LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in Business
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for June 20, 2002Disney goes for LinuxHP issued, on June 18, a press release proclaiming that Disney had chosen HP's Linux-based systems "as components in its next-generation digital animation production pipeline." It looks like another big win for Linux, and the press has generally portrayed it that way. And it is true: Linux continues to grow in popularity as people and companies come to understand its advantages.LWN has generally applauded Linux's commercial successes - more users will, in the end, mean more developers and more and better free software. And that could prove to be true in this case as well. But we should not lose track of another, important point: Disney is one of the prime movers behind the CBDTPA - a law which would make Linux illegal. Disney thinks that free operating systems (or free computers in general) are a threat to its business, and thus something to be outlawed. Free DVD players are not to be allowed. Oppressive digital rights management systems will put an end to any sort of fair use of copyrighted materials. The people can not be trusted with control over their own systems. Meanwhile, back at Disney: "Walt Disney Feature Animation will employ HP's Linux infrastructure to give artists more powerful tools to translate their artistry into animation while achieving significant cost reductions." Supplying Linux to Disney thus looks like aiding the enemy - how much of those "significant cost reductions" will be applied to maintaining the company's private Senators in Washington? But consider this scenario: by the time a new, son-of-CBDTPA starts to look like it might pass, much of Disney's operation could be based on, and dependent on, free software. What fun it would be to attend the meeting where CEO Michael Eisner is made aware of what capabilities would be lost - and how much it would cost - if the company's free software had to be replaced with proprietary code carrying the Big Brother Stamp of Approval. So Linux's infiltration into Disney could well be something to be encouraged. With luck, freedom slipping in from below could end up subverting the repressive plans of the leadership. One can always hope...
The Apache vulnerability, full disclosure, and monoculturesThe advisory from Internet Security Systems (ISS) came out on June 17: the Apache server has a remotely-exploitable vulnerability in its "chunk handling" code, which is used for handling uploads of unknown size. The alert describes the problem, notes that the Apache project has been alerted, and includes a patch.It all looks like a fairly normal response to security problems in the free software community, until you look a little more closely. It turns out that the Apache group was already aware of the problem and was working on a fix. The Computer Emergency Response Team (CERT) also was already involved. It also turns out that the ISS patch does not completely fix the problem. ISS, in its hurry to publicise the vulnerability, had not checked with either CERT or the Apache Software Foundation. Full disclosure of security vulnerabilities is (usually) seen as a good thing in the free software community. Freedom, with regard to software, includes the freedom to know about (and fix) problems. And, of course, full disclosure is a powerful tool for forcing a software maintainer to release a fix - most of the time. As a general rule, nobody is more secure when the crackers are the only ones to know about security problems. The other side of full disclosure, however, is that, when done too soon, it can leave millions of users open to a vulnerability while no fix is available. Such is the case this time around. Sites running Apache on Windows are most vulnerable to the chunk handling vulnerability; such sites are probably running a binary distribution of Apache, many do not even have a compiler available, and thus they will be poorly served by a source patch. Full disclosure is a powerful tool which should be used with care. The disclosure of a security vulnerability should never be a surprise to those who must clean up the mess. Those who find security problems should always work with the package maintainer and give that maintainer time to make a fix available. Only in cases of serious stalling or neglect should a disclosure go out before the maintainer is ready. This is a lesson that the free software community will probably have to relearn every so often. Free software has the potential to be far more secure; its open nature lets any interested party inspect the code for problems. But much of that advantage is lost when vulnerabilities are handled in an immature manner. If you or your company find a security vulnerability, surely you can wait a few days to claim your credit. This vulnerability raises another concern as well. Much has been said about the dominance of Windows systems on the net; the resulting "monoculture" is highly vulnerable to security problems. Apache's share of the total web server population is such that it could be considered a monoculture as well. Apache has obtained that share through consistent high quality and a strong security record. No package is completely invulnerable, however, and Apache problems, when they do turn up, place much of the net at risk. For the security of the net as a whole, it would be nice if there were another free web server with something resembling Apache's stature and market share. For details on the chunk handling vulnerability, see the LWN vulnerability entry, the advisory from the Apache Software Foundation or the CERT advisory. Initial indications were that this problem was not remotely exploitable on Linux systems, but that claim is now known to be false. If you are running an Apache server, you want to upgrade as soon as possible.
MobiliX wins its trademark disputeBack in January we covered the trials and tribulations of MobiliX, a![[Obelix]](http://old.lwn.net/2002/0110/obelix.jpg)
site dedicated to Linux and BSD on mobile systems. Lawyers representing
Les Editions Albert René challenged the MobiliX name, saying that it could
be confused with the cartoon character Obélix, who is more concerned with
mobile menhirs. Not everybody agreed with this claim, of course; despite
the obvious resemblance between Tux the penguin and Obélix, they still are
difficult to confuse.
It turns out the German court disagreed with that claim as well, and has turned down the claims by Les Editions Albert René. MobiliX is thus free to use the name without fear of further trademark trouble. Congratulations are due to MobiliX leader Werner Heuser, who decided to stand up to the lawyers and defend his name. See the MobiliX trademark page for the full history of this dispute.
European Digital Rights launchesEuropean Digital Rights is a new, international civil rights organization formed by ten European organizations. "European Digital Rights (EDRi) is an association in which existing European privacy and freedoms organisations work together in raising awareness of policy makers and the public about the upcoming threats to our privacy and freedoms." See the announcement for details.
The Ottawa Linux SymposiumNext week is the Ottawa Linux Symposium, happening June 26 to 29. The schedule is full of seriously technical talks from many prominent Linux developers; it looks to be an interesting event. For those who are unable to attend this (sold out) conference, the full proceedings have been placed online as a single, huge, 630-page PDF file; it has been mirrored by LWN and on William Stearns's site.Immediately preceeding OLS is the second Kernel Summit. Topics to be discussed there include the Linux Security Module patch, virtual memory, asynchronous I/O, cleaning up the module mechanism, "carrier grade Linux," 2.6 goals, the block I/O subsystem, cleaning up the SCSI layer, and more. It looks to be an interesting event, to say the least. LWN editor Jonathan Corbet will be taking a break from the smell of wood smoke and the drone of slurry bombers (which are regular Colorado features, these days) to attend both events; he will report back when time and connectivity allow.
Security Brief items IBM Debuts First Self-Diagnostic Wireless Security Tool on LinuxA press release from IBM announces its "The Distributed Wireless Security Auditor" (DWSA) system. "The DWSA system, which runs on Linux on desktops and laptops, can accurately pinpoint the location of any rogue access points, enabling network personnel to quickly find and then fix or remove them, unlike other wireless auditors that require personnel to perform time consuming physical searches by walking around the site."
IBM shoots at 'drive-by hackers' (ZDNet)Here's an article about IBM's recent press release, outlining their self-diagnostic wireless tool. "The IBM software sits on laptops and PCs, analyzing traffic on an internal 802.11 wireless network and sending data to a centralized server, said Dave Safford, manager of the global security analysis lab at IBM Research in Hawthorne, N.Y."
NSA pushes secure Linux (vnunet)vnunet has posted an article about SELinux. "It may seem odd that the NSA has developed a security module. In the X-Files world of government agencies, the NSA is often associated with code breaking, but the other aspect of its role is code making, hence the interest in a secure Linux."
CRYPTO-GRAM, June 15, 2002Bruce Schneier's CRYPTO-GRAM newsletter for June is out; the main topic this time around is making intelligence organizations work better to prevent attacks in the future. "My opinion has been that it is largely unnecessary to trade civil liberties for security, and that the best security measures -- reinforcing the airplane cockpit door, putting barricades and guards around important buildings, improving authentication for telephone and Internet banking -- have no effect on civil liberties. Broad surveillance is a mark of bad security."
Security reports Remote denial of service vulnerability in Mozilla 1.0A bug triggered by a huge font setting, from a CSS, results in a X windows crash or an unusable system. The problem is in Mozilla 1.0 and earlier. Also see the bugzilla entry.The problem is fixed in the Mozilla 1.0.1 branch.
IGMP local denial of service vulnerability in the 2.4.18 kernelIGMPv2 is a protocol used by IP hosts to report their multicast group memberships to routers.Krishna N. Ramachandran has reported a IGMP related local denial of service vulnerability in the 2.4.18 kernel. It could be a problem for people using Linux as a high-end router. It won't affect most users, The full description is available here. The solution is to "drop All IGMP packets that are not multicast ethernet addresses."
Mandrake 8.2 security issueIt has been reported that the Mandrake Linux 8.2 "default security settings leave users' home directories world readable." The suggested solution is to "use the Mandrake Control Center, security settings section, and make sure the level is set to at least "High", or manually enter 'msec 3' via CLI"
BasiliX multiple vulnerabilitiesUlf Harnhammar reports multiple vulnerabilities in the BasiliX webmail application based on PHP, IMAP and MySQL. The four vulnerabilities are: potential access to any file on the web server cross-site scripting issues, insecure storage of attachments and SQL Injection holes. Versions 1.1.0 and all previous versions are vulnerable.
ZenTrack System Information Disclosure VulnerabilityAhmet Sabri Alper reported an information disclosure vulnerabilty in ZenTrack v2.0.3, v2.0.2beta and older. A maliciously crafted HTTP request may be used to reveal the path to the web root and "maybe some more sensitive information."
PHP source injection vulnerability in PHPAddress 2.0eTim Vandermeersch reports that PHP Address 0.2e has a vulnerability which allows a crafted URL to include any php file on the server. The problem is fixed in PHP Address 0.2f (17.07.2002). PHP Address is a collection of PHP scripts for maintaing a small web-based address-database.
(Proprietary product) Information disclosure vulnerability in webMathematicaA vulnerabilty was reported in "the webMathematica software which allows remote clients (web surfers) to read an arbitrary file on the server (assuming the httpd-user has permission)." A version of webMathematica which fixes the problem is available from the vendor, Wolfram Research.
New vulnerabilities Apache 'chunk handling' vulnerability
Cross-site scripting vulnerability in Horde/IMP 2.2.7 and 3.0
Updated vulnerabilities Heap corruption vulnerability in at
Denial of service vulnerability in version 9 of BIND
DHCP remotely exploitable format string vulnerability
Ethereal packet handling vulnerabilities
Ethereal buffer overflow, infinite loop and memory management vulnerabilities
Remotely-exploitable buffer overflow vulnerability in fetchmail
GNU fileutils race condition
Ghostscript arbitrary command execution vulnerability
Buffer overflow problem in glibc
Buffer overflow in groff
UW imapd remotely exploitable buffer overflow
LPRng accepts jobs from any host.
Mailman 2.0.11 fixes two cross-site scripting vulnerabilities
Mozilla XMLHttpRequest file disclosure vulnerability
String format bug in pam_ldap logging
Remotely exploitable vulnerability in pine
Sharutils potential privilege escalation using uudecode
Malformed NFS packet buffer overflow vulnerability in tcpdump
Multiple vendor telnetd vulnerability
Multiple vulnerabilities in SNMP implementations
webalizer: reverse DNS buffer overflow vulnerability
Webmin/Usermin vulnerabilities
Problems with libgtop_daemon
xchat IC server based dns query vulnerability
Resources VPN Implementation in Cluster Computing (Linux Journal)This tutorial by Linux Journal offers ideas to negotiate security and scalability issues with clusters. "After we connected the two clusters through the the VPN, users were able to log in to the master machine on the first cluster and submit jobs on both of the clusters through the queue system."
Systrace - Interactive Policy Generation for System CallsNiels Provos has released systrace for OpenBSD and NetBSD. "Some work has started on a GNU/Linux port.". Also see, this post regarding systrace and the recent apache vulnerabilities.
Systrace provides
With a correctly configured policy the impact of programming errors in system daemons can be constrained significantly.
Linux Security Week and Advisory WatchThe June 17th Linux Security Week and June 14th Linux Advisory Watch newsletters from LinuxSecurity.com are available.
Events ToorCon 2002 call for papersToorCon 2002, will be held the 27th-29th of September 2002 in San Diego, CA, USA. The call for papers closes the 16th of August, 2002.
ICICS 2002 call for papersThe Fourth International Conference on Information and Communications Security (ICICS 2002) will be held in Singapore, December 9-12, 2002. The call for papers closes 1 July 2002.
Upcoming Security Events
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.
Page editor: Dennis Tenney Kernel development Brief items Current release statusThe current development kernel is 2.5.23, which was announced by Linus on June 18. Says Linus:
I asked 'what more can you ask for' for 2.5.22, and somebody
immediately piped up with raid5 working again. Well, here you have
a big MD merge from Neil Brown, which may or may not get you
there. Good luck.
Other stuff in this release includes an x86-64 merge, a number of VM/filesystem patches from Andrew Morton, some asynchronous I/O precursor patches from Ben LaHaise (see below), more kbuild tweaks, another set of IDE fixes, and numerous other changes. The long-format changelog is available for people wanting all the details. Linus released 2.5.22 on June 16; this release included a big x86-64 merge, some important bug fixes, an IrDA update, another set of kbuild tweaks, more IDE work, and a bunch of other changes. Once again, the long-format changelog is also available. The current prepatch from Dave Jones is 2.5.23-dj2. The patch has been pruned somewhat; various obsolete bits have been thrown out. It also features a visit by the "mad axemen," who have been carving up large, monolithic files (such as the MTRR code). A new, optimized select/poll implementation by Andi Kleen went in, along with a number of compile fixes. Guillaume Boissiere's latest 2.5 status summary came out on June 19. It takes a quick look at what has been accomplished since the last kernel summit, and what remains to be discussed at the next one. The current stable kernel is 2.4.18. There have been no 2.4.19 prepatches released since June 4. Rumor has it that Marcelo is too busy following the Brazilian team's fortunes in the World Cup, but that could not be confirmed.
Kernel development news The beginning of the asynchronous I/O merge?Ben LaHaise's asynchronous I/O patch has been waiting for inclusion for many months. Asynchronous I/O happens, of course, without blocking the calling process; it also goes directly to or from the user process buffer whenever possible. The feature is used by certain demanding applications, such as relational database systems. Ben's patch is working, and has been shipped in Red Hat's Advanced Server product. But it is not yet part of the mainline kernel.There are a couple of apparent reasons for this patch's long wait for inclusion. One is that Linus is unconvinced about the value of asynchronous I/O; he thinks there are better ways to solve the problem (see the May 16, 2002 LWN Kernel Page). The other reason is that this patch reaches deeply into the kernel and changes some fundamental interfaces - for example, it changes the read and write functions provided by device drivers. Big changes make Linus (and others) nervous; it is considered preferable to break things multiple times in small pieces. So now some of the structure needed for asynchronous I/O is being submitted in the requisite small chunks. The first patch simply splits the fput() function into two pieces to simplify its invocation (indirectly) from an interrupt handler. The second patch is, perhaps, more interesting. Here the wait queue mechanism is being changed in fundamental ways. The first version of this patch simply added a callback function which would be invoked when a wakeup happens on the queue. This callback is needed for the asynchronous I/O subsystem; it needs to know when an I/O operation completes, but it can not block on the wait queue. Following suggestions from Linus, later revisions of the patch have moved some of the wakeup functionality to that callback function. There can even be different callbacks for "exclusive waits" (where only one process should be awakened even if many are waiting) and the standard "wake everybody" variety. By providing different callbacks, kernel subsystems can change the semantics of the wait operation. Wait queues, in other words, are evolving from a mechanism that puts a process to sleep for a while into a more general event notification mechanism. The immediate application for this mechanism is asynchronous I/O, but it will be interesting to see what others turn up.
Moving things on and off the kernel stackThe Linux kernel stack is a limited resource; it must fit into two pages of memory, which it shares with some process information. Overflowing the kernel stack can be a catastrophic event, and it can happen at surprising times, such as in interrupt handlers. After a recent Stanford Checker posting pointing out numerous places where large structures have been allocated on the stack, and with proposals to consider reducing the size of the stack, there has been an increase in interest in minimizing kernel stack usage.One bit of code that caught Andries Brouwer's eye was the resolution of symbolic links. In the process of symlink resolution, the kernel can encounter new links which must also be resolved; this is handled by a recursive call into the resolution code. Each call, of course, requires kernel stack space, so recursive calls must be looked at with care - unless the recursion is carefully bounded, it can easily overflow the kernel stack. The symlink code handles this constraint by limiting the symlink depth to five. Andries has posted a new symlink implementation that eliminates the recursion. Instead, it maintains its own stack - allocated separately - which contains the current state of symlink resolution. In this way, the five-level limit can be lifted without fear of overrunning the kernel stack. Of course, it is extremely rare that anybody actually hits the five-level limit; there are special cases, however, where users do interesting things with symbolic links. Not all developments are oriented toward reducing kernel stack usage, however. Andi Kleen has posted a patch which does the opposite in order to make the select and poll system calls perform better. These calls (which share most of an internal implementation) allocate a couple of pages of kernel memory to hold the requisite data structures; they are sized to be able to handle situations where large numbers of file descriptors are being waited on. In reality, however, many (if not most) select and poll calls are given only a small number of file descriptors, so much of that memory is wasted. Andi's patch works by setting up a separate fast path for when only a small number of file descriptors are in use. Rather than allocate those two pages, the fast path uses a small, in-stack array. The stack space usage is limited to 256 bytes, which will fit easily even on a reduced-size stack. The new implementation not only saves a couple of kernel pages for each process calling select (and there can be many on a typical Linux system), it's faster as well. The patch has been included in 2.5.23-dj2, and will likely find its way into the mainline before too long.
Reverse mapping VM comes to 2.5Rik van Riel's reverse-mapping virtual memory implementation (RMAP) has been under development for several months; it has attracted some attention as a possible way of improving Linux VM performance in the future. Thus far, however, RMAP has only been available for the 2.4 series, so it has been hard to evaluate as a possible addition to 2.5.That situation has just changed, however: Craig Kulesa decided to port RMAP to the 2.5.23 kernel. He posted it in two forms: a full port which makes many changes, and a minimal version which add only the reverse mapping code itself. Craig's preliminary benchmark results show a respectable performance improvement in 2.5.23 when the RMAP code is added in. A much more serious benchmarking effort will have to be done before any real conclusions about RMAP in 2.5 can be drawn. This port, however, has attracted a fair amount of interest. If more detailed numbers can be obtained soon, RMAP in 2.5 should be an active area of discussion at next week's kernel summit.
2.5 and IDE developmentIt has been a few weeks since a "concerns about the IDE reimplementation process" article appeared here, so it must be about time. The conversation this time around started with a complaint that recent kernels can deadlock when reading partition tables; it included "a small plea for more testing" before IDE patches are unleashed upon the world. Dave Jones followed up with a remark of his own:
When the IDE carnage first started back circa 2.5.3, I had
contemplated not merging *any* of the IDE patches, just so that
people who want to work on other areas could have something solid
to build upon. I regret not following through on that instinct.
Linus, however, remains unworried:
We're not supposed to be writing code and then releasing it when it
is done. We _want_ incremental changes, and open breakage.
So the IDE process is likely to continue as it has. Be careful out there. In a separate conversation, a user requested the restoration of the IDE taskfile operations. Those operations had been removed relatively early in Martin Dalecki's series of patches. He has not promised to restore them, but previous IDE maintainer Andre Hedrick jumped in with an interesting comment:
In the end, I will end up writing a closed ATA binary driver for
sale as a replacement. I have had several requests to consider the
option. As much as I do not like the idea, it is less offensive
than the current direction.
It would be a shame if Linux users were driven to use a binary-only driver for such a fundamental subsystem due to lack of support for needed operations. The next stable kernel is still far away, however; plenty of time remains for these issues to be dealt with. Jens Axboe has, meanwhile, released a version of his "tagged command queueing for IDE" patch, backported to the 2.4.19-pre kernel.
Patches and updates Kernel trees
Core kernel code
Device drivers
Filesystems and block I/O
Janitorial
Memory management
Networking
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Slackware 8.1 releasedIt's official: Slackware 8.1 has been released. Features in this release include the 2.4.18 kernel, glibc 2.2.5, XFree86 4.2.0, a new print system based on LPRng (CUPS also available), Apache 1.3.24 (oops, look for an update there...), Mozilla 1.0, KDE 3.0.1, etc. See the announcement for all the details.
The Debian Developer's Guide to Security UpdatesThe new Debian Developer's Guide to Security Updates has been posted. It describes how a Debian maintainer should interact with the new security apparatus; it's interesting in that it provides a view into how one distributor handles security issues.For the most part, it's fairly straightforward stuff. Some highlights:
The full story can be found in the document, of course.
Olaf Kirch joins the SuSE security teamSuSE has sent out an announcement stating that Olaf Kirch has joined the company's security team. Olaf is a long time Linux contributor, of course; he had his hands in the Linux NFS code years ago and is the author of the venerable Linux Network Administrator's Guide. Olaf, until recently, handled security for Caldera. SuSE now claims a total of five people on its security team - an impressive and encouraging commitment to the security of the SuSE Linux (and, eventually, UnitedLinux) distribution.
Distribution News Debian Weekly News - June 18th, 2002The Debian Weekly News for June 18 is available; this issue looks at the new security build infrastructure, the Woody release ("...we're not entirely done developing Woody"), Debian at LinuxTag, the "after Woody" wishlist, and more.
Design of an apt-src programJoey Hess has posted the beginnings of a design for a new, "apt-src" program. This utility would be like apt-get, except, of course, that it would handle source packages instead. Debian's package management doesn't make dealing with source entirely easy; this new interface could change all that. It includes support for dependencies between source packages, and might even handle automatic rebuilds when a package is upgraded. Joey is looking for feedback on the design; full details may be found in the announcement.
Debian on the Sharp Zaurus/SL-5xxxMatt Zimmerman, who is lucky enough to have obtained a Zaurus PDA, has announced the beginning of an effort to make a version of the Debian distribution for this device. The Zaurus already runs Linux, of course, and Zaurus users end up grabbing packages from the Debian ARM port when they want more software. But it would be nice to have a full Debian distribution, using the Debian package manager. Matt is looking for people interested in contributing to this effort; see the announcement for the details.
Gibraltar Firewall based on DebianHere is a press release from the Debian Project about the Gibraltar Firewall Project. Gibraltar is building a router and firewall package (based on Debian, of course) which will run directly from CD. A free version is available for download now, with a commercial version (with manuals and all) in the works.
Mandrake Linux Community Newsletter - Issue #46The Mandrake Linux Community Newsletter - Issue #46 is now available. "This Week's Summary: Xerox Chooses Mandrake Linux; Latest MandrakeClub Activities; Cooker Snapshot ISOs; PPC News; Mozilla 1.0; What's New at MandrakeUser.org?; This Week's Survey; Security-related Software Updates; Headlines from MandrakeForum."
Mandrake Linux Servers Invade InternetMandrake has sent in a press release to state that the latest Netcraft survey shows that the web server shipped with Mandrake, the Advanced Extranet Server, has "dramatically grown during the past 12 months, confirming the increased adoption of Mandrake Linux as a server platform."
A Mandrake update for ImageMagickMandrakeSoft has put out an updated version of its ImageMagick package. It seems that there is a problem with the x86 development libraries that can cause segmentation faults; this update fixes that problem.
Slackware updatesThe Slackware changelog notices have been coming out steadily in the runup to the 8.1 release. Recent changes include new quota code, the addition of adjtimex, a new Java runtime environment, a MySQL upgrade, the latest Evolution, and more. The June 15 changelog also notes a security fix to KHTML.Meanwhile, for those of you who miss the old Slackware forums, UserLocal has put up a readonly version for archival purposes.
Minor distribution updates FreeBSD 4.6 releasedFreeBSD 4.6 is now available. Quite a few changes have gone into this release, including the adoption of XFree86 4.2. See the announcement for the details.
Embedded Coyote Linux Wolverine Beta 1The Embedded Coyote Linux page notes the June 17 release of "Wolverine Beta 1." "This version includes PPTP authentication updates, bug fixes, and updated login and firewalling services. This version contains the majority of the functionality that will be present in the final v1.0 release."
LEAF v1.0-rc3The third release candidate of LEAF 1.0 (LEAF being the Linux Embedded Appliance Firewall) has been announced. Numerous packages, mostly security-oriented, have been upgraded in this release; see the announcement for details.
Page editor: Jonathan Corbet Development System Applications Clusters and Grids SCE 1.5 Release AnnouncementVersion 1.5 of SCE, an integrated scalable computing environment, has been released. New features include automatic installation for diskless machines, HA support out of the box, automatic dependency checks, a new configuration generation tool, performance improvements, and bug fixes.
Electronics Icarus Verilog 20020616 releasedA new snapshot of the Icarus Verilog electronic simulation language compiler has been released. See the release notes for more information.
Embedded Systems Mizi Research announces new Linux PDA developer kit (LinuxDevices)LinuxDevices introduces us to an embedded Linux developer kit. "Mizi Research (Seoul, Korea) announced today the near-term availability of a hardware/software developer kit for its Linu@ (pronounced 'Linu-ette') Embedded Linux distribution."
Libraries Koha 1.2.0 ReleasedVersion 1.2.0 of KOHA, a free open source library (as in books) system, has been announced. New features include search by Dewey number, improved keyword searches, restricted catalogue searches, a new catalogue maintenance section, MARC imporing capabilities, and bug fixes.
Mail Software Sentinel 1.2.4b releasedVersion 1.2.4b of the Sentinel mail filter for sendmail has been released. Some instabilities under the Linux and Sparc platforms have been fixed.
Web Site Development Midgard 1.4.3 releasedThe final Midgard 1.4.3 release has been announced. Not much has changed since the last release candidate; click below for the details. (Midgard is a PHP-based web application publication framework).
SashXB 1.0 releasedThe Gnotices site is carrying an announcement for release 1.0 of IBM's SashXB. "SashXB is an open source application environment that exposes native functionality to JavaScript. It's ideal for web developers with HTML and JS skills who want to write full-featured native applications, as well as experienced programmers who'd appreciate the convenience of rapid application development. It uses a host of other open source projects, including Mozilla, GNOME, Glade, and Gdome. The SashXB project was inspired by Sash For Windows." See the SashXB home page for more details.
Zope Members NewsThe latest adds to the Zope Members News include a notices for Zope training, External Editor 0.3, CMFForum 0.1, ZOPE 2.6.0 Alpha 1, ZFS 0.1, and a Hotfix 2002-06-14 security Alert.
Miscellaneous Ship in a Bottle - Running Linux Under LinuxDavid HM Spector illustrates various ways to emulate Linux under Linux for the purpose of software development. "So if you're still in the game, need to test lots of software configurations for your products and services, and aren't allowed to buy or lease any new hardware, what do you do? Clearly, repeatedly building and wiping out a machine or two for software testing is tedious and time-consuming. In this Linux in the Enterprise article, we'll examine some software solutions that will help you "create" enough machines to test against without spending anything more than a little time and some disk space."
How to build a dual-booting Linux system on a single hard drive (developerWorks)Koki Zamboni has written in with a link to an old but worthwhile IBM developerWorks tutorial on dual booting Linux with Linux. "Having multiple Linux installations to work with allows you to easily test different libraries with the same program, watch how your program interacts with others, or just tweak a parameter here or there to see what happens. This comes in handy for development and testing -- as well as for customer support."
Twisted 0.18.0Version 0.18.0 of the Twisted network framework has been released. "0.18.0 is a major release, cleaning up many of the main APIs in twisted.internet and moving us much closer to a 0.99.x series leading up to Twisted 1.0."
Desktop Applications Audio Applications WaveSurfer 1.4.1 releasedVersion 1.4.1 of the sound visualization and manipulation tool WaveSurfer has been released. This version features "Numerous minor enhancements and bug-fixes".
Desktop Environments GNOME 2.0 Desktop Release Candidate 1All you GNOME testers out there, GNOME 2.0 Desktop Release Candidate 1 code-named "Fever Pitch" is ready for you.
GNOME Installation Guide for 1.4.1 and 2.0 publishedThe GNOME Installation Guide for the releases 1.4.1 and 2.0 has been upgraded and published.
Getting ready for GNOME 2, part 2 (IBM developerWorks)IBM's developerWorks is running part 2 in a series by Daniel Robbins on GNOME 2. "In the second installment of the newly relaunched GNOMEnclature column, relative GNOME newbie and Common Threads columnist Daniel Robbins takes a a look at the new Glib object system from a new GNOME developer's perspective."
GNOME Utilities 2.0.0 'Zivot je jinde' releasedThe GNOME project today announced the release of gnome-utils 2.0.0, targeted for the "GNOME 2.0 Platform and Desktop" release. Much has changed since the initial start of the project in late 1998 and this release marks the start of a more intuitive and appealing user interface, coupled with the port to the new GNOME 2.0 platform.
Kernel Cousin KDE #38Issue #38 of Kernel Cousin KDE topics include Mime Types In KDE, Going Back a Revision, KDE to Speak Klingon, and KOffice Mimetypes Submitted to IETF for Public Review.
Games Boson 0.6 -- A New MilestoneKDE.News reports on a new version of the real time strategy game Boson. "Since development restarted in late 2001, the game has been completely rewritten and ported to libkdegames. As a result of the recent development, Boson 0.6 has been released."
The Chopping BlockThe June, 2002 edition of The Chopping Block is out with the latest news from the WorldForge game project. Feature articles topics include Concept Art, Lagrangian Mechanics, and the First Castles Paper.
Graphics Gdk-pixbuf 0.18.0 is released (Gnotices)Version 0.18.0 "No White Clouds in My Blue Sky" of the Gdk-pixbuf library has been released. A number of bugs have been fixed in this release.
Interoperability Kernel Cousin Wine #125Kernel Cousin Wine #125 topics include Wine-20020605, Lindows OS SPX 2, Testing Lotus Notes 3, Directly Executing Windows Binaries 4, License Thoughts, and the Future of Wine Debugging.
Kernel Cousin Wine #126 For 13 JuneIssue #126 of the Kernel Cousin Wine is available. Topics include Updated CodeWeaver's Products Quickstart Guide; TransGaming Releasing Code; LinuxTag 2002 News; Installing Internet Explorer; Supporting Windows Links in the Kernel; and Preliminary BiDi Patch.
Office Applications AbiWord Weekly News #96The latest weekly news update for developers and users of AbiWord is available. "BugZilla upgraded, table and GTK2 work continues. There's also been lots of work done on other fronts: win32 installer update, bug fixes, and msxml support to name a few."
Languages and Tools C distcc 0.4 availableVersion 0.4 of distcc, a distributed C compiler, is available. "distcc is a program to distribute compilation of C code across several machines on a network. distcc should always generate the same results as a local compile, is simple to install and use, and is often significantly faster than a local compile. Unlike other distributed build systems, distcc does not require all machines to share a filesystem, have synchronized clocks, or to have the same libraries or header files installed. Machines can be running different operating systems, as long as they have compatible binary formats or cross-compilers. (Currently it is being tested on gcc-linux-x86 and gcc-freebsd-x86.)". (Thanks to Martin Poole.)
Caml Caml Weekly News for June 4-11, 2002The June 4-11, 2002 edition of the Caml Weekly News looks at signal analysis, Cash 0.10, Ocaml licensing issues, F#, findlib-0.7, and more.
The Caml HumpThis week, The Caml Hump covers the PoesiaMonIcap Internet Content Adaptation Protocol filter monitor, the Cameleon ide, DBForge, omlib, and rpc.
Java Sun JDK 1.4.0_01 ReleasedSun has released version 1.4.0_01 of Sun JDK. A number of bugs have been fixed in this version.
Enhance Collection Performance with this Treasure Trove (O'Reilly)O'Reilly's OnJava site reviews Trove. "Eric D. Friedman wrote a high performance set of collections called Trove. Trove allows you to plug in their versions of certain containers (HashMap, HashSet, LinkedList), and use them just like you did with the standard versions. There are also ways to utilize primitive collections to gain even more performance. Don't you love open source?"
Lisp OpenMCL 0.12 releasedVersion 0.12 of OpenMCL has been released. "This version features several changes to the FFI interface, a more extensive Cocoa demo for Mac OS X, and a lot of bug fixes." See the release notes for more information.
Perl Where Wizards Fear To Tread (Perl.com)Artur Bergman examines thread programming under Perl 5.8 on O'Reilly's perl.com site. "One of the big new features in perl 5.8 is that we now have real working threads available to us through the threads pragma. However, for us module authors who already have to support our modules on different versions of perl and different platforms, we now have to deal with another case: threads! This article will show you how threads relate to modules, how we can take old modules and make them thread-safe, and round off with a new module that alters perl's behavior of the 'current working directory'."
PHP PHP Weekly Summary for June 17, 2002The June 17, 2002 edition of the PHP Weekly Summary is available. Topics include PHP 4.3.0 + ZE2, DOMXML validation, MySQL extension, a call for papers for the International PHP conference in Frankfurt, Germany, Wez and Streams support, PHP and sed, and PEAR and PECL.
Gettext (O'Reilly)Joao Prado Maia writes about gettext and PHP on O'Reilly's OnLamp site. "Did you ever get into a situation in Web development where you need to create a Web site or a Web application that is dynamically available, in several languages? A lot of existing open source applications try to create their own solution for these needs, but the standard way to do this is to use Gettext, a set of GNU tools to help packages manage multi-lingual messages in their applications."
Python This week's Python-URLHere is Dr. Dobb's Python-URL for June 17. It looks at Guido's first Father's Day, final methods, the leo editor, MayaVI, and more.
The Daily Python-URLThis weeks entries on the Daily Python-URL covers PyReverse, Leo, Generating SOAP, PyBEM, ChinesePython, tree2image, Python iterators, and more.
Ruby The Ruby GardenThis week's Ruby Garden topics include module importing issues, and the use of nil.to_f.
Scheme Scheme Weekly NewsThe June 10, 2002 edition of the Scheme Weekly News covers PLT Scheme v200alpha19, the 27th Scheme Request For Implementation, a new ILISP release, expansion of the ReadScheme.org bibliography, and SWIG 1.13.12.
XML Secrets of the XML developer elite: Janet Sullivan (IBM developerWorks)IBM's developerWorks looks at some XML development tricks from Janet Sullivan. "Janet Sullivan knows that the successful use of XML depends on how clean developers can keep their XML data trees. Make sure bad data does not corrupt your XML data tree, insists Sullivan. In this piece, Sullivan gives tips and tricks for XML developers to keep the introduction of dynamic data safe."
The IETF, Best Practices and XML Schemas (O'Reilly)O'Reilly's XML-Deviant column covers the XML best practice guide. "In this week's XML-Deviant column, I examine an XML best practice guide under development by the IETF, as well as the XML Schema language debate which it has reignited."
Editing XML Data Using XUpdate and HTML Forms (O'Reilly)Chimezie Ogbuji introduces XUpdate on O'Reilly's XML.com. "In this article I will discuss how XUpdate can be used in conjunction with XSLT to write tools for authors of web-based applications that will automatically generate HTML forms for editing various kinds of data."
Miscellaneous GNUstep Weekly EditorialThe June 6, 2002 edition of the GNUstep Weekly Editorial is out. Topics include gnustep-make 1.3.3, gnustep-gui-0.7.8, gnustep-back-0.7.8, and StepTalk 0.6.0.
12 Months, 25 Men, One Woman and a Dictionary (O'Reilly)Aidan Mark Humphreys discusses developers' spoken languages on O'Reilly's OnLamp site. "English is, to be sure, the closest thing we have to a lingua franca for software engineering. One of my involvements, the PHP-based PostNuke CMS Project, has over 200 developers from -- well, just about everywhere, with English as a common language. But there are many talented developers who, whilst quite happy to read the latest W3C spec or RFC, do not feel confident enough of their Franglais, Singlish, or Ginglish to hold their corner when flame wars break out."
Page editor: Forrest Cook Linux in Business Business News Wal-Mart selling Lindows PCsWal-Mart, as it turns out, is now selling computers with Lindows installed. There are eight models available, for as cheap as $299. See this press release from Lindows for hype and more information.
Caldera backs away from 64-bit Open Unix (Register)Caldera International Inc continues to support the Unix operating system, although although there are no plans to port Unix to the 64 bit Itanium processor.
Red Hat reports first quarter fiscal 2003 resultsRed Hat has announced its latest quarterly results. The bottom line: a $830,000 "pro forma" loss on $19.5 million in revenue. The real bottom line is a $4.3 million loss. No talk of operating profits this time around. "Large enterprise revenues" are where the company's money is coming from; much of the loss came from restructuring the embedded group.
HP and Red Hat Expand Relationship to Deliver Linux Solutions to Enterprise CustomersThis press release announces that HP will be selling servers with Red Hat Linux Advanced Server. "As part of the expanded relationship, all HP ProLiant servers, blade servers and Itanium 2-based servers and workstations will be available with certified Red Hat Linux Advanced Server". See also this CNET story with a little more detail.
MontaVista Software Partners With IDT to Provide Embedded Linux Platform for Communications ApplicationsHere is a press release detailing MontaVista's plan to provide Linux support for IDT's Ethernet switching, gateways, wireless access points and virtual private networks (VPNs).
Covalent Technologies Announces Apache 2.0-based FTP ServerHere is a press release from Covalent, announcing their new FTP server product, which "Provides Encrypted File Transfer Capabilities and Easier Integration".
NuSphere announces NuSphere PHPEd 3.0NuSphere has announced the availability of "PHPEd 3.0," an integrated development environment for PHP. It includes a debugger, a profiler, PostgreSQL support (as well as MySQL, of course), and more. Pricing starts at $299.
Fujitsu Software Corporation Expands NetCOBOL Support to Linux Operating SystemHere's a press release that is good news for COBOL developers. "In response to customer demand, Fujitsu Software Corporation, a leading supplier of COBOL compilers and tools, is releasing its popular NetCOBOL(TM) product on the Linux operating system. This is good news for those who are considering Linux as a potential platform for their mission-critical applications and good news for the COBOL community as Fujitsu brings NetCOBOL's performance and reliability to another major operating system platform."
IDG Launches tecChannel Compact in GermanyInternational Data Group announced a launch in Germany of tecChannel Compact, a new concept combining a computer specialist book with an information technology magazine. The June 7 debut issue is available on newsstands and online at www.tecchannel.de, and is devoted to covering the topic of Linux professional use in Germany.
Press Releases Distributions and Bundled Products
Software for Linux
Products and Services Using Linux
Hardware with Linux support
Linux at Work
Java Products
Partnerships
Investments and Acquisitions
Financial Results
Personnel and New Offices
Miscellaneous
Page editor: Forrest Cook Linux in the news Recommended Reading Behind Linux's Struggle in Gov't (Wired)Wired looks at some issues behind the slow adoption of Linux in the U.S. government. "It's free, it's becoming more secure, and it's even the dirty little secret among some computer geeks who work in the U.S. government. Then why isn't linux more prevalent? One word: Microsoft. Another: Oracle."
Snapshots From the Open-Source Front (PC World)PC World examines the use of open-source software by governments around the world. "Government officials the world over are getting drawn into the debate over the relative merits of using open-source software rather than Microsoft's Windows applications and other software developed by vendors who closely guard the intellectual property of their source code. Some countries, such as Germany, have decided to replace Windows and other commercial software products with open-source applications. Other countries remain committed to commercial software, and yet others are straddling the fence."
A Successful Linux/Open-Source Business Model (Linux Journal)The Linux Journal looks at the Open Studios initiative. "What if there was a nice way to provide incentive to those who would create and innovate solely on works placed within the Public Domain? No protection, just incentive. No fabulous wealth unless, luck would have it, the creator happened to hit on the right marketing strategy to attract an audience and provide merchandising products that, along with tours, personal appearances, concerts, exhibits and offers of commissions for further works, produce wealth. I believe I just described one of the fathers of the Public Domain ilk, The Grateful Dead, and their system is remade in the image of Open Studios."
Software End User License Agreement Upheld In Court (UnknownPlayer)UnknownPlayer.com is running an editorial by Ramin Sarcerok Shokrizade that examines a number of interesting "gotchas" buried deep inside the legalese of many software End User License Agreements (EULAs). By clicking the "accept" button, users are inadvertantly giving away private information, access to their computer CPU cycles, and more. Thanks to Barry Gould.
Patently Absurd (Forbes)Forbes is running an article on problems with the U.S. patent system. "The patent as stimulant to invention has long since given way to the patent as blunt instrument for establishing an innovation stranglehold."
Companies Linux scrubs up for medical role (ZDNet)ZDNet reviews a new embedded Linux device that is intended for use in the medical field. "Austrian company BMS Bayer launched EasyDose, a unit that monitors, displays and manages X-ray exposure data automatically through hospital networks. Based on Transmeta's Midori--a very compact Linux distribution--and a Cyrix GXM 233 processor, the unit has a 6.5-inch touch-screen and works to the standard DICOM (Digital Imaging and Communications in Medicine) protocols over IP and Ethernet."
Developer eases United Linux fears (vnunet)Vnunet speaks with Conectiva about United Linux. "Linux developer Conectiva has moved to allay fears that the recently announced United Linux project will see the end of downloadable binaries and ISO files, and mean a mess of new licensing."
Popular HP Server Bid Farewell (TechWeb)Tech Web reports on Hewlett Packard's suggested migration paths for HP e3000 customers. "Hewlett-Packard is enticing owners of its once-popular, now-doomed e3000 servers to buy HP-UX or Linux systems. The most likely migration path will be to HP 9000 servers running HP-UX, although buyers could also move to Intel-based ProLiant servers."
Red Hat, HP join for Itanium Linux (News.com)CNet reports on a partnership between Red Hat and HP. "Red Hat will begin selling an Itanium version of its Advanced Server Linux product early this fall, executives disclosed Tuesday, one of several partnerships under way with Hewlett-Packard."
IBM's Intel Linux plans (Register)The Register talks about running Linux on IBM's xSeries servers. "With all the excitement about Linux on the IBM mainframe zSeries and interest growing in the AS/400 iSeries, the popular xSeries servers are being overlooked. That's a mistake. Good, old Intel-based servers from IBM armed with Linux continue to move into small- and medium-sized businesses everywhere."
IBM shoots at 'drive-by hackers' (ZDNet)Here's an article about IBM's press release yesterday, outlining their self-diagnostic wireless tool. "The IBM software sits on laptops and PCs, analyzing traffic on an internal 802.11 wireless network and sending data to a centralized server, said Dave Safford, manager of the global security analysis lab at IBM Research in Hawthorne, N.Y."
LindowsOS backs off its claim to run most Microsoft apps (NewsForge)As a followup to the press release from Lindows and Wal-Mart.com, NewsForge reports that the language has been altered to remove the wording that indicates that Lindows will run programs designed for Windows.
Red Hat lowers losses (Register)The Register examines the latest financial results from Red Hat Inc. "Red Hat Inc, the Linux software and services firm, yesterday reported that it reduced its loss in its first fiscal quarter and increased its revenue sequentially, but saw a decreased top line year-on-year as it reduced its focus on embedded systems in favor of the enterprise market."
Red Hat narrows loss, meets estimates (News.com)Stephen Shankland has produced a general roundup of Red Hat's business, centered around their latest quarter financial results. "Red Hat, which gets half its revenue from services, will face a challenge in regard to increasing its profitability given that services typically require many employees and therefore are an expensive operation, Raisys said. In addition, IBM, including its gigantic Global Services division, is pushing hard to make money from Linux."
Sun delivers Cherrystone UltraSparc-III servers (Register)The Register reports on Sun's new Cherrystone UltraSparc-III servers, which are intended to compete with Linux servers. "The V480 supports either Solaris 8 or the new Solaris 9 operating system from Sun and is aimed squarely at the four-way Intel-based server market where Pentium III Xeon and Pentium 4 Xeon processors are making headway running Windows 2000 and Linux."
Sun's 'Big Bear' Linux server to appear in August (InfoWorld)InfoWorld has details on the announcement to be made by Sun CEO McNealy. "Sun Microsystems will announce its controversial Linux server, code-named Big Bear, this August at the LinuxWorld conference, showing a dual-processor system that runs on chips from rival Intel, according to sources familiar with the company's plans."
Sun targets Microsoft with free software (News.com)Sun Microsystems will be giving away some software to bolster competition against rival operating systems. "Sun plans to give away a basic version of its application server software, a key piece of infrastructure software for building business applications. Application server software is technology that runs e-business and other Web site transactions. The giveaway targets computers that run Microsoft's Windows, Linux and Unix operating systems, Sun said."
Sun's Full Assault on .NET (Wired)Wired details Sun's strategy against .NET. "So Sun plans to give away for computers that run Windows, Linux and Unix operating systems from Hewlett-Packard and IBM, a basic version of its application server, a type of backbone software that runs custom applications necessary for Web services and communicates data between applications."
Wal-Mart trims prices of Linux-based PCs (News.com)CNET has a story giving extra details about the Linux-based Microtel computers about to be offered by Wal-Mart. "The new PCs start at $299 and include a preinstalled copy of LindowsOS, a version of the open-source operating system that sports a graphical user interface and the ability to run Windows applications, according to its manufacturer."
Wal-Mart Selling LindowsOS PCs (TechWeb)Tech Web covers the newly introduced Lindows PC from Wal-Mart. "Wal-Mart won't do just Windows anymore. The world's largest retailer is now selling, via its Web site, low-cost PCs loaded with a version of Linux that runs Windows apps. The deal, with startup Lindows.com Inc., is a break from Microsoft's lock on home-PC operating systems."
Business Intel targets Wall Street back offices (News.com)CNET has a story about Intel's sales and marketing efforts targetted toward Wall Street firms. This story summarizes a Sun Microsystems vs. Intel struggle, with Linux in the middle. "The move would put Linux behind many of the computers that power trading floors, and Intel wants its chips tagging along. The combination of Linux and Intel has been gaining steam."
J.D. Edwards makes a Linux move (News.com)News.com reports on business software maker J.D. Edwards as the company begins to support Linux. "J.D. Edwards took a different Linux route than major software companies such as Oracle and Veritas that have warmed to the relatively new operating system. Where Oracle and Veritas have backed Red Hat, the most widely used version of Linux, J.D. Edwards is starting its support with SuSE, said Lenley Hensarling, J.D. Edwards' vice president of product management for tools and technologies."
Joel on free softwareWorth a read: this "Joel on Software" column on why for-profit companies are supporting free software. The core idea: there is more demand for a product or service if its "complements" (add-on or related) products are commodities. By commoditizing certain types of software, companies like IBM, HP, and Sun increase the demand for their hardware and services. "IT consulting is a complement of enterprise software. Thus IBM needs to commoditize enterprise software, and the best way to do this is by supporting open source. Lo and behold, their consulting division is winning big with this strategy." (Seen on Slashdot).
Think outside the box and collaborate (ZDNet)Collab.net's CEO Bill Portelli has been given the podium at ZDNet, in which he testifies to the promise of collaberative development. "All of the companies who participate in this new integrated Software Business Cycle are gaining a competitive advantage, generating long-term revenue and increasing market share."
GFX: Industrial Light & Magic (Linux Journal)Linux Journal reports on the switch to the Linux platform by film company Industrial Light and Magic. "``Linux is increasing the quality of our work, not the quantity'', says Andy Hendrickson, director of research and development. Large amounts of processing power enable more user control.'' He explains,""``We often go into a show knowing what we want but are forced to scale back realism with shortcuts because of a lack of processing power. Using Linux we can add more realism. We direct effects. It isn't enough to have a cloud that is an NOAA-accurate model. Artistic staff directs the effects with, ``Make that cloud more fluffy''. Or, if we simulate an entire ocean, as in Perfect Storm, ``Make that wave larger''."
Disney Shifting to Linux for Film Animation (NY Times)This New York Times article (you'll need a username and password) covers Disney's smart move toward Linux. "Disney's animation division is announcing today that it plans to use Hewlett-Packard workstations and data-serving computers running Linux for digital animation work in the future." (Thanks to Robert George Mayer)
Scooby Doo gets Linux power (IT-Director)According to IT-Director, the recent Scooby Doo animation feature was rendered with the aid of Linux. "Rhythm and Hues, the animators responsible for bringing Scooby to life, currently have 125 Linux systems and 300 SGI machines. The plan is to phase out the SGI estate by the middle of next year in favour of Linux boxes."
Disney embraces HP Linux for animation (Register)The Register reports on a move by Walt Disney Feature Animation to HP Linux machines. "HP winning Disney for Linux is of course a massive victory, but if you pick through the release it's all a bit vague really. We've got a "broad range of products and services" including something that renders in an Opera browser on Win2k as "Intelâ Xeon-powered HP x4000 workstations" (goodness only knows what it looks like in Mozilla on Linux, (a configuration we appear not to have handy) and "high-density HP IA-32 based servers for rendering.""
Linux drives next-generation Mickey Mouse (vnunet)Vnunet reports on the HP/Disney Linux deal. "Both companies have been working together for the past 10 months, and explained that adopting Linux was part of a migration strategy away from the existing homogeneous technology environment."
Interviews What's Gnu: RMS on UnitedLinux, Free Software (Open For Business)Open For Business features an interview with Richard Stallman. "RMS: Free software means you control what your computer does. Non-free software means someone else controls that, and to some extent controls you. Non-free software keeps users divided and individually helpless; free software empowers the users. All these reasons apply just as well to business users as to individuals.""For a business, there is the added advantage that support for a free program comes from a free market. Support for a proprietary program is usually a monopoly, since only the company that owns the program can change it either to fix a bug or add a feature. If you are willing to pay for support, you will usually get better support for your money when you use free software." Thanks to Timothy R. Butler.
Interview with Jim FultonThe EuroPython site features an interview with Jim Fulton, CTO of Zope Corporation. "Zope 3 moves Zope from an inheritance-based framework to a component-based framework. Complexity is managed by splitting responsabilities among many cooperating components, rather than many cooperating mix-in classes. Components are connected using interfaces, which also provide component specification and documentation."
Resources Linux Devices Embedded Linux NewsletterThe June 13, 2002 edition of the Linux Devices Embedded Linux Newsletter is out. Topics include: constructing a Linux powered IRDA printing device, a report from the Embedded Linux Expo and Conference, the Toshiba SG20 wireless mobility server, Hitachi's new Linux based Flora web pad, and more.
Building an Inexpensive, Powerful Parallel Machine and Using It for Numerical Simulations (Linux Journal)Here's a detailed Linux Journal article on creating a large number crunching cluster. "Jobs on any node are started from the master node, which is the only login place in the entire cluster. Scyld Beowulf software creates an illusion of a single computer (master node) with many CPUs (those of slave nodes). Monitoring slave nodes from the master node is easy with a graphical beostatus utility or simply with top."
Is Beauty Only Pixel Deep?, Part 2 (Linux Journal)Marcel Gagné writes about fonts under X11 in a Linux Journal feature article. "It is time once again to pull back the curtain from Linux fonts and have a nice long chat with the gentleman at the controls. Judging from some of the responses I received from my last column, it seems that fonts are a nightmare to many (and I can't say I blame you). Nevertheless, it's time to put away fear and learn to enjoy your font experience."
Reviews Can a Windows user learn to love Linux? We'll see (ZDNet)ZDNet editor David Coursey installs Linux for the first time. "The reason I'm doing this is to put to rest some of the complaints that I'm a Microsoft stooge and don't like desktop Linux because I haven't been fully exposed to its wonders. So I asked the Red Hat people to send me a copy of their latest with the idea of doing an extended test, much like I did recently with Macintosh OS X."
Why I've learned to like Linux (but not to love it) (ZDNet)Here's the followup to an article yesterday by a journalist working through a Linux desktop installation. "Still, nothing that Linux has hurled at me in the way of problems (really minor, actually) or confusion has come close to what Windows Me (aka Spawn of the Devil) did to me a couple of years ago. So, I am actually pretty happy with my Linux experience so far."
Linux powers first car with integrated UMTS services (LinuxDevices)LinuxDevices takes a look at a new S-class Mercedes, recently demonstrated by DaimlerChrysler and partners. "Jentro (Munich, Germany) was responsible for the development of the user interface required to control the in-car functions via various input tools such as touch screens and keyboards. Jentro's 'JentroCar' platform runs on top of an embedded Linux operating system. MBDS/University Nice Sophia Antipolis developed the prototypes of mobile Internet applications for the UMTS standard."
Mozilla browser battles Microsoft (CNN)Here's a lengthy article from the Associated Press, published on CNN, giving a solid review of Mozilla vs. Internet Explorer. "Mozilla's Baker insists the project's success is critical to the Web's future: 'If there's only one browser and that browser is tied to the business plan of a particular entity, it's quite likely that what we see on the Web will be limited.'"
Was Mozilla Worth The Wait? (TechWeb)TechWeb today devotes a few paragraphs to trashing Mozilla. "No matter how good Mozilla is, it's not likely to be able to make up for years of lost time."
WhiteHat Arsenal Tool Set Aims to Knock Off Web Site Black Hats (TechWeb)Network Computing reviews Quality of Service testing with the WhiteHat Arsenal tool set. "Only a handful of tools can assist with QoS (Quality of Service) testing before applications go live. Enter WhiteHat Security's WhiteHat Arsenal 2.0, a collection of basic tools that help security professionals test Web applications for common security vulnerabilities in the midrange of competitive pricing."
Parasoft's SOAPtest reviewed (TechWeb)TechWeb reviews SOAPtest, a Java-based Web services testing application from Parasoft.
Liberate, Samsung do video over DSL (News.com)News.com examines Samsung's new Linux based set top box, which is designed to bring video in over DSL lines.
Miscellaneous One system for all handhelds? (News.com)Two Singapore programmers claim to have created an operating system that can run programs written for Windows as well as Linux. "The secret? The heavy lifting is done on an MXI-based server that runs the actual applications and sends a stream of data back to the MXI client software residing on the handheld."
Security warning too quick for comfort? (News.com)CNET is publicizing the bashing that Internet Security Systems received from many Free Software developers. "Network protection company Internet Security Systems published a security advisory for Apache, the Internet's most popular Web server, and gave the Apache Foundation, which created the software, less than two hours to respond."
Flaw exposes holes in alert system (Associated Press)ISS has won the attention of the Associated Press in Washington for their handling yesterday of the security vulnerability they publicized in Apache. "A security bug was found in software used by millions of Web sites. Private experts alerted users and the FBI's computer security division. Problem is, they didn't tell the maker of the software. Then they issued the wrong prescription for fixing the flaw."
Use Binary-Only Kernel Modules, Hate Life (Linux Journal)Don Marti is covering last week's Usenix with this article on, among many things, Linus' thoughts on the kernel and binary modules. "Most houses that use Linux a lot say that they won't support binary modules because they can't. They may work, but you're not getting the full advantage of Linux"
Webcasters brace for royalty decision (News.com)News.com reports on the latest developments in the Net radio/DMCA royalty ruling. "Independent Webcasters are bracing for a final ruling on a royalty rate for Net radio, a decision that could determine the fate of hundreds of small online radio stations."
Page editor: Forrest Cook Announcements Resources Technical Whitepaper: Memory Management Under uClinuxDavid McCullough, from SNAPgear, has written a white paper that examines memory management issues under uClinux.
Upcoming Events KDE Reports from LinuxTag 2002Here's a report from the KDE team at LinuxTag 2002, with pictures. "June, 9th (Karlsruhe, Germany). This year's LinuxTag was once again a successful gathering for over sixty KDE developers from all over Europe who presented their award-winning desktop environment to more than 13,000 interested visitors at "Europe's largest OpenSource Event". As a special guest, David Faure (of Konqueror and KOffice fame) attended the fair to share opinions with other KDE developers."
YAPC:NA 2002 Lightning Talks Preliminary ScheduleThe preliminary schedule for the YAPC 2002 Lightning Talks sessions are available.
[ANN] SciPy '02 - Python for Scientific Computing WorkshopThe Python for Scientific Computing Workshop will be held on September 5 and 6, 2002 in Pasadena, California at CalTech. "This workshop provides a unique opportunity to learn and affect what is happening in the realm of scientific computing with Python. Attendees will have the opportunity to review the available tools and how they apply to specific problems."
International PHP 2002 conference call for papersA call for papers has been issued for the International PHP 2002 conference, to be held in Frankfurt, Germany on November 3-6, 2002. The paper deadline is July 5.
International Lisp Conference 2002The International LISP Conference 2002 will be held from October 28 through October 31, 2002 in San Francisco, California.
Lightning talks needed at OSCONThe O'Reilly Open Source Convention (San Diego, July 22 to 26) is looking for more "lightning talk" presenters. Lightning talks last all of five minutes; they can be a great way to quickly and easily present a free software project or idea to a large group of people. Interested people can sign up here.
Events: June 20 - August 15, 2002
Software announcements PostNuke mourns loss of Lead Developer"Greg Allan a.k.a. Adam_Baum, the lead core developer and one of the four founding members of the PostNuke CMS Development Project passed away from injuries sustained in a motorcycle accident."
This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Miscellaneous Win Free Training with Damian Conway (use Perl)According to Use Perl, Consultix will hold a raffle to raise money for the Perl Foundation, winners will receive free seats at Damian Conway's seminars in Seattle this July.
Cyberspace Policy Institute accepts Alexis de Tocqueville challengeTony Stanco has written in to LWN, saying, "The Cyberspace Policy Institute accepts the Alexis de Tocqueville Institute challenge to debate the merits of Open Source Software. The debate can be part of the CPI/World Bank's International Open Source in Government Symposium in Washington, D.C. on October 17-18, 2002. More details at the CPI site on this link."
Glen Burnie Linux User Group FormingLinux Orbit is sponsoring the Glen Burnie Linux User Group. "If Linux is to experience an explosion of popularity, then an explosion of 'grass-roots' advocacy must precede it. This advocacy includes community activities designed to aid in recruitment, fundraising and establishing a local identity for Linux. Growing the Linux user base in the LUG area should take precedence over all other objectives."
Page editor: Forrest Cook Letters to the editor PostgreSQL and relational.
In reference to your e-mail on the subject of PostgreSQL not being relational,
Re: PostgreSQL and relational.
Lamar Owen escreveu:
Lindows and the sources
>From
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||