LWN.net Weekly Edition for June 20, 2002
Disney goes for Linux
HP issued, on June 18, a press release proclaiming that Disney had chosen HP's Linux-based systems "as components in its next-generation digital animation production pipeline." It looks like another big win for Linux, and the press has generally portrayed it that way. And it is true: Linux continues to grow in popularity as people and companies come to understand its advantages.LWN has generally applauded Linux's commercial successes - more users will, in the end, mean more developers and more and better free software. And that could prove to be true in this case as well. But we should not lose track of another, important point: Disney is one of the prime movers behind the CBDTPA - a law which would make Linux illegal.
Disney thinks that free operating systems (or free computers in general)
are a threat to its business, and thus something to be outlawed. Free DVD
players are not to be allowed. Oppressive digital rights management
systems will put an end to any sort of fair use of copyrighted materials.
The people can not be trusted with control over their own systems.
Meanwhile, back at Disney: "Walt Disney Feature Animation will employ HP's Linux
infrastructure to give artists more powerful tools to translate their
artistry into animation while achieving significant cost
reductions
".
Supplying Linux to Disney thus looks like aiding the enemy - how much of those "significant cost reductions" will be applied to maintaining the company's private Senators in Washington? But consider this scenario: by the time a new, son-of-CBDTPA starts to look like it might pass, much of Disney's operation could be based on, and dependent on, free software. What fun it would be to attend the meeting where CEO Michael Eisner is made aware of what capabilities would be lost - and how much it would cost - if the company's free software had to be replaced with proprietary code carrying the Big Brother Stamp of Approval.
So Linux's infiltration into Disney could well be something to be encouraged. With luck, freedom slipping in from below could end up subverting the repressive plans of the leadership. One can always hope...
The Apache vulnerability, full disclosure, and monocultures
The advisory from Internet Security Systems (ISS) came out on June 17: the Apache server has a remotely-exploitable vulnerability in its "chunk handling" code, which is used for handling uploads of unknown size. The alert describes the problem, notes that the Apache project has been alerted, and includes a patch.It all looks like a fairly normal response to security problems in the free software community, until you look a little more closely. It turns out that the Apache group was already aware of the problem and was working on a fix. The Computer Emergency Response Team (CERT) also was already involved. It also turns out that the ISS patch does not completely fix the problem. ISS, in its hurry to publicise the vulnerability, had not checked with either CERT or the Apache Software Foundation.
Full disclosure of security vulnerabilities is (usually) seen as a good thing in the free software community. Freedom, with regard to software, includes the freedom to know about (and fix) problems. And, of course, full disclosure is a powerful tool for forcing a software maintainer to release a fix - most of the time. As a general rule, nobody is more secure when the crackers are the only ones to know about security problems.
The other side of full disclosure, however, is that, when done too soon, it can leave millions of users open to a vulnerability while no fix is available. Such is the case this time around. Sites running Apache on Windows are most vulnerable to the chunk handling vulnerability; such sites are probably running a binary distribution of Apache, many do not even have a compiler available, and thus they will be poorly served by a source patch.
Full disclosure is a powerful tool which should be used with care. The disclosure of a security vulnerability should never be a surprise to those who must clean up the mess. Those who find security problems should always work with the package maintainer and give that maintainer time to make a fix available. Only in cases of serious stalling or neglect should a disclosure go out before the maintainer is ready.
This is a lesson that the free software community will probably have to relearn every so often. Free software has the potential to be far more secure; its open nature lets any interested party inspect the code for problems. But much of that advantage is lost when vulnerabilities are handled in an immature manner. If you or your company find a security vulnerability, surely you can wait a few days to claim your credit.
This vulnerability raises another concern as well. Much has been said about the dominance of Windows systems on the net; the resulting "monoculture" is highly vulnerable to security problems. Apache's share of the total web server population is such that it could be considered a monoculture as well. Apache has obtained that share through consistent high quality and a strong security record. No package is completely invulnerable, however, and Apache problems, when they do turn up, place much of the net at risk. For the security of the net as a whole, it would be nice if there were another free web server with something resembling Apache's stature and market share.
For details on the chunk handling vulnerability, see the LWN vulnerability entry, the advisory from the Apache Software Foundation or the CERT advisory. Initial indications were that this problem was not remotely exploitable on Linux systems, but that claim is now known to be false. If you are running an Apache server, you want to upgrade as soon as possible.
MobiliX wins its trademark dispute
Back in January we covered the trials and tribulations of MobiliX, a![[Obelix]](http://old.lwn.net/2002/0110/obelix.jpg)
site dedicated to Linux and BSD on mobile systems. Lawyers representing
Les Editions Albert René challenged the MobiliX name, saying that it could
be confused with the cartoon character Obélix, who is more concerned with
mobile menhirs. Not everybody agreed with this claim, of course; despite
the obvious resemblance between Tux the penguin and Obélix, they still are
difficult to confuse.
It turns out the German court disagreed with that claim as well, and has turned down the claims by Les Editions Albert René. MobiliX is thus free to use the name without fear of further trademark trouble. Congratulations are due to MobiliX leader Werner Heuser, who decided to stand up to the lawyers and defend his name. See the MobiliX trademark page for the full history of this dispute.
European Digital Rights launches
European Digital Rights is a new, international civil rights organization formed by ten European organizations. "European Digital Rights (EDRi) is an association in which existing European privacy and freedoms organisations work together in raising awareness of policy makers and the public about the upcoming threats to our privacy and freedoms". See the announcement for details.
The Ottawa Linux Symposium
Next week is the Ottawa Linux Symposium, happening June 26 to 29. The schedule is full of seriously technical talks from many prominent Linux developers; it looks to be an interesting event. For those who are unable to attend this (sold out) conference, the full proceedings have been placed online as a single, huge, 630-page PDF file; it has been mirrored by LWN and on William Stearns's site.Immediately preceeding OLS is the second Kernel Summit. Topics to be discussed there include the Linux Security Module patch, virtual memory, asynchronous I/O, cleaning up the module mechanism, "carrier grade Linux," 2.6 goals, the block I/O subsystem, cleaning up the SCSI layer, and more. It looks to be an interesting event, to say the least.
LWN editor Jonathan Corbet will be taking a break from the smell of wood smoke and the drone of slurry bombers (which are regular Colorado features, these days) to attend both events; he will report back when time and connectivity allow.
Security
Brief items
IBM Debuts First Self-Diagnostic Wireless Security Tool on Linux
A press release from IBM announces its "The Distributed Wireless Security Auditor" (DWSA) system. "The DWSA system, which runs on Linux on desktops and laptops, can accurately pinpoint the location of any rogue access points, enabling network personnel to quickly find and then fix or remove them, unlike other wireless auditors that require personnel to perform time consuming physical searches by walking around the site."
IBM shoots at 'drive-by hackers' (ZDNet)
Here's an article about IBM's recent press release, outlining their self-diagnostic wireless tool. "The IBM software sits on laptops and PCs, analyzing traffic on an internal 802.11 wireless network and sending data to a centralized server, said Dave Safford, manager of the global security analysis lab at IBM Research in Hawthorne, N.Y."
NSA pushes secure Linux (vnunet)
vnunet has posted an article about SELinux. "It may seem odd that the NSA has developed a security module. In the X-Files world of government agencies, the NSA is often associated with code breaking, but the other aspect of its role is code making, hence the interest in a secure Linux."
CRYPTO-GRAM, June 15, 2002
Bruce Schneier's CRYPTO-GRAM newsletter for June is out; the main topic this time around is making intelligence organizations work better to prevent attacks in the future. "My opinion has been that it is largely unnecessary to trade civil liberties for security, and that the best security measures -- reinforcing the airplane cockpit door, putting barricades and guards around important buildings, improving authentication for telephone and Internet banking -- have no effect on civil liberties. Broad surveillance is a mark of bad security."
Security reports
Remote denial of service vulnerability in Mozilla 1.0
A bug triggered by a huge font setting, from a CSS, results in a X windows crash or an unusable system. The problem is in Mozilla 1.0 and earlier. Also see the bugzilla entry.The problem is fixed in the Mozilla 1.0.1 branch.
IGMP local denial of service vulnerability in the 2.4.18 kernel
IGMPv2 is a protocol used by IP hosts to report their multicast group memberships to routers.Krishna N. Ramachandran has reported a IGMP related local denial of service vulnerability in the 2.4.18 kernel. It could be a problem for people using Linux as a high-end router. It won't affect most users, The full description is available here. The solution is to "drop All IGMP packets that are not multicast ethernet addresses."
Mandrake 8.2 security issue
It has been reported that the Mandrake Linux 8.2 "default security settings leave users' home directories world readable." The suggested solution is to "use the Mandrake Control Center, security settings section, and make sure the level is set to at least "High", or manually enter 'msec 3' via CLI"BasiliX multiple vulnerabilities
Ulf Harnhammar reports multiple vulnerabilities in the BasiliX webmail application based on PHP, IMAP and MySQL. The four vulnerabilities are: potential access to any file on the web server cross-site scripting issues, insecure storage of attachments and SQL Injection holes. Versions 1.1.0 and all previous versions are vulnerable.
ZenTrack System Information Disclosure Vulnerability
Ahmet Sabri Alper reported an information disclosure vulnerabilty in ZenTrack v2.0.3, v2.0.2beta and older. A maliciously crafted HTTP request may be used to reveal the path to the web root and "maybe some more sensitive information."PHP source injection vulnerability in PHPAddress 2.0e
Tim Vandermeersch reports that PHP Address 0.2e has a vulnerability which allows a crafted URL to include any php file on the server. The problem is fixed in PHP Address 0.2f (17.07.2002). PHP Address is a collection of PHP scripts for maintaing a small web-based address-database.(Proprietary product) Information disclosure vulnerability in webMathematica
A vulnerabilty was reported in "the webMathematica software which allows remote clients (web surfers) to read an arbitrary file on the server (assuming the httpd-user has permission)." A version of webMathematica which fixes the problem is available from the vendor, Wolfram Research.
New vulnerabilities
Apache 'chunk handling' vulnerability
| Package(s): | apache | CVE #(s): | CAN-2002-0392 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | June 19, 2002 | Updated: | July 3, 2002 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | It is past time to upgrade your Apache servers. A worm which takes advantage of the this vulnerability has been sighted, and its source has been publicly posted.
An apache httpd bug related to chunked encoding presents a denial of service vulnerability. For some platforms, including both 32-bit and 64-bit Linux, it is also a potential remote exploit vulnerability. A "carefully crafted invalid request" may be used to trigger the bug. The problem is fixed in Apache 2.0.39 and 1.3.26, which may be downloaded from here. For more information, see the advisories from CERT and the Apache Group. This vulnerability has been widely publicized. Applying a patch from your vendor or upgrading to the latest version from the Apache Software Foundation is strongly encouraged. Avoid patches from other sources; at least one patch that does not address the full scope of the problem has been circulated. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Cross-site scripting vulnerability in Horde/IMP 2.2.7 and 3.0
| Package(s): | imp horde/imp | CVE #(s): | |||||||||
| Created: | May 21, 2002 | Updated: | June 19, 2002 | ||||||||
| Description: | Version 2.2.8 of IMP has been released, it
fixes some vulnerabilities. "The Horde team announces the
availability of IMP 2.2.8, which prevents some potential cross-site
scripting (CSS) attacks." Upgrading
to IMP 3.1 or, at least, 2.2.8 is recommended
(First LWN
report: April 11, 2002).
Update: IMP 3.0, which was initially believed to be immune, is also vulnerable. The problem is fixed in IMP 3.1. | ||||||||||
| Alerts: |
| ||||||||||
Resources
VPN Implementation in Cluster Computing (Linux Journal)
This tutorial by Linux Journal offers ideas to negotiate security and scalability issues with clusters. "After we connected the two clusters through the the VPN, users were able to log in to the master machine on the first cluster and submit jobs on both of the clusters through the queue system."
Systrace - Interactive Policy Generation for System Calls
Niels Provos has released systrace for OpenBSD and NetBSD. "Some work has started on a GNU/Linux port.". Also see, this post regarding systrace and the recent apache vulnerabilities.
- confinement of complex or untrusted binary applications.
- interactive policy generation with graphical user interface.
- support for different emulations: GNU/Linux, BSDI, etc..
- non-interactive policy enforcement.
- remote monitoring and intrusion detection.
- automatic policy generation.
With a correctly configured policy the impact of programming errors in system daemons can be constrained significantly.
Linux Security Week and Advisory Watch
The June 17th Linux Security Week and June 14th Linux Advisory Watch newsletters from LinuxSecurity.com are available.
Events
ToorCon 2002 call for papers
ToorCon 2002, will be held the 27th-29th of September 2002 in San Diego, CA, USA. The call for papers closes the 16th of August, 2002.ICICS 2002 call for papers
The Fourth International Conference on Information and Communications Security (ICICS 2002) will be held in Singapore, December 9-12, 2002. The call for papers closes 1 July 2002.Upcoming Security Events
| Date | Event | Location |
|---|---|---|
| June 17 - 19, 2002 | NetSec 2002 | San Fransisco, California, USA |
| June 17 - 19, 2002 | 3rd Annual Information Assurance Workshop | (United States Military Academy)West Point, New York |
| June 24 - 28, 2002 | 14th Annual Computer Security Incident Handling Conference | (Hilton Waikoloa Village)Hawaii |
| June 24 - 26, 2002 | 15th IEEE Computer Security Foundations Workshop | (Keltic Lodge, Cape Breton)Nova Scotia, Canada |
| June 28 - 29, 2002 | Edinburgh Financial Cryptography Engineering 2002 | Edinburgh, Scotland |
| July 31 - August 1, 2002 | Black Hat Briefings 2002 | (Caesars Palace Hotel and Resort)Las Vegas, NV, USA |
| August 2 - 4, 2002 | Defcon | (Alexis Park Hotel and Resort)Las Vegas, Nevada |
| August 5 - 9, 2002 | 11th USENIX Security Symposium | San Francisco, CA, USA |
| August 6 - 9, 2002 | CERT Conference 2002 | Omaha, Nebraska, USA |
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.
Page editor: Dennis Tenney
Kernel development
Brief items
Current release status
The current development kernel is 2.5.23, which was announced by Linus on June 18. Says Linus:
Other stuff in this release includes an x86-64 merge, a number of VM/filesystem patches from Andrew Morton, some asynchronous I/O precursor patches from Ben LaHaise (see below), more kbuild tweaks, another set of IDE fixes, and numerous other changes. The long-format changelog is available for people wanting all the details.
Linus released 2.5.22 on June 16; this release included a big x86-64 merge, some important bug fixes, an IrDA update, another set of kbuild tweaks, more IDE work, and a bunch of other changes. Once again, the long-format changelog is also available.
The current prepatch from Dave Jones is 2.5.23-dj2. The patch has been pruned somewhat; various obsolete bits have been thrown out. It also features a visit by the "mad axemen," who have been carving up large, monolithic files (such as the MTRR code). A new, optimized select/poll implementation by Andi Kleen went in, along with a number of compile fixes.
Guillaume Boissiere's latest 2.5 status summary came out on June 19. It takes a quick look at what has been accomplished since the last kernel summit, and what remains to be discussed at the next one.
The current stable kernel is 2.4.18. There have been no 2.4.19 prepatches released since June 4. Rumor has it that Marcelo is too busy following the Brazilian team's fortunes in the World Cup, but that could not be confirmed.
Kernel development news
The beginning of the asynchronous I/O merge?
Ben LaHaise's asynchronous I/O patch has been waiting for inclusion for many months. Asynchronous I/O happens, of course, without blocking the calling process; it also goes directly to or from the user process buffer whenever possible. The feature is used by certain demanding applications, such as relational database systems. Ben's patch is working, and has been shipped in Red Hat's Advanced Server product. But it is not yet part of the mainline kernel.There are a couple of apparent reasons for this patch's long wait for inclusion. One is that Linus is unconvinced about the value of asynchronous I/O; he thinks there are better ways to solve the problem (see the May 16, 2002 LWN Kernel Page). The other reason is that this patch reaches deeply into the kernel and changes some fundamental interfaces - for example, it changes the read and write functions provided by device drivers. Big changes make Linus (and others) nervous; it is considered preferable to break things multiple times in small pieces.
So now some of the structure needed for asynchronous I/O is being submitted in the requisite small chunks. The first patch simply splits the fput() function into two pieces to simplify its invocation (indirectly) from an interrupt handler.
The second patch is, perhaps, more interesting. Here the wait queue mechanism is being changed in fundamental ways. The first version of this patch simply added a callback function which would be invoked when a wakeup happens on the queue. This callback is needed for the asynchronous I/O subsystem; it needs to know when an I/O operation completes, but it can not block on the wait queue. Following suggestions from Linus, later revisions of the patch have moved some of the wakeup functionality to that callback function. There can even be different callbacks for "exclusive waits" (where only one process should be awakened even if many are waiting) and the standard "wake everybody" variety. By providing different callbacks, kernel subsystems can change the semantics of the wait operation.
Wait queues, in other words, are evolving from a mechanism that puts a process to sleep for a while into a more general event notification mechanism. The immediate application for this mechanism is asynchronous I/O, but it will be interesting to see what others turn up.
Moving things on and off the kernel stack
The Linux kernel stack is a limited resource; it must fit into two pages of memory, which it shares with some process information. Overflowing the kernel stack can be a catastrophic event, and it can happen at surprising times, such as in interrupt handlers. After a recent Stanford Checker posting pointing out numerous places where large structures have been allocated on the stack, and with proposals to consider reducing the size of the stack, there has been an increase in interest in minimizing kernel stack usage.One bit of code that caught Andries Brouwer's eye was the resolution of symbolic links. In the process of symlink resolution, the kernel can encounter new links which must also be resolved; this is handled by a recursive call into the resolution code. Each call, of course, requires kernel stack space, so recursive calls must be looked at with care - unless the recursion is carefully bounded, it can easily overflow the kernel stack. The symlink code handles this constraint by limiting the symlink depth to five.
Andries has posted a new symlink implementation that eliminates the recursion. Instead, it maintains its own stack - allocated separately - which contains the current state of symlink resolution. In this way, the five-level limit can be lifted without fear of overrunning the kernel stack. Of course, it is extremely rare that anybody actually hits the five-level limit; there are special cases, however, where users do interesting things with symbolic links.
Not all developments are oriented toward reducing kernel stack usage, however. Andi Kleen has posted a patch which does the opposite in order to make the select and poll system calls perform better. These calls (which share most of an internal implementation) allocate a couple of pages of kernel memory to hold the requisite data structures; they are sized to be able to handle situations where large numbers of file descriptors are being waited on. In reality, however, many (if not most) select and poll calls are given only a small number of file descriptors, so much of that memory is wasted.
Andi's patch works by setting up a separate fast path for when only a small number of file descriptors are in use. Rather than allocate those two pages, the fast path uses a small, in-stack array. The stack space usage is limited to 256 bytes, which will fit easily even on a reduced-size stack. The new implementation not only saves a couple of kernel pages for each process calling select (and there can be many on a typical Linux system), it's faster as well. The patch has been included in 2.5.23-dj2, and will likely find its way into the mainline before too long.
Reverse mapping VM comes to 2.5
Rik van Riel's reverse-mapping virtual memory implementation (RMAP) has been under development for several months; it has attracted some attention as a possible way of improving Linux VM performance in the future. Thus far, however, RMAP has only been available for the 2.4 series, so it has been hard to evaluate as a possible addition to 2.5.That situation has just changed, however: Craig Kulesa decided to port RMAP to the 2.5.23 kernel. He posted it in two forms: a full port which makes many changes, and a minimal version which add only the reverse mapping code itself. Craig's preliminary benchmark results show a respectable performance improvement in 2.5.23 when the RMAP code is added in.
A much more serious benchmarking effort will have to be done before any real conclusions about RMAP in 2.5 can be drawn. This port, however, has attracted a fair amount of interest. If more detailed numbers can be obtained soon, RMAP in 2.5 should be an active area of discussion at next week's kernel summit.
2.5 and IDE development
It has been a few weeks since a "concerns about the IDE reimplementation process" article appeared here, so it must be about time. The conversation this time around started with a complaint that recent kernels can deadlock when reading partition tables; it included "a small plea for more testing" before IDE patches are unleashed upon the world. Dave Jones followed up with a remark of his own:
Linus, however, remains unworried:
So the IDE process is likely to continue as it has. Be careful out there.
In a separate conversation, a user requested the restoration of the IDE taskfile operations. Those operations had been removed relatively early in Martin Dalecki's series of patches. He has not promised to restore them, but previous IDE maintainer Andre Hedrick jumped in with an interesting comment:
It would be a shame if Linux users were driven to use a binary-only driver for such a fundamental subsystem due to lack of support for needed operations. The next stable kernel is still far away, however; plenty of time remains for these issues to be dealt with.
Jens Axboe has, meanwhile, released a version of his "tagged command queueing for IDE" patch, backported to the 2.4.19-pre kernel.
Patches and updates
Kernel trees
Core kernel code
Device drivers
Filesystems and block I/O
Janitorial
Memory management
Networking
Miscellaneous
Page editor: Jonathan Corbet
Distributions
News and Editorials
Slackware 8.1 released
It's official: Slackware 8.1 has been released. Features in this release include the 2.4.18 kernel, glibc 2.2.5, XFree86 4.2.0, a new print system based on LPRng (CUPS also available), Apache 1.3.24 (oops, look for an update there...), Mozilla 1.0, KDE 3.0.1, etc. See the announcement for all the details.The Debian Developer's Guide to Security Updates
The new Debian Developer's Guide to Security Updates has been posted. It describes how a Debian maintainer should interact with the new security apparatus; it's interesting in that it provides a view into how one distributor handles security issues.For the most part, it's fairly straightforward stuff. Some highlights:
- Maintainers should always involve the "Security Team" in the fix. The
Team keeps track of outstanding security issues, interacts with other
distributors, writes the security advisories, etc. Among other
things, the Team can help ensure that information on a remotely
exploitable vulnerability is not released too soon.
- Fixing a security hole by going to the latest version of the affected
package is usually not seen as a good idea. A security fix should be
done with the smallest possible change, which can mean backporting the
fix to whatever older version Debian had shipped.
- A special location has been set up for uploading security fixes; the updated package will then be automatically rebuilt for all architectures supported by Debian. The ability to provide updated packages for all architectures was, of course, a big part of the motivation behind the new security mechanism.
The full story can be found in the document, of course.
Olaf Kirch joins the SuSE security team
SuSE has sent out an announcement stating that Olaf Kirch has joined the company's security team. Olaf is a long time Linux contributor, of course; he had his hands in the Linux NFS code years ago and is the author of the venerable Linux Network Administrator's Guide. Olaf, until recently, handled security for Caldera. SuSE now claims a total of five people on its security team - an impressive and encouraging commitment to the security of the SuSE Linux (and, eventually, UnitedLinux) distribution.
Distribution News
Debian Weekly News - June 18th, 2002
The Debian Weekly News for June 18 is available; this issue looks at the new security build infrastructure, the Woody release ("...we're not entirely done developing Woody"), Debian at LinuxTag, the "after Woody" wishlist, and more.
Design of an apt-src program
Joey Hess has posted the beginnings of a design for a new, "apt-src" program. This utility would be like apt-get, except, of course, that it would handle source packages instead. Debian's package management doesn't make dealing with source entirely easy; this new interface could change all that. It includes support for dependencies between source packages, and might even handle automatic rebuilds when a package is upgraded. Joey is looking for feedback on the design; full details may be found in the announcement.Debian on the Sharp Zaurus/SL-5xxx
Matt Zimmerman, who is lucky enough to have obtained a Zaurus PDA, has announced the beginning of an effort to make a version of the Debian distribution for this device. The Zaurus already runs Linux, of course, and Zaurus users end up grabbing packages from the Debian ARM port when they want more software. But it would be nice to have a full Debian distribution, using the Debian package manager. Matt is looking for people interested in contributing to this effort; see the announcement for the details.Gibraltar Firewall based on Debian
Here is a press release from the Debian Project about the Gibraltar Firewall Project. Gibraltar is building a router and firewall package (based on Debian, of course) which will run directly from CD. A free version is available for download now, with a commercial version (with manuals and all) in the works.Mandrake Linux Community Newsletter - Issue #46
The Mandrake Linux Community Newsletter - Issue #46 is now available. "This Week's Summary: Xerox Chooses Mandrake Linux; Latest MandrakeClub Activities; Cooker Snapshot ISOs; PPC News; Mozilla 1.0; What's New at MandrakeUser.org?; This Week's Survey; Security-related Software Updates; Headlines from MandrakeForum."
Mandrake Linux Servers Invade Internet
Mandrake has sent in a press release to state that the latest Netcraft survey shows that the web server shipped with Mandrake, the Advanced Extranet Server, has "dramatically grown during the past 12 months, confirming the increased adoption of Mandrake Linux as a server platform."
A Mandrake update for ImageMagick
MandrakeSoft has put out an updated version of its ImageMagick package. It seems that there is a problem with the x86 development libraries that can cause segmentation faults; this update fixes that problem.Slackware updates
The Slackware changelog notices have been coming out steadily in the runup to the 8.1 release. Recent changes include new quota code, the addition of adjtimex, a new Java runtime environment, a MySQL upgrade, the latest Evolution, and more. The June 15 changelog also notes a security fix to KHTML.Meanwhile, for those of you who miss the old Slackware forums, UserLocal has put up a readonly version for archival purposes.
Minor distribution updates
FreeBSD 4.6 released
FreeBSD 4.6 is now available. Quite a few changes have gone into this release, including the adoption of XFree86 4.2. See the announcement for the details.Embedded Coyote Linux Wolverine Beta 1
The Embedded Coyote Linux page notes the June 17 release of "Wolverine Beta 1." "This version includes PPTP authentication updates, bug fixes, and updated login and firewalling services. This version contains the majority of the functionality that will be present in the final v1.0 release."
LEAF v1.0-rc3
The third release candidate of LEAF 1.0 (LEAF being the Linux Embedded Appliance Firewall) has been announced. Numerous packages, mostly security-oriented, have been upgraded in this release; see the announcement for details.
Page editor: Jonathan Corbet
Development
System Applications
Clusters and Grids
SCE 1.5 Release Announcement
Version 1.5 of SCE, an integrated scalable computing environment, has been released. New features include automatic installation for diskless machines, HA support out of the box, automatic dependency checks, a new configuration generation tool, performance improvements, and bug fixes.
Electronics
Icarus Verilog 20020616 released
A new snapshot of the Icarus Verilog electronic simulation language compiler has been released. See the release notes for more information.
Embedded Systems
Mizi Research announces new Linux PDA developer kit (LinuxDevices)
LinuxDevices introduces us to an embedded Linux developer kit. "Mizi Research (Seoul, Korea) announced today the near-term availability of a hardware/software developer kit for its Linu@ (pronounced 'Linu-ette') Embedded Linux distribution."
Libraries
Koha 1.2.0 Released
Version 1.2.0 of KOHA, a free open source library (as in books) system, has been announced. New features include search by Dewey number, improved keyword searches, restricted catalogue searches, a new catalogue maintenance section, MARC imporing capabilities, and bug fixes.
Mail Software
Sentinel 1.2.4b released
Version 1.2.4b of the Sentinel mail filter for sendmail has been released. Some instabilities under the Linux and Sparc platforms have been fixed.
Web Site Development
Midgard 1.4.3 released
The final Midgard 1.4.3 release has been announced. Not much has changed since the last release candidate; click below for the details. (Midgard is a PHP-based web application publication framework).SashXB 1.0 released
The Gnotices site is carrying an announcement for release 1.0 of IBM's SashXB. "SashXB is an open source application environment that exposes native functionality to JavaScript. It's ideal for web developers with HTML and JS skills who want to write full-featured native applications, as well as experienced programmers who'd appreciate the convenience of rapid application development. It uses a host of other open source projects, including Mozilla, GNOME, Glade, and Gdome. The SashXB project was inspired by Sash For Windows." See the SashXB home page for more details.
Zope Members News
The latest adds to the Zope Members News include a notices for Zope training, External Editor 0.3, CMFForum 0.1, ZOPE 2.6.0 Alpha 1, ZFS 0.1, and a Hotfix 2002-06-14 security Alert.
Miscellaneous
Ship in a Bottle - Running Linux Under Linux
David HM Spector illustrates various ways to emulate Linux under Linux for the purpose of software development. "So if you're still in the game, need to test lots of software configurations for your products and services, and aren't allowed to buy or lease any new hardware, what do you do? Clearly, repeatedly building and wiping out a machine or two for software testing is tedious and time-consuming. In this Linux in the Enterprise article, we'll examine some software solutions that will help you "create" enough machines to test against without spending anything more than a little time and some disk space."
How to build a dual-booting Linux system on a single hard drive (developerWorks)
Koki Zamboni has written in with a link to an old but worthwhile IBM developerWorks tutorial on dual booting Linux with Linux. "Having multiple Linux installations to work with allows you to easily test different libraries with the same program, watch how your program interacts with others, or just tweak a parameter here or there to see what happens. This comes in handy for development and testing -- as well as for customer support."
Twisted 0.18.0
Version 0.18.0 of the Twisted network framework has been released. "0.18.0 is a major release, cleaning up many of the main APIs in twisted.internet and moving us much closer to a 0.99.x series leading up to Twisted 1.0."
Desktop Applications
Audio Applications
WaveSurfer 1.4.1 released
Version 1.4.1 of the sound visualization and manipulation tool WaveSurfer has been released. This version features "Numerous minor enhancements and bug-fixes".
Desktop Environments
GNOME 2.0 Desktop Release Candidate 1
All you GNOME testers out there, GNOME 2.0 Desktop Release Candidate 1 code-named "Fever Pitch" is ready for you.GNOME Installation Guide for 1.4.1 and 2.0 published
The GNOME Installation Guide for the releases 1.4.1 and 2.0 has been upgraded and published.
Getting ready for GNOME 2, part 2 (IBM developerWorks)
IBM's developerWorks is running part 2 in a series by Daniel Robbins on GNOME 2. "In the second installment of the newly relaunched GNOMEnclature column, relative GNOME newbie and Common Threads columnist Daniel Robbins takes a a look at the new Glib object system from a new GNOME developer's perspective."
GNOME Utilities 2.0.0 'Zivot je jinde' released
The GNOME project today announced the release of gnome-utils 2.0.0, targeted for the "GNOME 2.0 Platform and Desktop" release. Much has changed since the initial start of the project in late 1998 and this release marks the start of a more intuitive and appealing user interface, coupled with the port to the new GNOME 2.0 platform.Kernel Cousin KDE #38
Issue #38 of Kernel Cousin KDE topics include Mime Types In KDE, Going Back a Revision, KDE to Speak Klingon, and KOffice Mimetypes Submitted to IETF for Public Review.
Games
Boson 0.6 -- A New Milestone
KDE.News reports on a new version of the real time strategy game Boson. "Since development restarted in late 2001, the game has been completely rewritten and ported to libkdegames. As a result of the recent development, Boson 0.6 has been released."
The Chopping Block
The June, 2002 edition of The Chopping Block is out with the latest news from the WorldForge game project. Feature articles topics include Concept Art, Lagrangian Mechanics, and the First Castles Paper.
Graphics
Gdk-pixbuf 0.18.0 is released (Gnotices)
Version 0.18.0 "No White Clouds in My Blue Sky" of the Gdk-pixbuf library has been released. A number of bugs have been fixed in this release.
Interoperability
Kernel Cousin Wine #125
Kernel Cousin Wine #125 topics include Wine-20020605, Lindows OS SPX 2, Testing Lotus Notes 3, Directly Executing Windows Binaries 4, License Thoughts, and the Future of Wine Debugging.Kernel Cousin Wine #126 For 13 June
Issue #126 of the Kernel Cousin Wine is available. Topics include Updated CodeWeaver's Products Quickstart Guide; TransGaming Releasing Code; LinuxTag 2002 News; Installing Internet Explorer; Supporting Windows Links in the Kernel; and Preliminary BiDi Patch.
Office Applications
AbiWord Weekly News #96
The latest weekly news update for developers and users of AbiWord is available. "BugZilla upgraded, table and GTK2 work continues. There's also been lots of work done on other fronts: win32 installer update, bug fixes, and msxml support to name a few."
Languages and Tools
C
distcc 0.4 available
Version 0.4 of distcc, a distributed C compiler, is available. "distcc is a program to distribute compilation of C code across several machines on a network. distcc should always generate the same results as a local compile, is simple to install and use, and is often significantly faster than a local compile. Unlike other distributed build systems, distcc does not require all machines to share a filesystem, have synchronized clocks, or to have the same libraries or header files installed. Machines can be running different operating systems, as long as they have compatible binary formats or cross-compilers. (Currently it is being tested on gcc-linux-x86 and gcc-freebsd-x86.)". (Thanks to Martin Poole.)
Caml
Caml Weekly News for June 4-11, 2002
The June 4-11, 2002 edition of the Caml Weekly News looks at signal analysis, Cash 0.10, Ocaml licensing issues, F#, findlib-0.7, and more.The Caml Hump
This week, The Caml Hump covers the PoesiaMonIcap Internet Content Adaptation Protocol filter monitor, the Cameleon ide, DBForge, omlib, and rpc.
Java
Sun JDK 1.4.0_01 Released
Sun has released version 1.4.0_01 of Sun JDK. A number of bugs have been fixed in this version.Enhance Collection Performance with this Treasure Trove (O'Reilly)
O'Reilly's OnJava site reviews Trove. "Eric D. Friedman wrote a high performance set of collections called Trove. Trove allows you to plug in their versions of certain containers (HashMap, HashSet, LinkedList), and use them just like you did with the standard versions. There are also ways to utilize primitive collections to gain even more performance. Don't you love open source?"
Lisp
OpenMCL 0.12 released
Version 0.12 of OpenMCL has been released. "This version features several changes to the FFI interface, a more extensive Cocoa demo for Mac OS X, and a lot of bug fixes." See the release notes for more information.
Perl
Where Wizards Fear To Tread (Perl.com)
Artur Bergman examines thread programming under Perl 5.8 on O'Reilly's perl.com site. "One of the big new features in perl 5.8 is that we now have real working threads available to us through the threads pragma. However, for us module authors who already have to support our modules on different versions of perl and different platforms, we now have to deal with another case: threads! This article will show you how threads relate to modules, how we can take old modules and make them thread-safe, and round off with a new module that alters perl's behavior of the 'current working directory'."
PHP
PHP Weekly Summary for June 17, 2002
The June 17, 2002 edition of the PHP Weekly Summary is available. Topics include PHP 4.3.0 + ZE2, DOMXML validation, MySQL extension, a call for papers for the International PHP conference in Frankfurt, Germany, Wez and Streams support, PHP and sed, and PEAR and PECL.Gettext (O'Reilly)
Joao Prado Maia writes about gettext and PHP on O'Reilly's OnLamp site. "Did you ever get into a situation in Web development where you need to create a Web site or a Web application that is dynamically available, in several languages? A lot of existing open source applications try to create their own solution for these needs, but the standard way to do this is to use Gettext, a set of GNU tools to help packages manage multi-lingual messages in their applications."
Python
This week's Python-URL
Here is Dr. Dobb's Python-URL for June 17. It looks at Guido's first Father's Day, final methods, the leo editor, MayaVI, and more.The Daily Python-URL
This weeks entries on the Daily Python-URL covers PyReverse, Leo, Generating SOAP, PyBEM, ChinesePython, tree2image, Python iterators, and more.
Ruby
The Ruby Garden
This week's Ruby Garden topics include module importing issues, and the use of nil.to_f.
Scheme
Scheme Weekly News
The June 10, 2002 edition of the Scheme Weekly News covers PLT Scheme v200alpha19, the 27th Scheme Request For Implementation, a new ILISP release, expansion of the ReadScheme.org bibliography, and SWIG 1.13.12.
XML
Secrets of the XML developer elite: Janet Sullivan (IBM developerWorks)
IBM's developerWorks looks at some XML development tricks from Janet Sullivan. "Janet Sullivan knows that the successful use of XML depends on how clean developers can keep their XML data trees. Make sure bad data does not corrupt your XML data tree, insists Sullivan. In this piece, Sullivan gives tips and tricks for XML developers to keep the introduction of dynamic data safe."
The IETF, Best Practices and XML Schemas (O'Reilly)
O'Reilly's XML-Deviant column covers the XML best practice guide. "In this week's XML-Deviant column, I examine an XML best practice guide under development by the IETF, as well as the XML Schema language debate which it has reignited."
Editing XML Data Using XUpdate and HTML Forms (O'Reilly)
Chimezie Ogbuji introduces XUpdate on O'Reilly's XML.com. "In this article I will discuss how XUpdate can be used in conjunction with XSLT to write tools for authors of web-based applications that will automatically generate HTML forms for editing various kinds of data."
Miscellaneous
GNUstep Weekly Editorial
The June 6, 2002 edition of the GNUstep Weekly Editorial is out. Topics include gnustep-make 1.3.3, gnustep-gui-0.7.8, gnustep-back-0.7.8, and StepTalk 0.6.0.12 Months, 25 Men, One Woman and a Dictionary (O'Reilly)
Aidan Mark Humphreys discusses developers' spoken languages on O'Reilly's OnLamp site. "English is, to be sure, the closest thing we have to a lingua franca for software engineering. One of my involvements, the PHP-based PostNuke CMS Project, has over 200 developers from -- well, just about everywhere, with English as a common language. But there are many talented developers who, whilst quite happy to read the latest W3C spec or RFC, do not feel confident enough of their Franglais, Singlish, or Ginglish to hold their corner when flame wars break out."
Page editor: Forrest Cook
Linux in Business
Business News
Wal-Mart selling Lindows PCs
Wal-Mart, as it turns out, is now selling computers with Lindows installed. There are eight models available, for as cheap as $299. See this press release from Lindows for hype and more information.Caldera backs away from 64-bit Open Unix (Register)
Caldera International Inc continues to support the Unix operating system, although although there are no plans to port Unix to the 64 bit Itanium processor.Red Hat reports first quarter fiscal 2003 results
Red Hat has announced its latest quarterly results. The bottom line: a $830,000 "pro forma" loss on $19.5 million in revenue. The real bottom line is a $4.3 million loss. No talk of operating profits this time around. "Large enterprise revenues" are where the company's money is coming from; much of the loss came from restructuring the embedded group.HP and Red Hat Expand Relationship to Deliver Linux Solutions to Enterprise Customers
This press release announces that HP will be selling servers with Red Hat Linux Advanced Server. "As part of the expanded relationship, all HP ProLiant servers, blade servers and Itanium 2-based servers and workstations will be available with certified Red Hat Linux Advanced Server". See also this CNET story with a little more detail.
MontaVista Software Partners With IDT to Provide Embedded Linux Platform for Communications Applications
Here is a press release detailing MontaVista's plan to provide Linux support for IDT's Ethernet switching, gateways, wireless access points and virtual private networks (VPNs).Covalent Technologies Announces Apache 2.0-based FTP Server
Here is a press release from Covalent, announcing their new FTP server product, which "Provides Encrypted File Transfer Capabilities and Easier Integration".
NuSphere announces NuSphere PHPEd 3.0
NuSphere has announced the availability of "PHPEd 3.0," an integrated development environment for PHP. It includes a debugger, a profiler, PostgreSQL support (as well as MySQL, of course), and more. Pricing starts at $299.Fujitsu Software Corporation Expands NetCOBOL Support to Linux Operating System
Here's a press release that is good news for COBOL developers. "In response to customer demand, Fujitsu Software Corporation, a leading supplier of COBOL compilers and tools, is releasing its popular NetCOBOL(TM) product on the Linux operating system. This is good news for those who are considering Linux as a potential platform for their mission-critical applications and good news for the COBOL community as Fujitsu brings NetCOBOL's performance and reliability to another major operating system platform."
IDG Launches tecChannel Compact in Germany
International Data Group announced a launch in Germany of tecChannel Compact, a new concept combining a computer specialist book with an information technology magazine. The June 7 debut issue is available on newsstands and online at www.tecchannel.de, and is devoted to covering the topic of Linux professional use in Germany.
Press Releases
Distributions and Bundled Products
Software for Linux
- ACCPAC International, Inc. (PLEASANTON, Calif.): ACCPAC Extends Linux Strategy With Pro Series For Linux.
- Avery Design Systems (ANDOVER, Mass.): Avery Design Systems Demonstrates Intelligent Testbench Automation and Parallel Simulation Solutions at Design Automation Conference.
- BroadWay Integrated Services Software (AUSTIN, Texas): BRECIS and Ashley Laurent Announce Complete Network and Security Services Package for Broadband Devices.
- Fidelia Inc. (DENVER): New infrastructure and app. management product on Solaris and Linux.
- Chrysalis Communications (DENVER): Fidelia NetVigil Is First to Provide Real-Time Performance Management and Monitoring at a Price Midsize Companies Can Afford.
- Clearswift (SEATTLE): Survey from Clearswift Pegs Spam and Network Productivity Loss as Huge Concerns for Organizations.
- Command Prompt, Inc. (Portland Oregon): RedHat Linux 7.2/7.3 Mammoth PostgreSQL free eval now available!.
- Cloudmark (SAN FRANCISCO): Cloudmark Announces SpamNet; Stops Spam Immediately and Empowers Consumers To Fight Back Against Spam.
- Covalent Technologies, Inc. (SAN FRANCISCO): Covalent Technologies Announces FTP Server Optimized for Enterprise Customers; Apache 2.0-based FTP Server Provides Encrypted File Transfer Capabilities and Easier Integration.
- Fujitsu Software Corporation (CHICAGO): Fujitsu Software Corporation Expands NetCOBOL Support to Linux Operating System; Fujitsu Software's NetCOBOL Product Will Meet the Increasing Demand for COBOL on Linux.
- H.A. Clusters and H.A. EchoStream Software (MINNEAPOLIS): Leading IT Solution Provider Broadens Distribution Network for Most Cost-Effective, Easiest to Use High Availability and Data Replication Software.
- IBM Research (HAWTHORNE, N.Y.): IBM Researchers Demonstrate Industry's First Self-Diagnostic Wireless Security Monitoring Tool; The Distributed System Allows 24X7 Real-Time Auditing of Corporate Networks.
- Marimba (MOUNTAIN VIEW, Calif.): Marimba to Showcase Software Change-management Products for Financial Services Industry.
- Microlite Corporation (ALIQUIPPA, Pa.): Microlite Announces BackupEDGE SS 01.02.02.
- Microlite Corporation (ALIQUIPPA, Pa.): Microlite Extends the Use of DVD Devices Under Linux With BackupEDGE SS 01.02.02.
- Mountain View Data (SAN FRANCISCO): Mountain View Data Announces Free Trial Version of MVD Powered NAS 1.5 Based on Linux.
- NuSphere Corporation (BEDFORD, Mass.): NuSphere Corporation Announces NuSphere PHPEd 3.0; PHP IDE and Debugging Capabilities for PHP and Linux rival Microsoft's Active Server Pages.
- Objectivity Inc. (MOUNTAIN VIEW, Calif.): Objectivity/DB Release 7.0 Breaks New Ground; Massive Scalability and Open Access Features Extend the Capabilities of the Fully Featured Objectivity/DB Database Engine.
- Plesk, Inc. (CHANTILLY, Va.): Plesk Promotion Gives Free 'Master Level' Interface That Consolidates Server and Hosting-Plan Management.
- PolyServe, Inc. (SAN FRANCISCO): PolyServe Launches System Software That Empowers Industry Standard Servers to Take On UNIX Market; Linux Solution Offers Dramatic Cost Savings to the Corporate Data Center.
- ProactiveNet (SANTA CLARA, Calif.): New Enterprise Adapters in ProactiveNet 4.1 Deliver Patented; Application Performance Management for EMS Frameworks.
- Process Software (FRAMINGHAM, Mass.): Process Software's New Product Offers Secure Communication Over the Internet for OpenVMS Systems.
- QLogic (www.qlogic.com) (ALISO VIEJO, Calif.): New QLogic HBAs Offer Highest Performance and Exclusive Native Support for All Major Operating Systems.
- Razor. Razor is an activity-based Software Configuration (LEXINGTON, Mass.): Razor Software CM System Gains Powerful New Metrics Reporting for Improved Software Development and Support.
- Resonate (SUNNYVALE, Calif.): Resonate Ships Latest Version of Resonate Central Dispatch for Linux; Resonate Delivers Robust High Availability Platform for Linux for the Enterprise.
- RealSpeak (PEABODY, Mass. & HUNTSVILLE, Ala.): Sirsi Selects ScanSoft RealSpeak to Service Libraries Worldwide.
- ScanSoft, Inc. (PEABODY, Mass.): ScanSoft RealSpeak Compact SDK Adds Multi-Lingual, High-Quality Text-to-Speech to Automotive and Mobile Applications.
- Servigistics (ATLANTA): Servigistics Unveils Support Chain Optimization Solution; Servigistics 7.0 Delivers Immediate Bottom Line Impact to Service Organizations.
- SSH Secure Shell Product Family (PALO ALTO, Calif.): SSH Brings Enhanced Graphical User Interface and New Security Token Support in New Version of SSH Secure Shell.
- Storage Technology Corporation (LOUISVILLE, Colo. and LAS VEGAS): StorageTek's SnapVantage Provides Single-Point Control for Easy-To-Use Management Platform for zLinux Virtual Server Deployment.
- Think Dynamics (Toronto, Canada): Think Dynamics Releases ThinkControl 2.0; Latest Software Version Enables Leading Internet Data Center-IDC-Customer To Maximize Resources And Generate New Revenue .
- Think Dynamics (TORONTO): Think Dynamics Releases ThinkControl 2.0; Latest Software Version Enables Leading Internet Data Center - IDC - Customer to Maximize Resources and Generate New Revenue.
- Urchin Software Corp. (SAN DIEGO): World's Most Advanced Web Analytics Software Released -- Urchin 4 Redefines Ease of Operation and Reporting Accuracy.
- X-Hive Corporation (ROTTERDAM, The Netherlands): X-Hive Corporation Launches Version 3.0 of Its Native XML Database.
- Neoware Systems (King of Prussia, PA): Neoware Continues to Lead in Healthcare; Mobile Medical Industries Chooses Neoware's Capio Thin Client Appliances and ezRemote Manger Software.
Products and Services Using Linux
- IBM (Hawthorne, NY): IBM Debuts First Self-Diagnostic Wireless Security Tool on Linux.
Hardware with Linux support
- Dobbin/Bolgla Associates (WAYNE, N.J.): New Toshiba 'MOBILPHILE': 5GB Portable Digital Audio Player With High-Speed USB 2.0 Interface.
- Equinox (SUNRISE, Fla.): Equinox Expands SST Multiport Serial Adapter Series; New Universal Adapters Include Support for Both New 3.3V and Traditional 5.0V PCI Bus.
- Evergreen Technologies, Inc. (CORVALLIS, Ore.): Evergreen Adds Low Cost USB 2.0 Pocket HotDrive To Current fireLINE High Speed Portable Storage Offerings.
- FirewireDirect.com Inc., Austin (AUSTIN, Texas): FirewireDirect Releases the Ultra 3 SCSI RAID Solution Offers Nearly Two Terabytes Accessible By Up To Two Servers.
- Getronics Government Solutions (HERNDON, Va.): Getronics Government Solutions, Announces The XTS-400; a Trusted Computer System With Linux Interface.
- MontaVista Linux (TOKYO & SUNNYVALE, Calif.): MontaVista Software Powers New Advanced Thin-Client Terminal; Nexterm and ELT Develop Next Generation Product Based on MontaVista Linux.
- ProactiveNet (SANTA CLARA, Calif.): New Enterprise Adapters in ProactiveNet 4.1 Deliver Patented Application Performance Management for EMS Frameworks.
- StorageTek (IRVINE, Calif.): Procom and StorageTek Complete Qualification of Libraries and Tape Drives for NetFORCE 1000 and 3000 Series Storage Solutions.
- the AMD Athlon(TM) MP Processor (SUNNYVALE, Calif.): AMD Launches Enhanced Performance for Multiprocessor Platforms.
- RackSaver Inc. (SAN DIEGO): RackSaver Announces Support for Intel's New Server Products for Its Intel Xeon Processors; New Server Building Block Products for the Intel Families.
- the BEETLE Family of POS Appliances (AUSTIN, Texas): Wincor Nixdorf Adds Intel Pentium III 1GHz Support to Its BEETLE Family of Point-of-Sale Systems.
- AMD (Sunnyvale, CA): AMD Launches Enhanced Performance For Multiprocessor Platforms .
Linux at Work
- 1mage: 1mage Software Inc. is a leading provider of document (ENGLEWOOD, Colo.): Alaskan Freight Carrier Installs 1MAGE Document Management System.
Java Products
- Sun Microsystems, Inc. (SANTA CLARA, Calif.): Sun(TM) ONE Studio Tools Deliver End-to-End Web Services Support, Spanning Mobile, Web and Server Development.
Partnerships
- Concurrent Computer Corporation and PowerSource (ATLANTA): Concurrent Partners with PowerSource to Provide Comprehensive VOD Over IP Solution.
- IDT (SANTA CLARA, Calif.): MontaVista Software Partners With IDT to Provide Embedded Linux Platform for Communications Applications.
- Parasoft (MONROVIA, Calif.): Parasoft Signs Global Software Agreement With IBM.
- Red Hat (PALO ALTO, Calif.): HP and Red Hat Expand Relationship to Deliver Linux Solutions to Enterprise Customers; Companies First to Deploy Linux on Intel Itanium 2-based Systems.
- THE NIC COMPANY (SAN ANTONIO): Larry Ellison's New Internet Computer Company, Sun Microsystems and Oracle Deliver Ultra-Affordable Internet Access Solution to Schools in Chile.
- Telelogic (Malmo, Sweden): Telelogic Elected to Eclipse Board; Telelogic Supports New Industry Platform for Open Source Development Through Best-of-Breed Tool Integration.
- Turbolinux (SAN FRANCISCO & TALLAHASSEE, Fla.): Turbolinux and Mainline Information Systems Form Strategic Alliance to Deliver Integrated Linux Solutions for IBM eServers.
Investments and Acquisitions
- BCC Technologies (IRVINE, Calif.): BCC Retains Markwood Capital Alliance for Next Phase of Growth in Storage Industry.
Financial Results
- Red Hat, Inc. (RALEIGH, N.C.): Red Hat Reports First Quarter Fiscal 2003 Results; Company Continues to Show Strong Enterprise Growth.
- Red Hat, Inc (Raleigh, NC): Raleigh, N.C.-Based Software Firm Meets Quarterly Expectations.
Personnel and New Offices
- Red Hat, Inc. (RALEIGH, N.C.): Red Hat Names Anthony Moretto Vice President of Global Services; Technology Industry Veteran and Professional Services Expert to Lead Linux Leader's Global Support Operations.
- Sistina Software (MINNEAPOLIS): Sistina Software Completes Its Executive Team.
- Thirdspace (LONDON): Thirdspace Appoints Former Tuxia CTO to Executive Position.
Miscellaneous
- Borland Software Corp. (SCOTTS VALLEY, Calif.): Borland to Participate in Mexico Trade Mission Led by U.S. Secretary of Commerce.
- Evans Data Corporation (SANTA CRUZ, Calif.): New Survey of Corporate Application Development Managers Finds Web Services Model Gaining Ground; Security Concerns Top List of Potential Obstacles to Enterprise Web Services Adoption.
- ISOC (ARLINGTON, Va.): INET 2002 Conference Opens Today in Arlington, VA.
- LinuxWorld Conference & Expo (FRAMINGHAM, Mass.): Industry Leaders Join New Companies Making Their LinuxWorld Debut; Key Players On Board to Exhibit At the World's Premier Open Source Event.
Page editor: Forrest Cook
Linux in the news
Recommended Reading
Behind Linux's Struggle in Gov't (Wired)
Wired looks at some issues behind the slow adoption of Linux in the U.S. government. "It's free, it's becoming more secure, and it's even the dirty little secret among some computer geeks who work in the U.S. government. Then why isn't linux more prevalent? One word: Microsoft. Another: Oracle."
Snapshots From the Open-Source Front (PC World)
PC World examines the use of open-source software by governments around the world. "Government officials the world over are getting drawn into the debate over the relative merits of using open-source software rather than Microsoft's Windows applications and other software developed by vendors who closely guard the intellectual property of their source code. Some countries, such as Germany, have decided to replace Windows and other commercial software products with open-source applications. Other countries remain committed to commercial software, and yet others are straddling the fence."
A Successful Linux/Open-Source Business Model (Linux Journal)
The Linux Journal looks at the Open Studios initiative. "What if there was a nice way to provide incentive to those who would create and innovate solely on works placed within the Public Domain? No protection, just incentive. No fabulous wealth unless, luck would have it, the creator happened to hit on the right marketing strategy to attract an audience and provide merchandising products that, along with tours, personal appearances, concerts, exhibits and offers of commissions for further works, produce wealth. I believe I just described one of the fathers of the Public Domain ilk, The Grateful Dead, and their system is remade in the image of Open Studios."
Software End User License Agreement Upheld In Court (UnknownPlayer)
UnknownPlayer.com is running an editorial by Ramin Sarcerok Shokrizade that examines a number of interesting "gotchas" buried deep inside the legalese of many software End User License Agreements (EULAs). By clicking the "accept" button, users are inadvertantly giving away private information, access to their computer CPU cycles, and more. Thanks to Barry Gould.Patently Absurd (Forbes)
Forbes is running an article on problems with the U.S. patent system. "The patent as stimulant to invention has long since given way to the patent as blunt instrument for establishing an innovation stranglehold."
Companies
Linux scrubs up for medical role (ZDNet)
ZDNet reviews a new embedded Linux device that is intended for use in the medical field. "Austrian company BMS Bayer launched EasyDose, a unit that monitors, displays and manages X-ray exposure data automatically through hospital networks. Based on Transmeta's Midori--a very compact Linux distribution--and a Cyrix GXM 233 processor, the unit has a 6.5-inch touch-screen and works to the standard DICOM (Digital Imaging and Communications in Medicine) protocols over IP and Ethernet."
Developer eases United Linux fears (vnunet)
Vnunet speaks with Conectiva about United Linux. "Linux developer Conectiva has moved to allay fears that the recently announced United Linux project will see the end of downloadable binaries and ISO files, and mean a mess of new licensing."
Popular HP Server Bid Farewell (TechWeb)
Tech Web reports on Hewlett Packard's suggested migration paths for HP e3000 customers. "Hewlett-Packard is enticing owners of its once-popular, now-doomed e3000 servers to buy HP-UX or Linux systems. The most likely migration path will be to HP 9000 servers running HP-UX, although buyers could also move to Intel-based ProLiant servers."
Red Hat, HP join for Itanium Linux (News.com)
CNet reports on a partnership between Red Hat and HP. "Red Hat will begin selling an Itanium version of its Advanced Server Linux product early this fall, executives disclosed Tuesday, one of several partnerships under way with Hewlett-Packard."
IBM's Intel Linux plans (Register)
The Register talks about running Linux on IBM's xSeries servers. "With all the excitement about Linux on the IBM mainframe zSeries and interest growing in the AS/400 iSeries, the popular xSeries servers are being overlooked. That's a mistake. Good, old Intel-based servers from IBM armed with Linux continue to move into small- and medium-sized businesses everywhere."
IBM shoots at 'drive-by hackers' (ZDNet)
Here's an article about IBM's press release yesterday, outlining their self-diagnostic wireless tool. "The IBM software sits on laptops and PCs, analyzing traffic on an internal 802.11 wireless network and sending data to a centralized server, said Dave Safford, manager of the global security analysis lab at IBM Research in Hawthorne, N.Y."
LindowsOS backs off its claim to run most Microsoft apps (NewsForge)
As a followup to the press release from Lindows and Wal-Mart.com, NewsForge reports that the language has been altered to remove the wording that indicates that Lindows will run programs designed for Windows.Red Hat lowers losses (Register)
The Register examines the latest financial results from Red Hat Inc. "Red Hat Inc, the Linux software and services firm, yesterday reported that it reduced its loss in its first fiscal quarter and increased its revenue sequentially, but saw a decreased top line year-on-year as it reduced its focus on embedded systems in favor of the enterprise market."
Red Hat narrows loss, meets estimates (News.com)
Stephen Shankland has produced a general roundup of Red Hat's business, centered around their latest quarter financial results. "Red Hat, which gets half its revenue from services, will face a challenge in regard to increasing its profitability given that services typically require many employees and therefore are an expensive operation, Raisys said. In addition, IBM, including its gigantic Global Services division, is pushing hard to make money from Linux."
Sun delivers Cherrystone UltraSparc-III servers (Register)
The Register reports on Sun's new Cherrystone UltraSparc-III servers, which are intended to compete with Linux servers. "The V480 supports either Solaris 8 or the new Solaris 9 operating system from Sun and is aimed squarely at the four-way Intel-based server market where Pentium III Xeon and Pentium 4 Xeon processors are making headway running Windows 2000 and Linux."
Sun's 'Big Bear' Linux server to appear in August (InfoWorld)
InfoWorld has details on the announcement to be made by Sun CEO McNealy. "Sun Microsystems will announce its controversial Linux server, code-named Big Bear, this August at the LinuxWorld conference, showing a dual-processor system that runs on chips from rival Intel, according to sources familiar with the company's plans."
Sun targets Microsoft with free software (News.com)
Sun Microsystems will be giving away some software to bolster competition against rival operating systems. "Sun plans to give away a basic version of its application server software, a key piece of infrastructure software for building business applications. Application server software is technology that runs e-business and other Web site transactions. The giveaway targets computers that run Microsoft's Windows, Linux and Unix operating systems, Sun said."
Sun's Full Assault on .NET (Wired)
Wired details Sun's strategy against .NET. "So Sun plans to give away for computers that run Windows, Linux and Unix operating systems from Hewlett-Packard and IBM, a basic version of its application server, a type of backbone software that runs custom applications necessary for Web services and communicates data between applications."
Wal-Mart trims prices of Linux-based PCs (News.com)
CNET has a story giving extra details about the Linux-based Microtel computers about to be offered by Wal-Mart. "The new PCs start at $299 and include a preinstalled copy of LindowsOS, a version of the open-source operating system that sports a graphical user interface and the ability to run Windows applications, according to its manufacturer."
Wal-Mart Selling LindowsOS PCs (TechWeb)
Tech Web covers the newly introduced Lindows PC from Wal-Mart. "Wal-Mart won't do just Windows anymore. The world's largest retailer is now selling, via its Web site, low-cost PCs loaded with a version of Linux that runs Windows apps. The deal, with startup Lindows.com Inc., is a break from Microsoft's lock on home-PC operating systems."
Business
Intel targets Wall Street back offices (News.com)
CNET has a story about Intel's sales and marketing efforts targetted toward Wall Street firms. This story summarizes a Sun Microsystems vs. Intel struggle, with Linux in the middle. "The move would put Linux behind many of the computers that power trading floors, and Intel wants its chips tagging along. The combination of Linux and Intel has been gaining steam."
J.D. Edwards makes a Linux move (News.com)
News.com reports on business software maker J.D. Edwards as the company begins to support Linux. "J.D. Edwards took a different Linux route than major software companies such as Oracle and Veritas that have warmed to the relatively new operating system. Where Oracle and Veritas have backed Red Hat, the most widely used version of Linux, J.D. Edwards is starting its support with SuSE, said Lenley Hensarling, J.D. Edwards' vice president of product management for tools and technologies."
Joel on free software
Worth a read: this "Joel on Software" column on why for-profit companies are supporting free software. The core idea: there is more demand for a product or service if its "complements" (add-on or related) products are commodities. By commoditizing certain types of software, companies like IBM, HP, and Sun increase the demand for their hardware and services. "IT consulting is a complement of enterprise software. Thus IBM needs to commoditize enterprise software, and the best way to do this is by supporting open source. Lo and behold, their consulting division is winning big with this strategy." (Seen on Slashdot).
Think outside the box and collaborate (ZDNet)
Collab.net's CEO Bill Portelli has been given the podium at ZDNet, in which he testifies to the promise of collaberative development. "All of the companies who participate in this new integrated Software Business Cycle are gaining a competitive advantage, generating long-term revenue and increasing market share."
GFX: Industrial Light & Magic (Linux Journal)
Linux Journal reports on the switch to the Linux platform by film company Industrial Light and Magic. "``Linux is increasing the quality of our work, not the quantity'', says Andy Hendrickson, director of research and development. Large amounts of processing power enable more user control.'' He explains,"
"``We often go into a show knowing what we want but are forced to scale back realism with shortcuts because of a lack of processing power. Using Linux we can add more realism. We direct effects. It isn't enough to have a cloud that is an NOAA-accurate model. Artistic staff directs the effects with, ``Make that cloud more fluffy''. Or, if we simulate an entire ocean, as in Perfect Storm, ``Make that wave larger''.
"
Disney Shifting to Linux for Film Animation (NY Times)
This New York Times article (you'll need a username and password) covers Disney's smart move toward Linux. "Disney's animation division is announcing today that it plans to use Hewlett-Packard workstations and data-serving computers running Linux for digital animation work in the future." (Thanks to Robert George Mayer)
Scooby Doo gets Linux power (IT-Director)
According to IT-Director, the recent Scooby Doo animation feature was rendered with the aid of Linux. "Rhythm and Hues, the animators responsible for bringing Scooby to life, currently have 125 Linux systems and 300 SGI machines. The plan is to phase out the SGI estate by the middle of next year in favour of Linux boxes."
Disney embraces HP Linux for animation (Register)
The Register reports on a move by Walt Disney Feature Animation to HP Linux machines. "HP winning Disney for Linux is of course a massive victory, but if you pick through the release it's all a bit vague really. We've got a "broad range of products and services" including something that renders in an Opera browser on Win2k as "Intelâ Xeon-powered HP x4000 workstations" (goodness only knows what it looks like in Mozilla on Linux, (a configuration we appear not to have handy) and "high-density HP IA-32 based servers for rendering.""
Linux drives next-generation Mickey Mouse (vnunet)
Vnunet reports on the HP/Disney Linux deal. "Both companies have been working together for the past 10 months, and explained that adopting Linux was part of a migration strategy away from the existing homogeneous technology environment."
Interviews
What's Gnu: RMS on UnitedLinux, Free Software (Open For Business)
Open For Business features an interview with Richard Stallman. "RMS: Free software means you control what your computer does. Non-free software means someone else controls that, and to some extent controls you. Non-free software keeps users divided and individually helpless; free software empowers the users. All these reasons apply just as well to business users as to individuals."
"For a business, there is the added advantage that support for a free program comes from a free market. Support for a proprietary program is usually a monopoly, since only the company that owns the program can change it either to fix a bug or add a feature. If you are willing to pay for support, you will usually get better support for your money when you use free software.
"
Thanks to Timothy R. Butler.
Interview with Jim Fulton
The EuroPython site features an interview with Jim Fulton, CTO of Zope Corporation. "Zope 3 moves Zope from an inheritance-based framework to a component-based framework. Complexity is managed by splitting responsabilities among many cooperating components, rather than many cooperating mix-in classes. Components are connected using interfaces, which also provide component specification and documentation."
Resources
Linux Devices Embedded Linux Newsletter
The June 13, 2002 edition of the Linux Devices Embedded Linux Newsletter is out. Topics include: constructing a Linux powered IRDA printing device, a report from the Embedded Linux Expo and Conference, the Toshiba SG20 wireless mobility server, Hitachi's new Linux based Flora web pad, and more.Building an Inexpensive, Powerful Parallel Machine and Using It for Numerical Simulations (Linux Journal)
Here's a detailed Linux Journal article on creating a large number crunching cluster. "Jobs on any node are started from the master node, which is the only login place in the entire cluster. Scyld Beowulf software creates an illusion of a single computer (master node) with many CPUs (those of slave nodes). Monitoring slave nodes from the master node is easy with a graphical beostatus utility or simply with top."
Is Beauty Only Pixel Deep?, Part 2 (Linux Journal)
Marcel Gagné writes about fonts under X11 in a Linux Journal feature article. "It is time once again to pull back the curtain from Linux fonts and have a nice long chat with the gentleman at the controls. Judging from some of the responses I received from my last column, it seems that fonts are a nightmare to many (and I can't say I blame you). Nevertheless, it's time to put away fear and learn to enjoy your font experience."
Reviews
Can a Windows user learn to love Linux? We'll see (ZDNet)
ZDNet editor David Coursey installs Linux for the first time. "The reason I'm doing this is to put to rest some of the complaints that I'm a Microsoft stooge and don't like desktop Linux because I haven't been fully exposed to its wonders. So I asked the Red Hat people to send me a copy of their latest with the idea of doing an extended test, much like I did recently with Macintosh OS X."
Why I've learned to like Linux (but not to love it) (ZDNet)
Here's the followup to an article yesterday by a journalist working through a Linux desktop installation. "Still, nothing that Linux has hurled at me in the way of problems (really minor, actually) or confusion has come close to what Windows Me (aka Spawn of the Devil) did to me a couple of years ago. So, I am actually pretty happy with my Linux experience so far."
Linux powers first car with integrated UMTS services (LinuxDevices)
LinuxDevices takes a look at a new S-class Mercedes, recently demonstrated by DaimlerChrysler and partners. "Jentro (Munich, Germany) was responsible for the development of the user interface required to control the in-car functions via various input tools such as touch screens and keyboards. Jentro's 'JentroCar' platform runs on top of an embedded Linux operating system. MBDS/University Nice Sophia Antipolis developed the prototypes of mobile Internet applications for the UMTS standard."
Mozilla browser battles Microsoft (CNN)
Here's a lengthy article from the Associated Press, published on CNN, giving a solid review of Mozilla vs. Internet Explorer. "Mozilla's Baker insists the project's success is critical to the Web's future: 'If there's only one browser and that browser is tied to the business plan of a particular entity, it's quite likely that what we see on the Web will be limited.'"
Was Mozilla Worth The Wait? (TechWeb)
TechWeb today devotes a few paragraphs to trashing Mozilla. "No matter how good Mozilla is, it's not likely to be able to make up for years of lost time."
WhiteHat Arsenal Tool Set Aims to Knock Off Web Site Black Hats (TechWeb)
Network Computing reviews Quality of Service testing with the WhiteHat Arsenal tool set. "Only a handful of tools can assist with QoS (Quality of Service) testing before applications go live. Enter WhiteHat Security's WhiteHat Arsenal 2.0, a collection of basic tools that help security professionals test Web applications for common security vulnerabilities in the midrange of competitive pricing."
Parasoft's SOAPtest reviewed (TechWeb)
TechWeb reviews SOAPtest, a Java-based Web services testing application from Parasoft.Liberate, Samsung do video over DSL (News.com)
News.com examines Samsung's new Linux based set top box, which is designed to bring video in over DSL lines.
Miscellaneous
One system for all handhelds? (News.com)
Two Singapore programmers claim to have created an operating system that can run programs written for Windows as well as Linux. "The secret? The heavy lifting is done on an MXI-based server that runs the actual applications and sends a stream of data back to the MXI client software residing on the handheld."Security warning too quick for comfort? (News.com)
CNET is publicizing the bashing that Internet Security Systems received from many Free Software developers. "Network protection company Internet Security Systems published a security advisory for Apache, the Internet's most popular Web server, and gave the Apache Foundation, which created the software, less than two hours to respond."
Flaw exposes holes in alert system (Associated Press)
ISS has won the attention of the Associated Press in Washington for their handling yesterday of the security vulnerability they publicized in Apache. "A security bug was found in software used by millions of Web sites. Private experts alerted users and the FBI's computer security division. Problem is, they didn't tell the maker of the software. Then they issued the wrong prescription for fixing the flaw."
Use Binary-Only Kernel Modules, Hate Life (Linux Journal)
Don Marti is covering last week's Usenix with this article on, among many things, Linus' thoughts on the kernel and binary modules. "Most houses that use Linux a lot say that they won't support binary modules because they can't. They may work, but you're not getting the full advantage of Linux"
Webcasters brace for royalty decision (News.com)
News.com reports on the latest developments in the Net radio/DMCA royalty ruling. "Independent Webcasters are bracing for a final ruling on a royalty rate for Net radio, a decision that could determine the fate of hundreds of small online radio stations."
Page editor: Forrest Cook
Announcements
Resources
Technical Whitepaper: Memory Management Under uClinux
David McCullough, from SNAPgear, has written a white paper that examines memory management issues under uClinux.
Upcoming Events
KDE Reports from LinuxTag 2002
Here's a report from the KDE team at LinuxTag 2002, with pictures. "June, 9th (Karlsruhe, Germany). This year's LinuxTag was once again a successful gathering for over sixty KDE developers from all over Europe who presented their award-winning desktop environment to more than 13,000 interested visitors at "Europe's largest OpenSource Event". As a special guest, David Faure (of Konqueror and KOffice fame) attended the fair to share opinions with other KDE developers."
YAPC:NA 2002 Lightning Talks Preliminary Schedule
The preliminary schedule for the YAPC 2002 Lightning Talks sessions are available.[ANN] SciPy '02 - Python for Scientific Computing Workshop
The Python for Scientific Computing Workshop will be held on September 5 and 6, 2002 in Pasadena, California at CalTech. "This workshop provides a unique opportunity to learn and affect what is happening in the realm of scientific computing with Python. Attendees will have the opportunity to review the available tools and how they apply to specific problems."
International PHP 2002 conference call for papers
A call for papers has been issued for the International PHP 2002 conference, to be held in Frankfurt, Germany on November 3-6, 2002. The paper deadline is July 5.International Lisp Conference 2002
The International LISP Conference 2002 will be held from October 28 through October 31, 2002 in San Francisco, California.Lightning talks needed at OSCON
The O'Reilly Open Source Convention (San Diego, July 22 to 26) is looking for more "lightning talk" presenters. Lightning talks last all of five minutes; they can be a great way to quickly and easily present a free software project or idea to a large group of people. Interested people can sign up here.Events: June 20 - August 15, 2002
| June 20 - 21, 2002 | INET 2002 | (Crystal Gateway Marriott)Arlington, VA |
| June 20 - 21, 2002 | First International IFIP/ACM Working Conference on Component Deployment(CD 2002) | Berlin, Germany |
| June 25, 2002 July 23, 2002 | Seattle Ruby Brigade Meeting | Seattle, Washington |
| June 26 - 28, 2002 | Embedded Systems Expo & Conference in Tokyo(ESEC) | (International Exhibition Center)Tokyo, Japan |
| June 26 - 28, 2002 | Yet Another Perl Conference(YAPC 2002) | (Washington University)Saint Louis, Missouri |
| June 26 - 28, 2002 | European Python and Zope Conference(EuroPython 2002) | (Charleroi Espace Meeting Européen)Charleroi, Belgium |
| June 26 - 29, 2002 | Ottawa Linux Symposium(OLS) | Ottawa, Canada |
| June 27 - 28, 2002 | European Tcl/Tk User Meeting | (Siemens Trainings Center)Munich, Germany |
| July 4 - 7, 2002 | UKUUG Linux Developers' Conference | (University of Bristol)Bristol, UK |
| July 5 - 7, 2002 | Debconf 2 | (York University)Toronto, Ontario |
| July 18 - 20, 2002 | Boston GNOME Summit | Boston, Mass. |
| July 22 - 26, 2002 | O'Reilly Open Source Convention | (Sheraton San Diego Hotel and Marina)San Diego, California |
| August 1 - 2, 2002 | 3rd annual Bioinformatics Open Source Conference(BOSC 2002) | Edmonton, Canada |
| August 2 - 4, 2002 | Defcon | (Alexis Park Hotel and Resort)Las Vegas, Nevada |
| August 5 - 9, 2002 | 11th USENIX Security Symposium | San Francisco, CA, USA |
| August 6 - 9, 2002 | CERT Conference 2002 | Omaha, Nebraska, USA |
| August 12 - 15, 2002 | Linux World Conference & Expo | (Moscone Center)San Francisco, California |
Software announcements
PostNuke mourns loss of Lead Developer
"Greg Allan a.k.a. Adam_Baum, the lead core developer and one of the four founding members of the PostNuke CMS Development Project passed away from injuries sustained in a motorcycle accident."
This week's software announcements
Here are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
- Sorted by section,
- Sorted by license.
Miscellaneous
Win Free Training with Damian Conway (use Perl)
According to Use Perl, Consultix will hold a raffle to raise money for the Perl Foundation, winners will receive free seats at Damian Conway's seminars in Seattle this July.Cyberspace Policy Institute accepts Alexis de Tocqueville challenge
Tony Stanco has written in to LWN, saying, "The Cyberspace Policy Institute accepts the Alexis de Tocqueville Institute challenge to debate the merits of Open Source Software. The debate can be part of the CPI/World Bank's International Open Source in Government Symposium in Washington, D.C. on October 17-18, 2002. More details at the CPI site on this link."
Glen Burnie Linux User Group Forming
Linux Orbit is sponsoring the Glen Burnie Linux User Group. "If Linux is to experience an explosion of popularity, then an explosion of 'grass-roots' advocacy must precede it. This advocacy includes community activities designed to aid in recruitment, fundraising and establishing a local identity for Linux. Growing the Linux user base in the LUG area should take precedence over all other objectives."
Page editor: Forrest Cook
Letters to the editor
PostgreSQL and relational.
| From: | Lamar Owen <lamar.owen@wgcr.org> | |
| To: | lgcdutra@terra.com.br, letters@lwn.net | |
| Subject: | PostgreSQL and relational. | |
| Date: | Thu, 13 Jun 2002 23:40:22 -0400 |
In reference to your e-mail on the subject of PostgreSQL not being relational,
would you mind specifying exactly which of E F Codd's 12 rules of the
relational model PostgreSQL breaks? Using SQL as the language to access a
RDBMS does not invalid the relational model used by that RDBMS. Show me the
rule(s) broken specifically by PostgreSQL itself, not by SQL in general.
PostgreSQL meets the qualifications for a relational system as defined by E F
Codd and C J Date. Having read Date's work, I find it amusing that you would
quote from a site which prominently features C J Date as a contributor.
You need to take MySQL to task for truly not being relational according to
Codd's 12 rules. :-)
--
Lamar Owen
WGCR Internet Radio
1 Peter 4:11
Re: PostgreSQL and relational.
| From: | <lgcdutra@terra.com.br> | |
| To: | Lamar Owen <lamar.owen@wgcr.org> | |
| Subject: | Re: PostgreSQL and relational. | |
| Date: | Wed, 19 Jun 2002 19:58:31 +0200 | |
| Cc:: | LWN Editor <letters@lwn.net>, Bryan Henderson <bryanh@giraffe-data.com>, DBDebunk Editorl <editor@dbdebunk.com> |
Lamar Owen escreveu:
> In reference to your e-mail on the subject of PostgreSQL not being
> relational, would you mind specifying exactly which of E F Codd's 12
> rules of the relational model PostgreSQL breaks?
EF Codd's 12 rules aren't all that is to the relational
model. In fact, he expanded these 12 to 40 rules in his 1.990 book
_The_Relational_Model_for_Database_Management.
But furthermore, if you care to read Christopher J Date's
1.999 _An_Introduction_to_Database_Systems_ you will see that the
relational model comprises some basic elements and some principles.
The basic element is the domain, or data type. PostgreSQL
does not really enforces domains because it accepts NULL, which by
definition is not part of any domain. Thus the triplet domain, name
and value called attribute breaks down, and so the tuple -- because it
represents a proposition, and a proposition with missing information
is another proposition, not the one declared in the relation's header
--, and so also the relation breaks down.
Furthermore, the relation is a set, not a bag. A bag
accepts duplicates, but not a relation. So because PostgreSQL does
not enforce the necessity of declaring a candidate key for each and
every table, its tables are not necessarily relations, but quite
possibly and commonly bags of not tuples as shown above, but simply
rows.
Also, the first principle is The Information Principle, where
all the database must be represented by data. Object IDs violate
this, with serious consequences about data independence, which by the
way is necessary to another relational model sine qua non, namely the
separation between user, logical and physical schemas. Also not
properly supported by PostgreSQL.
> Using SQL as the language to access a RDBMS does not invalid the
> relational model used by that RDBMS. Show me the rule(s) broken
> specifically by PostgreSQL itself, not by SQL in general.
I am not so familiar with the PostgreSQL dialect, but for what
I've seen it does little to nothing to address SQL shortcomings that
disqualify it as an implementation of the relational model.
> PostgreSQL meets the qualifications for a relational system as
> defined by E F Codd and C J Date. Having read Date's work, I find
> it amusing that you would quote from a site which prominently
> features C J Date as a contributor.
Perhaps you should read Date more carefully. When he writes
about SQL, he can barely disguise the sarcasm.
> You need to take MySQL to task for truly not being relational
according to
> Codd's 12 rules. :-)
Believe me, I do take MySQL to task, it isn't even up to SQL
level.
But I do think SQL itself is to blame, so until
someone creates a D interface as defined by Date and Darwen to
PostgreSQL or some other DBMS, we're stuck hopelessly behind the
times, more precisely 30 years late as measured by Codd's work
publications.
To be precise, there is an implementation of a valid D, but
it's unfortunately proprietary & expensive:
http://www.alphora.com/tiern.asp?ID=DATAPHOR.
--
_
/ \ Leandro Guimarães Faria Corsetti Dutra +41 (21) 216 15 93
\ / http://homepage.mac.com./leandrod/ fax +41 (21) 216 19 04
X http://tutoriald.sf.net./ Orange Communications CH
/ \ ASCII Ribbon Campaign against HTML email +41 (21) 216 15 93
Lindows and the sources
| From: | Leon Brooks <leon@cyberknights.com.au> | |
| To: | webmaster@lindows.com | |
| Subject: | Lindows and the sources | |
| Date: | Wed, 19 Jun 2002 23:20:49 +0800 | |
| Cc:: | abuse@lindows.com, postmaster@lindows.com, letters@lwn.net |
>From
http://help.lindows.com/cgi-bin/visitors.cfg/php/enduser/std_adp.php?p_faqid=23
> Lindows.com respects all applicable licensing and is proud to be
> a strong supporter of the Open Source community
...linking to http://www.lindows.com/lindows_products_license.php
> Such software programs may be licensed (or sublicensed) to the user
> under the GNU General Public License and other similar open source
> license agreements which, among other rights, permit the user to
> copy, modify and redistribute certain programs, or portions thereof,
> and have access to the source code.
> You may find the licenses and source code to these open source
> third-party programs here:
> http://www.debian.org
> http://www.kde.org
> http://www.winehq.com
> Lindows.com is pleased to be a proud supporter of these initiatives
> through conference sponsorships, financial support, and code
> development. All code changes made by Lindows.com to the above
> products are sent back to these organizations and/or will be made
> available for download here. (Keep in mind that LindowsOS hasn't
> even released a Beta version of LindowsOS, so the source code is
> very unstable and changing continually.)
1. WalMart is shipping LindowsOS on its PCs.
2. According to the GPL, Lindows _itself_ is responsible for
distributing the source for any binaries it distributes, _not_
the organisations Lindows link to.
3. There is no provision for source _following_ binaries: in order
for binaries derived from GPLed programs to be distributed,
Lindows must make the source available _before_ or _with_
the binaries.
4. There are no exceptions in the GPL for `unstable and changing'.
5. The sources at http://net2.com/lindows/source/ do not appear to
be complete, in particular most of the leaves on this directory
tree contain only package descriptions and do not appear to
reflect any substantial changes that Lindows may have made.
6. Other GPL distributors, notably the easy-to-use Mandrake corporate
and purist not-for-profit Debian organisation, have no trouble
making sources available with or before binaries.
Please explain.
--
CyberKnights Modern tools, traditional dedication.
+61-409-655-359 http://www.cyberknights.com.au/
linux.conf.au 2003 The Australian Linux Technical Conference
http://conf.linux.org.au/ 22-25 January 2003 in Perth, Western Australia
Page editor: Jonathan Corbet