster based on commodity PC/104 modules and other related components. The system was designed for use in parallel programming tutorials, demonstrations, and displays, and was showcased at the Supercomputing 2001 Conference (Denver, CO) and at the Embedded Systems Conference 2002 (San Francisco, CA). This LinuxDevices.com article by two key members of the project team describes the overall project and provides information on how the system was constructed.
Using MPICH to Build a Small Private Beowulf Cluster (Linux Journal) This Linux Journal article shows how you can build a small Beowulf cluster using MPICH. "Our new Beowulf cluster consists of a private network of eight systems dual-booting between Windows 2000 Professional and Red Hat 7.1. Each computer has a single AMD 1.4GHz Athlon processor, 512MB RAM, a 30GB hard drive, a 64MB NVIDIA video card and 100Mb Ethernet with switching hub (did I say that our administration and school board were kind to us?). We are using the current version of MPICH (1.2.2.3) as our MPI library."
Introducing YAFFS, the first NAND-specific flash file system (LinuxDevices) LinuxDevices.com introduces YAFFS (yet another flash file system), an open source project working on a NAND-specific flash file system. "Hard disks are not a viable storage option for many embedded and handheld systems because they are too big, too fragile and use too much power. For some years now, people have been using common-old NOR flash for file system storage. JFFS and JFFS2 do an excellent job of this for Linux. For storage applications NOR flash is not that great because it is not very dense (i.e. not much storage per chip), is costly and is slow to write. NAND flash, on the other hand, is low cost, dense, and writes fast; but it has other limitations."
Anatomy of a Read and Write Call (Linux Journal) Linux Journal dissects the anatomy of a read/write call. "As it turned out, the gcc benchmark was the one that everyone seemed to be improving on the most. As we analyzed what the benchmark was doing, we found out that basically it opened a file, read its contents, created a new file, wrote new contents, then closed both files. It did this over and over and over."
Using Logical Volume Management (Linux Journal) Here is a Linux Journal article about Logical Volume Management. "Last December, I set up my Linux workstation. Since I didn't really know how I would use the machine over the next few months, I decided to install LVM - I was trained in IBM AIX LVM, so I knew what it could do. I also chose to create my filesystems using ReiserFS, which turned out to be a huge benefit. Four months later, I filled the /home filesystem. Traditionally, I would have been forced to move stuff around, and make a bunch of symlinks to use the space on another file system, or repartition, reformat and reload my data. In this case, /home was 100% full, but my /share and /tmp filesystems had several gigabytes of unused space on them. The LVM HOWTO descibes a classic scenario like this one that illustrates exactly why LVM is an excellent tool."
devfs for Management and Administration (Linux Journal) Philip Streck illustrates the installation and use of devfs in a Linux Journal article.
Reviews Linux Orbit reviews OEone HomeBase DESKTOP Linux Orbit has a review of the OEone HomeBase DESKTOP. "The Linux desktop is certainly getting a lot of media play these days. Sun is on the verge of some major desktop announcements, Red Hat 8.0 promises to be another interesting wrinkle, and let's not forget Lycoris, Lindows and the upcoming release of Xandros. Not to be forgotten, OEone recently announced that their HomeBase DESKTOP product is now compatible with Red Hat 7.3. Since that is the current Linux distribution that I run, I thought I'd give their product a test drive."
Gwana-gwana landslide buries Sun Linux (Register) Here is the Register's take on Sun Linux. "Sun's Linux Desktop turns out to be prime-time Gwana-gwana. Sun will release a distro at some point in 2003 - can't say when; and it'll be competitively priced - can't say how much, but it will be cheaper than whatever we reckon Windows costs. Er, that's it for now."
Jabbering along with tkcJabber (Open For Business) Open For Business reviews TkcJabber a Jabber client that runs on the Sharp Zaurus SL-5500 PDA. "TkcJabber, which is produced by Rancho Santa Margarita, California-based theKompany, Inc., is a client for the Free Software instant messaging system known as Jabber. Jabber works in much the same fashion as better known protocols such as AOL Instant Messenger or MSN Messenger, allowing you to have real-time conversations with others. Unlike the others, however, Jabber does not have a central server like those services, but instead uses a decentralized system similar to the way e-mail works."
uClinux: World's most popular embedded Linux distro? (LinuxDevices) LinuxDevices.com looks at the uClinux distribution from both technical and historical points of view. "Despite claims to the contrary, uClinux may well represent the world's first, most mature, and most commercially successful embedded Linux distribution. While other embedded distributions rely on upscale processors to get reasonable performance, uClinux uses solid code, a firm guiding hand, and actual product experience with deeply embedded systems. The results are smaller code, better performance, and lower cost -- all of which is applicable to both MMU-less and MMU-enabled systems."
Miscellaneous United Linux Readies Open Beta Release (TechWeb) TechWeb covers the upcoming beta release of United Linux. "UnitedLinux, a group of Linux providers building a common, enterprise-ready release of the open source operating system, said Wednesday it will let loose with a free beta of its source code Sept. 23."
UnitedLinux defends open-source roots (ZDNet) ZDNet delves deeper into United Linux, and the "closed beta" that comes with a non-disclosure agreement. ""Since nearly all of the volunteers from the Free Software community (your fellow developers) did not receive a copy of the so-called 'closed beta', we ask that in a show of good faith, you make available at least the terms of distribution you used for that product," [FSF director Bradley] Kuhn said in the letter. "Even as you release your new product to the public, the past situation must be clarified."" Conectiva has made the full text of the NDA available in response.
Lab to sample Linux for weapons work (News.com) News.com reports on a new Linux-based supercomputer that is being deployed at LANL for nuclear weapons simulation. "The lab has been a pioneer in building inexpensive supercomputers made out of ordinary computing components and the Linux operating system. Thus far, however, LANL's nuclear weapons simulation software runs on more expensive systems from SGI and Hewlett-Packard such as HP's $215 million "Q" now under construction. A $6 million price tag may sound like a bargain in comparison, but software must be reworked to run using less expensive clusters of Linux machines."
We are the west, we are the IP (ZDNet) ZDNet covers the work of an international group, The Commission on Intellectual Property Rights. "A distinguished group of academics, government representatives and businesspeople this week came out with a set of recommendations which, if taken seriously by governments around the world, could have a drastic effect on the software industry. The proposals, by the Commission on Intellectual Property Rights, would also have a drastic effect on the lives of millions of people in the developing world. All areas of intellectual property are addressed in the Commission's report--including health, as well as agricultural and genetic resources and traditional knowledge."
Page editor: Forrest Cook
Announcements Resources Linux Laptop Sound Configuration (O'Reilly) Dave Phillips writes about his experience of installing sound on an HP Omnibook 4150 laptop. "Configuring sound for laptops running Linux can be a very tricky process. Drivers may be difficult to find or install, reference materials may be incomplete or misleading, and even after careful configuration, your system may still emit no more than the beep from its internal speaker. In other words, setting up sound on a Linux laptop can quickly become an unwanted exercise in patience and frustration."
Top Five Open Source Packages for System Administrators O'Reilly has an article on using Amanda for doing Linux backups. "Amanda stands for Advanced Maryland Automated Network Disk Archiver. It was developed at the University of Maryland. James da Silva was the initial author. Amanda is a network-based enterprise backup utility that includes features previously available only in expensive commercial packages."
Upcoming Events Barbarians at the Gates! Bruce Perens speaks on Creating a Level Playing Field for Computer Software Bruce Perens will be speaking at Stanford's Gates Computer Science Building lecture hall B03 on Wednesday September 25, 4:15 to 5:30 PM. The talk is open to the public, and will be webcast live and broadcast over the SITN network.
YAPC 2003 Call For Venues (use Perl) A call for papers has been issued for the 2003 YAPC::America conference. The venue will be announced this November.
The Business Case for Open Source Software: a panel discussion. Register now to attend The Business Case for Open Source Software: Successful Models and Implementations - a panel discussion scheduled for October 1, 2002 at Patterson, Belknap, Webb & Tyler LLP, New York, New York.
Events: September 26 - November 21, 2002
Web sites LinuxQuestions.org adds a Conectiva forum Linuxquestions.org has a new Conectiva distro forum.
Software announcements This week's software announcements Here are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Miscellaneous The Great Perl Monger Cull Of 2002 (use Perl) Use Perl mentions that the list of Perl groups on the Perl Mongers site is being culled and verified. Here's your chance to get your favorite Perl group represented.
Page editor: Forrest Cook
Letters to the editor Closed betas ...
> That does not stop distributors from doing closed beta tests, however. Corel > did it. Caldera (oops...SCO Group...) has done it. Lindows has done it. And > UnitedLinux is doing it. The closed beta period ends on September 23, at > which point the UnitedLinux beta, with source, will be available to all. In > the mean time, however, one might wonder how the current closed beta is > being kept closed. The way I'd do it is simple. "United Linux" is a trademark. You sign up to the beta, you do not damage the trademark by releasing any code that could be associated with the trademark. In other words, there's nothing stopping people releasing UL code, provided they delete all references to UL that are in the code, and they don't mention UL when they post it wherever. Seeing as deleting references and acknowledgements is taboo, any reputable developer will then quite happily keep UL itself closed. And as someone mentioned in the comments, you simply have code there that is your own copyright, so that it becomes a breach of copyright to just copy the UL distro "as is". (As for open betas being better than closed - no that's not necessarily the case. Far better start with a closed beta and squash the obvious problems first, then go open and get the more subtle problems later. There *is* something known as "overload" :-) The whole *point* of a beta is to find bugs, and having your bugzilla flooded with hundreds of reports of the same bug can easily become counter-productive) Cheers, Wol
Vice President Gates
Hi Charles! At http://msnbc-cnet.com.com/2010-1071-958721.html you wrote: > the image of Bill Gates getting his marching orders from President > George [W] Bush just doesn't compute. Before dealing with your main point, I don't think you understand how the people dealing with *any* nation's security think, and your conclusions will be invalid until you do. William Henry "Trey" Gates III or one of his subordinates may or may not shut down China's computers (hey, CodeRed4 may well do that anyway...), but you're about to bet one and a half billion lives, including yours, on whether he does or not. Does this impact your thinking? It would impact mine. The question flips from "is it certain that Bill can pull our collective plugs?" to "is it *possible* that Bill could pull our collective plugs?" - and of course that flips the answer from "Ha, ha" to "Yes." Now, as to whether Bill has the capability to actually do this, let's use Microsoft's own words: "The OS Product or OS Components contain components that enable and facilitate the use of certain Internet-based services. You acknowledge and agree that Microsoft may automatically check the version of the OS Product and/or its components that you are utilizing and may provide upgrades or fixes to the OS Product that will be automatically downloaded to your computer." [Text from the Windows 2000 SP3 EULA and Windows XP SP1 EULA] The implication is that Microsoft can alter the software on your computer at will, AND you agreed to let them do that when you installed it. Wouldn't it be handy - but not for China - if a wartime update to Windows was or included a TCP stack that stopped recognising Chinese IP addresses at a specific date and propagated itself as hard as it could by fair means or foul until then? As to *how* Microsoft propose do that, well, why not just read the source code yourself and find out? (-: Finally, given that Microsoft seem to have both means and opportunity, how about motive? Bush orders Gates, so-so, maybe. National Guard orders Gates at gunpoint is quite a different scenario. CIA plant pushes button for Gates yet another. Is a troublemaking cracker from Saint Petersburg unprecedented? The possibilities are myriad. Just don't be dumb enough to say that it's impossible. Cheers; Leon -- http://www.cyberknights.com.au/ Modern tools, traditional dedication http://slpwa.linux.org.au/ Member, Linux Professionals West Aus http://linux.conf.au/ THE Australian Linux Technical Conf: 22-25 January 2003, Perth: be there!
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Benchmark results]](http://old.lwn.net/images/ns/thread-chart-sm.jpg)