LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for June 19, 2003Software patents in EuropeEuropeans, like citizens of much of the "free world," have a certain tendency toward smugness when software patents are discussed. Software patents, after all, are an American problem. Unfortunately, the U.S. is quite good at exporting its problems. Software patents in Europe took another step toward reality this week when the Legal Affairs Committee of the European Parliament voted in favor of an EU-wide software patent scheme. The 20-8 committee vote adopted the proposed directive, as written by the European Commission, almost without changes.The proposal is said to be more restrictive than the American version of software patents. Patentable technologies would have to be useful in a particular setting and application; simply having a program is not enough. And business models still would not be subject to patents. But the proposed directive is still enough to raise widespread concern throughout Europe. The Greens were quite clear on what they think:
The Legal Affairs Committee of the European Parliament today
adopted a report that allows for the unlimited patenting of
software which will, in one swoop, entrench the market dominance of
multinational companies, force small software firms out of business
and bring to an end the European free software movement.
There is also this release from the Foundation for a Free Information Infrastructure, which contains quotes from a number of European business figures. The sad truth is that software patents have done great harm in the U.S., and they are unlikely to be more beneficial in Europe. This is one import the EU could do without.
All SCO, all the timeOne of these days we'll manage to keep SCO off the front page. Not this week. The next two articles cover a couple of important issues in this whole mess - the breathtaking scope of SCO's claims and a look inside the company as revealed in its latest 10Q filing. Both articles, we think, give some insight into just what the Linux community is up against.During the last week the read-copy-update (RCU) technology has been singled out as one of IBM's contributions that SCO objects to. We ran an article looking into the origins of RCU and concluding that SCO had nothing to do with the creation of RCU. The article is a bit dated (already) but it still gives an overview of the RCU situation; a number of the reader comments are well worth reading too. In the end, however, origins matter little; SCO believes it owns everything that was ever part of a Unix system. The company has filed a new version of its complaint against IBM, upping the damages demanded and changing many points. See this LWN article for a brief summary, a pointer to the document, and numerous comments. Finally, should all this not be enough on SCO, the SCOvsIBM Wiki maintained by Karsten Self is exhaustive and exhausting.
SCO owns the World?According to some opponents of free software, users of that software are taking grave risks. The GPL, it is said, is "viral" and can cause the loss of a company's intellectual property. And free software users are exposed to the possibility that somebody, somewhere, may have incorporated tainted code, exposing users and distributors to unexpected liabilities. The solution to these problems, of course, is to simply stick with safe, licensed, proprietary software. It costs, and you sign away a lot of rights, but the warm, fuzzy feeling that comes from signing that license agreement is worth it.Except it's increasingly clear that things are not that way. We all owe SCO a debt of gratitude for showing us how unsafe proprietary software can be. That company is using proprietary licensing to press a truly staggering set of claims over the work of others and power to disrupt organizations worldwide. Consider first the issue of intellectual property. SCO CEO Darl McBride recently gave an interview which provided a clear picture of how he sees the ownership of proprietary Unix systems:
Where people get a little confused is when they think of SCO Unix
as just the Unix that runs the cash register at McDonalds. We think
of this as a tree. We have the tree trunk, with Unix System 5
running right down the middle of the trunk. That is our core
ownership position on Unix.
Off the tree trunk, you have a number of branches, and these are the various flavors of Unix. HP-UX, IBM's AIX, Sun Solaris, Fujitsu, NEC--there are a number of flavors out there. SCO has a couple of flavors, too, called OpenServer and UnixWare. But don't confuse the branches with the trunk. The System 5 source code, that is really the area that gives us incredible rights, because it includes the control rights on the derivative works that branch off from that trunk. These "control rights" are at the core of the IBM lawsuit. SCO is claiming that any work any vendor has ever put into a Unix system is subject to SCO's control. Chris Sontag, the head of SCOsource, is even more direct:
We believe that UNIX System V provided the basic building blocks
for all subsequent computer operating systems, and that they all
tend to be derived from UNIX System V (and therefore are claimed as
SCO's intellectual property).
SCO, it would seem, owns everything. Compared to that claim, the allegedly "viral" nature of the GPL (if you distribute something derived from a GPL-licensed product, the derived product must also be licensed under the GPL) seems weak indeed. SCO is laying claim to decades of work done by dozens of proprietary Unix vendors, and that's just the starting point. Does this claim have any basis in reality? SCO has posted the relevant agreements on its IBM lawsuit page, so this sort of thing can be checked - at least, for the IBM case. The basic software agreement ("Exhibit A") states (in section 2.01):
Such right to use includes the right to modify such SOFTWARE
PRODUCT and to prepare derivative works based on such SOFTWARE
PRODUCT, provided the resulting materials are treated hereunder as
part of the original SOFTWARE PRODUCT.
Since the agreement on the original "SOFTWARE PRODUCT" includes prohibitions on disclosure, this language would seem to back up SCO's claim. Thus, technologies like read-copy-update, which were never part of any SCO product, could be said to come under this agreement and be prohibited from disclosure. In fact, the language could even be read to transfer ownership of any modifications to SCO, except that IBM caught that and forced a change ("Exhibit C"):
Regarding section 2.01, we agree that modifications and derivative
works prepared by or for you are owned by you. However, ownership
of any portion or portions of SOFTWARE PRODUCTS included in any
such modification or derivative work remains with us.
So IBM owns its changes. But the company might have signed away its right to disclose its changes to others or deploy them in other contexts. Other vendors with less-aware lawyers may well have signed away all ownership to their Unix work. So much for the safety of intellectual property in the proprietary environment. Of course, all this is IBM's problem. As SCO and others have stated, customers are better off with licensed, proprietary software, since it is warranted against intellectual property problems. Sun Microsystems plans to press this point to its advantage. The only problem is that, once again, SCO has shown us that this statement is not true. SCO is attempting to revoke IBM's license to distribute AIX. This move does not just affect IBM; consider this quote from Chris Sontag, the head of SCOsource:
SCO said that the termination of the AIX license means that all IBM
Unix customers also have no license to use the software. "This
termination not only applies to new business by IBM, but also
existing copies of AIX that are installed at all customer
sites. All of it has to be destroyed," Sontag said.
All of those AIX customers did exactly what they are supposed to do: they signed a proprietary license, paid their fees, and went off with the idea that they had bought the right to use the system on their machines. Now it appears that Unix users, at SCO's whim, can be deprived of the software upon which they have built their businesses. Proprietary Unix, it would seem, is a foundation built upon sand. Given that Microsoft felt the need to buy a Unix license from SCO, it is not clear that Windows users are in any better shape. One might assume that SCO would not try to pull the plug on Windows, but the possibility exists regardless. We look forward to the forthcoming warning from the Gartner Group. SCO's actions have pointed out the very real possibility for trouble resulting from the incorporation of proprietary code into a free product. This is an issue that should probably be taken more seriously throughout the free software community in the future. But SCO has also made it painfully clear that the proprietary world, too, has its traps, and those traps are at least as frightening as any faced by free software users. Taken to their extreme, the proprietary rights claimed by SCO give that company ownership and control over most computing systems on the planet. It is a frightening thing to contemplate.
SCO's quarterly reportSCO's Form 10-Q filing, summarizing the company's operations for the quarter ending April 30, is now available. These reports always have some interesting tidbits for those who are patient enough to wade through them, and SCO's is no exception.SCO claims a profit of $4.5 million for the quarter - the first in the company's history. (Bear in mind that "the company" is the one formerly known as Caldera). Based on that figure, SCO management has made much noise about how strong SCO is. A look at the figures tells a different story. Products revenue was $11 million - down 12% from one year ago. Services revenue was $2 million, down 30% from one year ago. SCO would have racked up a significant loss in this quarter if it weren't for SCOsource, which brought in $8.3 million. Even after they spent over $2 million in legal expenses and such, that money was enough to put SCO into a position of profit for the quarter. That makes for a nice one-time bottom line, but, as SCO says, "SCOsource licensing revenue is unlikely to produce stable, predictable revenue for the foreseeable future." SCOsource, so far, has exactly two customers. They won't tell us who the first is, saying only:
The first of these licenses was with a long-time licensee of the
UNIX source code which is a major participant in the UNIX industry
and was a 'clean-up' license to cover items that were outside the
scope of the initial license.
The second licensee, of course, is Microsoft. We don't know how much each one spent, only that the two add up to $8.3 million. There are hints of some interesting stuff going on with regard to the sale of these licenses. Consider:
During the quarter ended April 30, 2003, the Company issued a
warrant to a SCOsource licensee. The warrant allows the licensee
to acquire 210,000 shares of the Company's common stock at
an exercise price of $1.83 per share for a term of five years from
the date of grant. Because the warrant was issued for no
consideration to the SCOsource licensee, the Company has recorded
the fair value of the warrant of $500,000, as determined using the
Black-Scholes option-pricing model, as a warrant outstanding during
the quarter ended April 30, 2003 and reduced license revenue
accordingly.
Of course, at today's price for SCO stock, that warrant can be exercised (if the holder moves quickly) for a $1.8 million overnight profit. That, one might suppose, will take a bit of the sting out of paying for a license from SCO. The filing does not say which licensee got this little added gift ("for no consideration") or why, but the wording suggests the lucky recipient was the "long-time licensee," not Microsoft. The story with Vista.com (covered in the June 12 Weekly Edition) gets more interesting as well. There, Vista founder got 800,000 shares (now going on the market) in exchange for a $1 million note payable by Vista. Vista, however, is in default on some of its other loans from SCO - but was given more money in April anyway. There is no real explanation of why SCO is supporting Vista (and its founder) in this way. SCO claims to have $10 million in the bank, and another $15 million in various assets. $1 million of that is the dubious note from Vista. In the absence of new investments or SCOsource deals, the company may well burn through that cash pile in two years or less. Participants in the recent rally in SCO's stock price may yet find a reason to wish they had missed out.
Java and Open Source[This article was contributed by Joe 'Zonker' Brockmeier] The JavaOne conference was held last week in San Francisco, and as usual there was a barrage of announcements from Sun about new Java-related initiatives and technologies, some of them actually of interest to the Linux and Open Source communities. One of the big announcements was the launch of Java.net, a cooperative effort with O'Reilly and CollabNet. Java.net seems to be Sun's answer to SourceForge, an Open Source development site but with a specialization in Java and Java-related technologies. The site will include hosting of projects, mailing lists, forums, wikis and blogs (presumably about Java or related technologies). Right now Java.net only boasts a few projects: JXTA, NetBeans, the Javapedia, JAIN and so on. The NetBeans team announced the NetBeans 3.5 release, including the NetBeans IDE, last week as well. The NetBeans IDE is written, not surprisingly, in Java, so you should be able to run it on Linux or any other platform with decent Java support. However, the NetBeans IDE is not limited to Java development -- it supports C, C++, XML and HTML as well as Java. NetBeans has been available under an Open Source license, the Sun Public License, for three years now. Sun also announced the Sun ONE Studio 5 IDE, which is based on the NetBeans Platform. This one isn't Open Source, but it does run on Linux and may be of interest to J2SE (Java 2 Standard Edition) and J2EE (Java 2 Enterprise Edition) developers. Another interesting tidbit announced during the JavaOne timeframe is the Scripting Java Specification Request (JSR), a plan to help scripting languages like PHP and Java interact. Specifically, it's aimed at writing Java classes that can be invoked by a page using PHP, ECMAScript or other scripting languages that are in wide usage. The Scripting JSR seems to be in a formative stage at the moment, but it should be interesting to see what the group comes up with in the long term. The initial members of the group are Sun, Macromedia, Zend and Oracle. Open Source gamers might be pleased to learn that Sun has diverted work on some gaming APIs from the Java Community Process to Java.net as well. However, this probably has more to do with the fact that Sun doesn't see much profitability in gaming APIs for Java than any major commitment to the Open Source philosophy. Sun also touted a "simplified" Java Research License (JRL). The JRL is supposed to "simplify and relax" the research section of Sun's Sun Community Source License (SCSL). This allows some limited development for research and development, but anyone hoping to distribute a project will have to go to Sun for a commercial agreement and meet Java compatibility requirements. In other words, it still is not a free license. What are the prospects of Sun making Java itself Open Source? It's probably not going to happen anytime soon, but there are folks at Sun who'd are in favor of making Java, or parts of it, Open Source. James Gosling, the guy responsible for Java, is in favor of releasing Java according to this Computerworld article:
Oh, yeah. I've always felt that sort of in the abstract, open-source is
the right thing to do for a lot of the kinds of things that we do. There
are a variety of issues that make it a very complex discussion as to
whether it actually works as a business.
Slowly but surely, Sun seems to be moving towards a more open stance with Java, but the company is still retaining very tight control on the core Java technologies.
Security Brief items Some goodies from OpenWallSolar Designer has sent out an announcement of a new set of security-oriented releases from OpenWall. These components are, of course, integrated into Openwall Linux, but they are available separately for integration into other distributions as well.Here's what's available:
These tools and patches can be used as components in a more secure Linux system, and that can only be a good thing.
June CRYPTO-GRAM newsletterBruce Schneier's CRYPTO-GRAM newsletter for June is out; it looks at cyberterrorism, teaching virus writing, attacking virtual machines with memory errors, and fun with expired domains (beyond the usual trick of pointing them at porn sites): "Step 1: Buy an expired domain. Step 2: Watch all the spam come in, and figure out what e-mail accounts were active for that domain's previous owner. Step 3: Go to an account-based site -- eBay, Amazon, etc. -- and request that the password be sent to those accounts. If the people with those accounts didn't bother to change their e-mail address when the domain expired, you can collect their passwords."
New vulnerabilities BitchX: Denial of service vulnerability
ethereal: buffer and integer overflows
gnocatan: buffer overflows, denial of service
lyskom-server: denial of service
man: format string exploit
mikmod: buffer overflow
noweb: insecure temporary files
radiusd-cistron: possible remote system compromise
webmin: session ID spoofing
Xpdf - command execution vulnerability
Updated vulnerabilities Apache 2 - denial of service
atftp: buffer overflow
bind buffer overflow vulnerability in DNS resolver libraries
Canna server: exploitable buffer overrun
CUPS: vulnerability in the CUPS IPP implementation
eterm: buffer overflow
ethereal - format string vulnerability
Filename disclosure vulnerability in fam
fetchmail: buffer overflow
ghostscript: command execution vulnerability
Potential remote root exploit in glibc
glibc: DNS stub resolvers contain buffer overflow vulnerability
gnupg: key validation
gtkhtml: malformed messages cause crash
gzip: insecure temporary files
hanterm: two vulnerabilities in Hangul Terminal
IMP - SQL injection vulnerability
kde: arbitrary code execution
KDE: vulnerability in SSL implementation
kernel - ptrace-related vulnerability
kernel 2.4 - two new vulnerabilities
kernel-utils: setuid vulnerability
kon2: buffer overflow allows local users to obtain root privileges
kopete: vulnerabiliy in GnuPG plugin
libpng, libpng3: buffer overflow
LPRng: insecure temporary file
lynx: CRLF injection vulnerability
perl-MailTools: remote command execution
mod_php: integer overflow
Nessus NASL scripting engine security issues
nethack: buffer overflow
netscape-flash: buffer overflow
net-snmp: denial of service vulnerability
openssh: timing attack leads to information disclosure
pam_xauth: root exploit
PHP: vulnerability in mail function
PostgreSQL - more buffer overflows
Local arbitrary code execution vulnerability in Python
Multiple-use vulnerability in Safe.pm
File overwrite vulnerability in tar and unzip
Multiple vendor telnetd vulnerability
typespeed: buffer overflow
vim - modeline vulnerability
vixie-cron: Local vulnerability
wget:directory traversal bug
Wwwoffle remote privilege escalation vulnerability
XaoS: improper setuid-root execution
xinetd: Memory leak in xinetd 2.3.10
Resources Linux Advisory WatchThe June 13 Linux Advisory Watch newsletter from LinuxSecurity.com is available.
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current development kernel is 2.5.72, which was released by Linus on June 16. This relatively small patch contains an x86-64 merge, a partial reversion of the IDE taskfile switchover, a PA-RISC update, and various fixes and cleanups. The long-format changelog has the details.Linus had released the 2.5.71 ("sticky turtle") kernel only two days before. This long-awaited patch included a fair amount of driver model work, some extensive PCI bus cleanups (dealing with potential race conditions there), the big IDE changeover to taskfile I/O, a new /proc/kallsyms file, support for per-CPU variables in modules, a change the kmalloc_percpu() interface, an Atmel at76c50x wireless driver, a long-sought fix for hanging TCP sessions, an improved slab allocator which performs better in busy, multi-processor situations, some kbuild tweaks, an ALSA update, a set of hash function changes to deal with algorithmic complexity attacks, a FAT filesystem rework (if you have been waiting to be able to create FAT partitions greater than 128GB, this patch is for you), a v850 subarchitecture merge, a RAID update, the removal of the long-deprecated callout TTY device (/dev/cua) support, numerous architecture updates, and several other fixes and updates. As always, the long-format changelog has the gory details. Linus's BitKeeper tree contains an extensive ext3 and JBD rework (see below), an OProfile update, some NFS server fixes, and a few other fixes and updates. With the 2.5.72 announcement, Linus announced that he is taking a leave of absence from Transmeta to go work at the Open Source Development Lab. "Transmeta has always been very good at letting me spend even an inordinate amount of time on Linux, but as a result I've been feeling a little guilty at just how little 'real work' I got done lately. To fix that, I'll instead be working at OSDL, finally actually doing Linux as my main job." The current stable kernel is 2.4.21, released, at last, on June 13. There were no changes since -rc8. No 2.4.22 prepatches have come out yet. Marcelo's plan, at this point, is to have 2.4.22 contain an updated aic7xx driver and the current ACPI tree (both items that people had wanted in 2.4.21), along with some interactivity and memory management fixes.
Kernel development news What's needed to fix user-space device enumeration?Back in April, LWN looked at udev, a simple user-space daemon which handles the dynamic creation and removal of device nodes. Udev is an answer to devfs which uses hotplug events and sysfs to manage the device tree in user space. Things have been fairly quiet on the udev front - at least, on the public lists. That changed, however, when Steven Dake posted a patch aimed at fixing some problems he sees with how udev works. At that point, it become clear that an off-list discussion has been going on for some time.Mr. Dake has a list of four problems that he is trying to fix with his patch, which creates an event queue within the kernel and a virtual device for retrieving events from that queue. These problems are:
The posting elicited some strongly-worded responses. The general view is that the first three of the problems listed above do not actually exist. The cost of /sbin/hotplug is small relative to the cost of device probing and initialization, so, in the real world, system load and performance are not problems. Early initialization can be handled with initramfs or by reconstructing things in user space from the sysfs tree. The hotplug developers thus feel no pressure to "fix" any of those problems. Linus also chimed in with a condemnation of event daemon schemes. When the dust settled, however, the problem of event reordering remained. Device events can come quickly, and the vagaries of scheduling, page faults, etc. can cause them to be processed in an order different from that in which they were generated. Some fairly complicated schemes were presented for dealing with this problem, but they were set aside when Andrew Morton suggested the (in retrospect) obvious: add a sequence number to hotplug events. With a unique, increasing sequence number, it is simple for a user-space process to detect (and fix) misordered events. Problem solved.
Avoiding sysfs surprisesOne of the nice (and increasingly important) features of the 2.5 device model is sysfs. This virtual filesystem exports a view of the system's structure to user space; it also provides a nice control interface - and /proc replacement - by allowing attributes to be attached to sysfs entries. Sysfs is not without its traps, however, and many kernel developers are just now beginning to realize the sort of care that is necessary to avoid making mistakes.The hardware supported by Linux is increasingly dynamic; devices can appear and disappear at any time. The sysfs filesystem adjusts itself in response to hardware events by creating and removing directories associated with devices, classes, and other objects. Kernel code typically implements this functionality by allocating (and registering) device structures and other objects when a device is plugged in, and deleting those structures when the device is removed. It tends to work quite well. But consider the following possible sequence of events:
All seems well, except for the small problem of that user process. By sitting in the directory, it maintains a reference there. The open attribute file is yet another reference. If the driver has truly cleaned up and freed the devices, the user process will be holding structures with pointers into freed memory. An attempt to read the (already open) attribute file at this point is almost certain to crash the system. The above scenario is not hypothetical; a fair number of such conditions exist in the 2.5 kernel now. That is why this issue (titled "kobject refcounting") appears in the 2.6 must-fix list. It truly must be fixed. The infrastructure exists to handle these problems, but it must be used properly to be effective. The solution lies in the same place as the problem - the kobject structure. The 2.5.72 version of this structure looks like:
struct kobject {
char name[KOBJ_NAME_LEN];
atomic_t refcount;
struct list_head entry;
struct kobject *parent;
struct kset *kset;
struct kobj_type *ktype;
struct dentry *dentry;
};
Entries in sysfs are closely tied to kobjects; there is a kobject associated with each directory in the filesystem. When a process moves into a sysfs directory or opens a sysfs file, the associated kobject has its refcount field incremented. As long as the reference count is above zero, the kobject cannot be deleted. The same kobjects, of course, are embedded deeply within the structures used to represent devices and other system objects. So a nonzero reference count in a kobject means that the entire device structure (and, perhaps, the module infrastructure supporting it) is still in use. Safely putting things into sysfs is really just a matter of not deleting objects until their reference counts hits zero. Of course, that is easily said, but the current mechanism for implementing such a policy is not entirely obvious. An example might help, so we'll look at the block subsystem, which does things right. Disks, within the kernel, are represented by the gendisk structure. The function used to create a gendisk is alloc_disk(), which, after allocating and initializing a gendisk structure (which contains a kobject), executes this mysterious line of code:
kobj_set_kset_s(disk,block_subsys);
This line tweaks the kobject within disk (the gendisk structure) to make it a part of block_subsys. The block subsystem structure, in turn, contains a pointer to a kobj_type structure, which, in this case, looks like:
static struct kobj_type ktype_block = {
.release = disk_release,
.sysfs_ops = &disk_sysfs_ops,
.default_attrs = default_attrs,
};
We'll come back to this structure in a moment. For now, suffice to say that it identifies the kobject (and the gendisk structure that contains it) as something belonging to the block code, and provides some methods implementing the object's operations. The function which puts a new disk into the system is add_disk(); it creates the associated sysfs structure, and increments the disk's reference count. The disk then goes through its lifecycle, with the reference count going up and down as it is mounted and unmounted, and as its sysfs files are accessed. Should the disk disappear, the driver will do some cleanup and call del_gendisk() to return the gendisk structure to the system. del_gendisk() does not actually free the structures, however. It removes the sysfs entries and generally shuts things down; it then finishes by decrementing the reference count. That operation releases the reference which was first obtained in add_disk(). The driver also must release its own reference with put_disk(). These operations may drop the reference count to zero - if nobody else is holding a reference to the disk. But there is no way to know ahead of time. Sooner or later, however, the last reference will go away. The function which actually decrements the count (kobject_put()) tests that count for zero. If no references remain, kobject_put() will go back to the kobj_type structure associated with the kobject (the ktype_block we saw above, in the case of a gendisk) and call the release() method found there. That method, knowing that nobody is referring to the object, can actually remove it from the system. That is how sysfs objects must be managed. They must have a destructor associated with them, by way of the kobj_type structure, and that destructor must understand the higher-level objects that it is dealing with. With this mechanism in place, objects will continue to exist as long as references to them are held. Of course, things can get more complicated than that. If, for example, a module adds attributes to sysfs entries, that module cannot be removed until it is certain that all of the relevant references have gone away. It gets even worse if kernel code tries to attach attributes to objects which it does not own; in that case it can be very hard to get everything right. It may eventually prove necessary to rework some of the sysfs interfaces to make it easier to avoid mistakes, but that seems unlikely for 2.5 at this point. In the mean time, connecting the pieces together correctly can be an intimidating task the first time around, but the alternative is to put denial of service vulnerabilities into the kernel.
Big changes to ext3 and journalingThe ext3 filesystem is, for many, the standard journaling filesystem for the Linux kernel. So it has been somewhat embarrassing that ext3 still uses a number of deprecated interfaces, including the big kernel lock and sleep_on(). The big kernel lock (BKL) is a holdover from the initial Linux symmetric multiprocessing implementation, when it was not safe for more than one processor to run in the kernel at the same time. Its presence in ext3 is not just considered archaic and inelegant; it is also a serious performance constraint on larger SMP systems.As of 2.5.73, the BKL has been abolished from ext3, thanks to a lengthy series of patches by Andrew Morton and Alex Tomas. These patches never did show up on linux-kernel, but they have been part of the -mm kernel tree for some time. Says Andrew:
My gut feeling is that there should be one, maybe two bugs left in
it, but no problems have been discovered...
So, as with all development kernels, a bit of caution is called for. Removing the BKL from ext3 was actually a simple thing to do. That filesystem, itself, had no need for the BKL - it is the generic journaled block device (JBD) layer that required that protection. So the first step was to push the BKL down a layer, and ext3 was BKL-free. Of course, that didn't solve the real problem, but it was a start. While ext3 was being worked on, a few other patches went in:
With ext3 done, it was time to fix up the JBD layer. This job was not done halfway - a lengthy series of patches adds several locks and a whole, complicated, fine-grained scheme. Each transaction gets two separate locks (t_handle_lock and t_jcb_lock) controlling access to various data structures. There is another set for the journal: j_state_lock for scalar state information, j_list_lock for lists and buffers, and j_revoke_lock for the list of revoked blocks. Two more locks protect aspects of the buffer head/journal head combination. And, of course, there is a whole set of ordering rules to control which locks must be taken before which others. Believe it or not, there is even a certain amount of documentation in the code comments describing which locks protect which data structures. The whole body of work clearly needs wider testing (and benchmarking), so it's probably a good time for it to go into the mainline kernel. Hopefully there won't be too many surprises lurking for the unwary (or unbacked-up). As this work stabilizes, however, another big item can be scratched off the "must-fix" list.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Networking
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Midori Linux Expands into Asia[This article was contributed by Ladislav Bodnar] An unfortunate side effect of the current media frenzy over a certain legal battle is that many interesting development projects get less exposure in the media or get buried in between more "exciting" headlines. Fortunately, there is little doubt that Linux software development continues unabated, despite all the ill-founded attempts to discredit it. Last week's announcement by Transmeta Corporation about an agreement to allow Chinese 2000 Holdings Ltd. to develop and market Midori Linux in Asia might have been one of such missed press releases. But what exactly is Midori Linux and how significant is this announcement?Midori Linux is a Linux-based distribution for small and embedded devices. The name stands for "green" in Japanese, which becomes rather apparent if you visit the project's home page. Little was known about the beginnings of the Midori project before it was been open sourced and released under GPL in March 2001. However, interest by the open source community in further developing the distribution has been limited and the project appeared to be on its way to extinction after the last release of Midori Linux, version 1.0.0-beta3, nearly 2 years ago. The announcement about the Asian involvement in the project is Transmeta's latest attempt at reviving Midori Linux. Who is Chinese 2000 Holdings? An investigation on the Hong Kong-based company's background reveals some interesting facts. The company was initiated by one Henry Chu (Chu Bang-fu), a name that is unlikely to ring any bells in the minds of most Western readers, but Mr. Chu is a household name in Taiwan and other parts of the Chinese-speaking world. In fact, he is often credited with initiating the Chinese computer revolution by inventing in 1980 a Chinese input method for computers called "Cang Jie". The Cang Jie input enables users to enter Chinese characters based on the character's shape and structural appearance, rather than its pronunciation. This method greatly reduces the number of key strokes required for inputting Chinese and eliminates common typing errors. While many newer input methods, many of them commercial, were invented in later years, Cang Jie still remains a popular input method of professional typists in Taiwan and Hong Kong. Instead of demanding royalties and enforcing rights, Mr. Chu released his invention into the public domain to be shared without any strings attached. It therefore comes as no surprise that the company Mr. Chu later founded embraced Linux wholeheartedly as a platform for further development. The current range of products developed by Chinese 2000 Holdings include a desktop Linux distribution called Chinese 2000 and various Linux-based electronic devices such as their e-book reader. This brings us back to Midori Linux and Transmeta's interest to get a foot into the Asian market for embedded devices. While the adoption of embedded devices has been slow in North America and Europe (even the sales of PDAs have reportedly been dropping), Asian consumers appear to be more receptive to these new technologies. More importantly, development of embedded Linux is well advanced in Asia and there are companies in Korea, Taiwan and Japan with many years of experience modifying the Linux Kernel for specialist needs. Korea's Hancom Linux is a prime example; all the latest Linux-based Sharp Zaurus PDAs ship with a modified version of Hancom Office for Zaurus. Many US-based corporations specializing in embedded devices have also been keen on establishing active presence in Asia. MontaVista opened an office in Taiwan in October last year, while RedSonic has set up a substantial network of development offices and distribution partners throughout Taiwan, China, Korea and Japan. If anything, Transmeta's Midori is rather late for the embedded Linux party. But has the party really started? If it has, it is confined to less visible and specialist applications, perhaps in car manufacturing or medicine, but embedded Linux certainly hasn't had much of an impact on the consumer market. Taiwan's Computex is a good indication of what the Asian hardware manufacturers are up to and the increasing number of e-books, tablet PCs and Internet-enabled mobile telephones over the last two years seem to indicate that these devices are here to stay. Yet, seeing a morning commuter taking out an electronic reading device, instead of a newspaper remains an elusive dream. Take into the account that these types of devices are often expensive, prone to damage, lack common standards and provide limited availability of reading material and it is easy to see why consumers have yet to find compelling reasons to embrace them. Few will doubt that Linux is an excellent choice for small and embedded electronic devices, capable of providing solutions for specialist needs. But a large scale consumer adoption of electronic devices that many have predicted has yet to happen. Nevertheless, work continues and Midori's latest expansion to Asia is a proof that this field is far from dead.
Distribution News New mailing list for maintainers of university LinuxBelow is a letter from Seth Vidal, at Duke University, who points out that many universities have customized distributions based on Red Hat Linux, Duke included. This mailing list has been set up to facilitate discussion on supporting these systems past Red Hat's end-of-life dates.
Debian GNU/LinuxThis week's edition of the Debian Weekly News is out, with a look at a survey which demonstrates a high level of interest in PCs preloaded with GNU/Linux across the world; the story of Tux; and much more.Debian Planet has announced the creation of a Debian 10th birthday party coordination page. Debian turns ten on August 16, 2003.
Gentoo Weekly Newletter -- Volume 2, Issue 24The Gentoo Weekly Newsletter for June 16, 2003 is out. This week's edition looks at Gentoo Linux Enhancement Proposals and a new home for bugs.gentoo.org, plus user stories, Gentoo Linux in production environments, and more.
Mandrake LinuxThe Mandrake Linux Community Newsletter for June 5, 2003 is out. In this issue: Mandrake in the News -- TweakHound.com, LinuxWorld.com; BizCase of the Week -- Multimedia: Ambitone Oy; Quick Tips -- Mandrake Community TWiki, Easy URPMI Setup; Software Updates -- sb, mozilla, gnupg, more; Headlines from MandrakeClub.com -- Write better PHP code, 101 modules for Advanced Extranet server.MandrakeSoft has announced the immediate availability of The Definitive Guide to Using Mandrake Linux, 2nd Edition which has been thoroughly updated and expanded to cover the recently released Mandrake Linux 9.1. Here's a bug advisory for qt3, which would cause a crash when XFree86 did not support render.
Slackware LinuxSlackware Linux has some new changes in the slackware-current changelog, including upgrades to Linux kernel 2.4.21.
Integrate Lindows into your Windows networkZDNet picks up an article on easing Lindows OS into an existing network. "When the Lindows OS developers were working with version 1.0 and readying version 2.0, I was extremely skeptical as to whether or not this operating system would find its way into the enterprise. With the release of Lindows OS 3.0, I think they've got a potential winner on their hands as long as it is approached with an open mind. Let's take a look at how you can slowly introduce this Linux-based operating system into your Windows environment without having a major upheaval of your existing infrastructure." (Thanks to Con Zymaris)
New Distributions AlcolixAlcolix is a minimal Linux rescue distribution with the goals of being small, compatible, and very usable. It has a cozy shell and a multitude of partition rescue/editing tools, all based on up-to-date releases (e.g., 2.4.x kernel with USB support). It uses cpio.bz2 data disks and has a full GRUB bootloader, memtest86, and more. Version 2.4.20 BETA3 was released June 16, 2003.
CERN LinuxCERN Linux is based on Red Hat Linux, with modifications to the kernel (to better support their hardware) and with additional software for High Energy Physics (HEP). It is used mostly at CERN and a few of the smaller HEP institutes worldwide, running on farm machines, servers, desktops and embedded PCs.
free-EOSfree-EOS is a French distribution with the aim of being incredibly easy to set up and get a set of services running. Version 1.1 was released June 14, 2003.
Linux4GeeksLinux4Geeks is a collection of GNU-software, several programs and the Linux-kernel. If you want a fast and stable system - this distribution is the right for you! But if you are looking for an easy-to-use operating system - go and get another distribution! Linux4Geeks is based on Linux from Scratch. So if you don't want to compile all needed packages by yourself you can easily take this distribution and start to integrate your needed programs. By the way: To install Linux4Geeks you need a working installation of Linux to make your Linux4Geeks bootable. Version 0.01 was released June 11, 2003.
Minor distribution updates AdamantixAdamantix (formerly known as TrustedDebian) has released v1.0.1 with minor feature enhancements. "Changes: In this version all packages are GPG signed, there are random PIDs, the kernel is compiled with SSP, several packages have been fixed, there are several security updates, the PaX functionality test suite was added, PaX, RSBAC, and SSP were updated, and several kernel fixes (mostly security related) were added."
Astaro Security LinuxAstaro Security Linux has released v4.008 with major feature enhancements. "Changes: This ISO adds support for AMD K6, Intel P1, and VIA C3 CPUs, as well as modern boards with dual CPU support and interrupt controller programming (APIC). It also updates all occurrences of glibc (security fix). The new Linux kernel includes the security routing-cache-hash and TCP/IP fragment reassembly handling patch, the TTY expolit patch, an ext3 bugfix, new modules for PPTP, drivers for NICs, support for the Toshiba LCD, and support for Compaq SmartArray 5 and Adaptec I2O RAID. A new exim (SMTP-Proxy) is included for a small AV interaction bugfix."
FreepiaFreepia has released v0.3.6 with major feature enhancements. "Changes: This release supports 5.1 surround sound over S/PDIF (coax). A new graphics driver brings better performance. There is dhcpclient support and smbclient support. Partitions are now autodetected. USB storage supporthas been added to store configuration on USB devices. Kernel 2.4.21-rc2 is now used. rootfs has been shrunken. There is cramfs support for packages, a US keyboard layout, and many bugfixes."
MoviXMoviX has released v0.8.0rc1 with major feature enhancements. "Changes: The DVD interface has been completed. The VCD, XCD, and AudioCD interfaces were implemented. APIC kernel support was added. A menu entry for filing bug reports was added. A Spanish translation was added. Linux swap partitions are now automatically activated. The DXR3 modules call was fixed, and new DXR3 menu and partitions/net volumes menus were implemented. Support for TrueType fonts and Chinese fonts was added."MoviX2 has released v0.3.0rc1 with minor bugfixes. "Changes: Bug fixes were made for the "Error while reading cmd fd 7 : Success" message, for eject, and for ISA audio cards bugs. Subtitles with True Type fonts were added. Simplified Chinese subtitle fonts were added. NVidiaTV label was added. setHardware.pl from MoviX was synchronized. The default color depth was set to 16bpp for all cards. Support for Intel video cards was fixed. Minor changes were made to input.conf and gui.conf. bugReport was improved. Support for Sony remotes was added. ACPI support was added to the kernel."
PLD RescueCDPLD RescueCD has released v1.01 with minor feature enhancements. "Changes: The kernel was updated to PLD 2.4.20-8. 235 new modules were built (USB serial, irda, mtd, ieee1394, bluetooth, pcmcia, gigabit ethernet). Framebuffer support was added. 115 packages were updated. The following programs were added: diag-ether, fbset, iptstate, mathopd, pound, progsreiserfs, trafshow, and wireless-tools."
Recovery Is Possible!Recovery Is Possible! (RIP) has released v53 with major feature enhancements. "Changes: All the software and the kernel have been updated."
Rock LinuxRock Linux has announced v2.0.0.0-beta5 with minor feature enhancements. The Desktop Rock distribution (dRock) has also released v2.0.0-beta5.
ThinStationThinStation has released v0.92 with major bugfixes. "Changes: The order of downloading thinstation-group-XXX.conf with TFTP was fixed. The XFree 4.2 cursors were tweaked. The thinstation.conf file was cleaned-up."
Distribution reviews LinuxQuestions.org Distribution review siteLinuxQuestions.org adds a Distribution Review Section to its website. Compare different distributions, read what others like (or don't like), and add comments of your own.
Page editor: Rebecca Sobol Development The Q Equational Programming LanguageThe Q Equational Programming Language is a project that is being worked on by Albert Gräf at the University of Mainz in Germany. The Q language has the following properties:
The Q language Documentation explains the language in more detail. An example Huffman encoding program shows the language in use. Version 4.3 of the Q interpreter has been released, see the NEWS document for the language change history. Recent additions to the language include new versions of Q-Audio 1.0 and Q-Midi 1.10. Q-Audio adds a language interface to the libsndfile audio libraries, and Q-Midi adds a MIDI interface to the language.
System Applications Audio Projects Planet CCRMA additionsThe latest additions to the Planet CCRMA audio utility packaging project include new versions of Jack, Rosegarden, Noteedit, MCP LADSPA Plugins, Mammut and Ceres for RedHat 8.0 and 9, Cinerella, Meterbridge, and more.
JACK 0.72.4 releasedVersion 0.72.4 of JACK, the Jack Audio Connection Kit, has been released. This version includes updated documentation, bug fixes, MacOSX support, and more.
Database Software Common Lisp PrevalenceA new project called Common Lisp Prevalence has been started. It is a lisp implementation of Object Prevalence, a scheme for performing database-like operations in system RAM. "The first public version of Common Lisp Prevalence has been released. The system is a proof of concept implementation of Object Prevalence in Common Lisp. It has been developed with OpenMCL and it is known to run also under CMUCL."
PostgreSQL Weekly NewsThe June 11, 2003 edition of the PostgreSQL Weekly News is out with the latest PostgreSQL database news. "The biggest change is that 7.4 code freeze and beta testing is being pushed back 2 weeks to account for the cvs downtime. Code freeze will now be July 1st, with beta testing starting July 15th. This should allow everyone enough time to get their patches in and get the currently submitted patches all caught up."
Education Fle3 version 1.4.3 released (ZopeMembers)Version 1.4.3 of Fle3 is available. "Version 1.4.3 of Fle3, a server software for computer supported collaborative learning (CSCL), is released. This is a bug fix release that also contains some new features (information graphs in a knowledge building, course resources) and improvements in the user interface."
Electronics gEDA changesThe latest developments from the gEDA project (GPL'd suite of Electronic Design Automation) include new versions of Icarus Verilog, gnucap, and VBS.
Printing PyKota 1.08 availableVersion 1.08 of PyKota, a print quota system, is available. "Two major bugs were fixed, first one wrt LPRng support and second one wrt increasing or decreasing a user's account balance. Some minor bugs were also fixed. Finally an LDAP schema and sample LDIF file are included, which will serve as the basis for the future LDAP storage support."
Web Site Development Preview release of JOTWeb 1.11Sean Reifschneider has released the first public version of JOTWeb. "JOTWeb is a system for developing dynamic web sites using a combination of HTML+TAL/TALES/METAL and Python, with mod_python for integrating with Apache. Benefits include good documentation, a fairly simple and intuitive design, and powerful yet easy to use session and form processing."
mnoGoSearch 3.1.21 releasedVersion 3.1.21 of the mnoGoSearch web site search engine is available. The changes are mostly related to bug-fixes.
Silva 0.9.2 beta released! (ZopeMembers)A beta release of version 0.9.2 of Silva has been announced. "Silva is a web application (Zope based) for authoring and serving publications for the web, paper, and other media. Content is stored in clean and future-proof formats, independent of layout and presentation, suitable for use in multiple contexts." The release adds a revised user interface, a new metadata architecture, indexing via the Zope catalog, better performance, and more.
Epoz 0.3.0 released (ZopeMembers)Version 0.3 of Epoz, a wysiwyg editor for Zope and Plone that works with Mozilla, is available. "Epoz is now shipped with a default toolbox for Plone. So you can insert Links and Images simply by navigating your site. With Epoz Plone becomes usable even for unexperienced users...:)"
ZODB 3.2b2 releasedVersion 3.2b2 of ZODB, the Zope Object Database, has been released. It includes performance improvements, bug fixes, a new ZEO authentication protocol, and the new ZConfig configuration language.
Zope Group Calendar 0.3 released (ZopeMembers)Version 0.3 of Zope Group Calendar, an open-source group calendar, has been released. "A new screen for changing permissions settings was added, the broken week/day view was fixed, and the calendar now shows all event-like objects that have a start and end attribute."
GuardedFile 1.1 (ZopeMembers)Version 1.1 of GuardedFile is available for Zope. "GuardedFile provides a convenient way to create Zope File objects that are accessible by proxy only."
Documentation TLDP Weekly NewsThe June 17, 2003 edition of The Linux Documentation Project weekly news is out. Topics include a history of The LDP, updated documents, and happenings in the LDP world.
Standards Faster Wireless Standard Approved (PCWorld.com)According to PCWorld, the 802.11g wireless standard has been approved. "The new standard, 802.11g, lays out the ground rules for wireless LAN gear that is capable of at least 24 megabits per second and up to 54 mbps, while remaining backward compatible with existing 802.11b gear that runs at a maximum 11 mbps. Both standards use radio spectrum in the range of 2.4 GHz. Another standard, 802.11a, defines 54 mbps gear in the 5-GHz range."
Miscellaneous FreeGIS CD 1.2.3 releasedVersion 1.2.3 of the FreeGIS CD has been released and contains a collection of mapping applications. "The CD presents a collection of GIS applications, libraries and data sets in current, stable versions. It contains e.g. GRASS, MapServer, gdal, PROJ, GLOBE and the simple viewer Thuban."
PCGen 5.1.6 is available (SourceForge)A new version of PCGen has been released. "PCGen is a Java-based RPG character generator and maintenance program that works on all platforms (Windows,Mac OS X, Linux, etc). All datafiles are ASCII so they can be modified by users, and are available through the pcgendm project. An XML conversion is underway." A number of bugs have been fixed for this release.
OptimalGrid -- autonomic computing on the Grid (IBM developerWorks)IBM's developerWorks has an article on the OptimalGrid project. "In this article, we introduce OptimalGrid, a research prototype from grid researchers at the IBM Almaden Research Center. OptimalGrid is middleware that aims to simplify creating and managing large-scale, connected, parallel grid applications. It optimizes performance and includes autonomic grid functionality. You don't need to be a grid infrastructure expert to use it. You supply the code that represents your basic problem algorithm, and OptimalGrid manages everything else -- problem partitioning, problem piece deployment, runtime management, dynamic level of parallelism, dynamic load balancing, and even system fault tolerance and recovery."
Desktop Applications Audio Applications horgand 0.92 releasedAnother new version of horgand, an organ simulator, has been released. This version adds a reverb preset, real time response for sliders and dials, bug fixes, and more.
Desktop Environments Gnome-themes-extras 0.1 released (GnomeDesktop)According to GnomeDesktop.org, the first release of Gnome-themes-extras is available. A new collection of metathemes is now available for the GNOME desktop.
KDE-CVS-DigestThe June 13, 2003 edition of the KDE-CVS-Digest is online. "We see new Kontact plugins for summary, notes and newsticker. Koffice has improved import and export filters, plus template loading from the command line. An improvement in speed for Konqueror file and image viewing. Also, KDE crash handler Dr Konqi hooks to Kdevelop for debugging. Improvements to Kdeprint, KGhostview, and user interface cleanups. And numerous bug fixes."
Preliminary KDE 3.2 Release ScheduleKDE.News mentions the publication of the preliminary KDE 3.2 release schedule. KDE developers should take a look and schedule their project releases for inclusion in KDE 3.2.
QuickRip needs you, you need QuickRipKDE.News reports on a DVD backup utility called QuickRip. "Version 0.7 has just been released, bringing the basic list of features close to completion, but we'd like to see more feature requests, bug reports (or less!) and code submissions before we hit the 1.0 milestone to make QuickRip the best DVD backup utility for KDE."
Games Civil 0.82 released (SourceForge)Version 0.82 of the game Civil has been announced. "Civil 0.82 was released today. This version includes faster LOS code, support for battles from multiple theatres and numerous bug fixes and enhancements. Civil is a turn-based strategy game about battles in the American Civil War. Features network play, fancy graphics and audio."
Graphics GIMP 1.2.5 released (GnomeDesktop)GnomeDesktop has an announcement for version 1.2.5 of the GIMP. "This is a minor bugfix release. Notably the build error in gimp-remote has been fixed."
Gmsh version 1.45 releasedVersion 1.45 of Gmsh, a three-dimensional finite element mesh generator, has been released. The changes include bug fixes, updated documentation, and more.
GUI Packages wxWindows 2.4.1 has been releasedVersion 2.4.1 of the wxWindows cross-platform GUI framework is available. "This contains bug fixes to 2.4.0, including improved behaviour on Windows XP."
Interoperability Wine Traffic #174Issue #174 of Wine Traffic is out. Topics include: SuSE Linux Office Desktop, Game Compatibility List, Direct3D To Do List, and Quartz Revisited - New Ideas.
Office Applications AbiWord Weekly NewsIssue #148 of the AbiWord Weekly News is online. "This week, you can learn how to add OTS to your applications, help us develop Windows, see what icons from Jimmac can do to the Abi-Interface and witness the miracle of OpenSource. Also, Marc is still many euros in debt, and we are still without our server."
GNUe Traffic #84Issue #84 of GNUe Traffic has the latest GNU Enterprise development news. Topics include: Designer's dependencies for Python and wxPython, Bayonne developments, New relase and Debian packaging strategy, SAP-DB and MySQL join forces?, and Arias, fork of NOLA.
Web Browsers Mozilla 1.4 Release Candidate 2 Out (MozillaZine)Mozilla 1.4 RC 2 has been announced. See the release notes for a list of changes.
Mozilla.org staff meeting minutesThe minutes from two weeks worth of Mozilla.org staff meetings are online. See the minutes from June 2, 2003 and June 9, 2003.
Mozilla.org Status UpdateThe June 13, 2003 Mozilla.org Status Update has been published. "This status update contains news on Mozilla 1.4, Mozilla Thunderbird, Mozilla Calendar, ChatZilla, Linux 1.4 branch builds compiled with GCC 3.2.3, tabbed browsing URL-remembering fixes and more."
Mozilla Independent Status ReportsThe June 15, 2003 Mozilla Independent Status Reports are out. Updates include Extension Room, CardGames, Der Tandem Browser, mozdev, Mozile, and Linky.
Miscellaneous gtranslator 0.99 out! (GnomeDesktop)According to GnomeDesktop, version 0.99 of gtranslator, a gettext po file editor, has been released. "The new gtranslator 0.99 is out which is the 1st release on the GNOME 2.x platform and features a quite usable and stable subset of the gtranslator functionality - all users and interested people in gtranslator development should try the new release!"
Hylafax 4.1.6 releasedVersion 4.1.6 of HylaFAX, a fax modem utility, has been released. "A large number of mission-critical bugs are fixed in 4.1.6. Upgrading is recommended for all users." The release also has new features and support for additional modems. New users of HylaFAX should take a look at the How-To Guide. Thanks to Jay R. Ashworth.
Languages and Tools Caml Learning OCaml, for C, C++, Perl and Java programmersRichard Jones has put together a tutorial for learning OCaml. "This is a practical, detailed tutorial for people who already know an imperative or OO-language and wish to learn OCaml."
Caml Weekly NewsThe June 10-17, 2003 edition of the Caml Weekly News is out with the latest Caml language news.
Java Cooking with JavaScript and DHTML, Part 6 (O'ReillyNet)O'Reilly has published another excerpt from the JavaScript & DHTML Cookbook. "In our sixth and final sample recipe from Danny Goodman's JavaScript & DHTML Cookbook, learn how to locate the pixel coordinates of a nonpositioned element that the browser has placed during normal page flow."
JSP Progress BarsAndrei Cioroianu shows how to code a progress bar with JSP. "Many web and enterprise applications must perform CPU-intensive operations, such as complex database queries or heavy XML processing. These tasks are handled by database systems or middleware components, but the results are presented to the user with the help of JSP. This article shows how to implement the front tier in order to improve the user experience and reduce the server load."
JavaOne 2003: Java roadmap (IBM developerWorks)Brian Goetz covers the future of Java on IBM's devloperWorks. "As with past JavaOne conferences, the opening keynote looked at the current state of Java technology and presented a roadmap for where it is going in the next year. This year, Sun VP Graham Hamilton and CTO Timothy Lindholm offered some notable changes in direction and focus for Java technology over the next twelve to eighteen months."
Perl This Week on perl5-porters (use Perl)The June 9-15, 2003 edition of This Week on perl5-porters is out. "This was a quiet week -- summer approaches -- but a few interesting points were raised. New warnings, portability points, and miscellaneous bugs are covered in this summary."
This week on Perl 6 (O'Reilly)The June 8, 2003 edition of This week on Perl 6 is out with the latest Perl 6 development news.
Perl Design Patterns (O'Reilly)Phil Crow talks about working with Design Patterns in Perl. "In 1995, Design Patterns was published, and during the intervening years, it has had a great influence on how many developers write software. In this series of articles, I present my take on how the Design Patterns book (the so-called Gang of Four book, which I will call GoF) and its philosophy applies to Perl."
PHP PHPSurveyor release 0.97 Final (SourceForge)Version 0.97 Final of PHPSurveyor is available. "PHPSurveyor, a set of PHP Scripts for developing, and publishing online surveys, makes its final 0.97 release. 0.97 concentrated on implementing templates so that users could develop their own 'look and feel' to their surveys. This release includes 3 templates. Releases with the 0.98 moniker will be aimed at implementing localisation for the public survey screens, and some additional features like date/time-stamping of survey responses and a better way of ordering pre-defined answers."
PHP Weekly SummaryThe June 16, 2003 PHP Weekly Summary has been published. Topics include: PECL migration, MySQL and OpenSSL, mysql_info() function, mysqli (PHP 5), PHP and System32 on Win32.
Python Python-dev SummaryThe Python-Dev summary for the second half of May is out; it looks at the Python 2.2.3 release, dealing with new-style classes in C, attribute lookup, and several other topics.
Dr. Dobb's Python-URL!The June 16, 2003 edition of Dr. Dobb's Python-URL! has been published with a week's worth of Python projects and news.
Daily Python-URLTake a look at the Daily Python-URL for a long list of Python language articles.
Using combinatorial functions in the itertools moduleDavid Mertz discusses combinational iterators in Python on IBM's developerWorks. "Python 2.2 introduced simple generators to the Python language and reconceived standard loops in terms of underlying iterators. With Python 2.3, generators become standard (no need for _future_), and the new module itertools is introduced to work flexibly with iterators. The itertools module is essentially a set of combinatorial higher-order functions, but ones that work with lazy iterators rather than with finite lists. In this installment, David explores the new module, and gives you a sense of the new expressive power available with combinatorial iterators."
Ruby Ruby Weekly NewsThe June 16, 2003 edition of the Ruby Weekly News is out. Threads include Description of changes between Ruby versions, High speed String concatenation, and RaaInstall in the standard Ruby distribution.
Tcl/Tk Dr. Dobb's Tcl-URL!The June 16, 2003 Dr. Dobb's Tcl-URL! has been published, take a look for the latest Tcl/Tk development news.
XML XML Data Bindings in PythonUche Ogbuji writes about XML data binding in Python on O'Reilly. "The XML community of late there has been a lot of talk that there are no really easy and efficient ways of general XML programming. Push processing has the usual rap of being too difficult. It is easy to dismiss this as a problem for amateur programmers who have not properly learned how to code state machines; but let's face it, state machines are hard to code by hand, and the community has been slow to develop more declarative and friendly tools for developing SAX processing stubs, such as LEX and YACC tools for generating parser state machines."
Shortening XSLT StylesheetsManfred Knobloch discusses XML stylesheet efficieny on O'Reilly. "XSLT is often considered to be too verbose. As stylesheet code grows, it tends to be unreadable. This is not a fate stylesheet authors have to accept. There are some strategies to keep your XSLT code short. This article proposes some ways of shorten stylesheets without loss of functionality, and throws a glance at XSLT 2.0 user defined functions."
Two modes of implementing an XML-based localization pack: embed and extend (IBM developerWorks)Bei Shu writes about XML localization techniques on IBM's developerWorks. "In this article, IBM software engineer Bei Shu shows you how to enable multiple language support in your Web applications using different XML technologies from the architect perspective. She presents two approaches to implementing XML-based localization pack managers using XPath and XSLT -- embed and extend."
IDEs KDevelop Progress: Overview of New FeaturesKDE.News covers the latest changes from the CVS version of KDevelop. "The CVS version of KDevelop (a.k.a. "Gideon") continues to improve, both stability-wise and in the feature department."
Treebeard version 0.8 released (SourceForge)SourceForge has an announcement for version 0.8 of Treebeard. "Treebeard is a cross platform XSLT IDE written in Java; it's editor allows the loading and editing of an XML document and an XSLT document at the same time. It can apply the XSLT to the XML and display the output for further editing / saving in XML, HTML or PDF. Treebeard also has a plug-able XML and XSLT parser architecture, and comes bundled with Xalan2.5 and Saxon7.5." A number of new features are included with this release.
Profilers OProfile 0.5.4 releasedVersion 0.5.4 of OProfile, a code profiler, has been released. "This a bugfix release; if you're using kernel 2.5.71 or above, upgrading is strongly recommended. A number of other fixes have also been made."
Miscellaneous The Challenges of Remote Collaboration (O'Reilly)Mark Murphy writes about some of the issues behind geographically isolated software development. "Remote software development is becoming increasingly important to major technology firms and the IT groups of other large firms. Collaborating in business settings resembles volunteer public collaboration, but it's not identical. It is up to you and your boss to help promote a development model and system that will be effective for everyone."
Page editor: Forrest Cook Linux in the news Recommended Reading SCO's IBM suit triples--seeks $3 billion (ZDNet)ZDNet discusses SCO's latest moves, which include raising the requested damages to $3 billion. "The suit also adds illegal export issues stemming from the worldwide availability of open-source software. SCO claims IBM has breached its contract by making multiprocessor operating system technology available 'for free distribution to anyone in the world,' including residents of Cuba, Iran, Syria, North Korea and Libya, countries to which the United States controls exports. The open-source technology IBM released 'can be used for encryption, scientific research and weapons research,' the suit said." The new complaint also affirms that read-copy-update is one of SCO's issues; as this LWN article from last week (still subscribers only) showed, that will be a hard one for them to prove.
Rule out Linux on the desktop until 2005, says Giga (vnunet)Vnunet covers a Giga Information Group pronouncement saying IT decision-makers should rule out Linux on the desktop until at least 2005. "'It's a high risk strategy to make any decisions based on being upset with Microsoft or wanting to give Linux a chance. This is no time for platform religion,' [analyst Rob Enderle] said."
We must protect digital intellectual property to foster innovation (ZDNet)Here's a fun column in ZDNet on the importance of intellectual property protection. "I think the open source movement does even more damage to the perceived value of bits. By advocating that all software should be basically free and that developers should work in a communal environment for everyones benefit, the open source movement greatly denigrates the publics perception of the value of digital intellectual property."
Trade Shows and Conferences Meet free software developers at LinuxTag (NewsForge)This NewsForge article looks at the projects coming to LinuxTag taking place July 10 - 13, 2003 in Karlsruhe, Germany. "LinuxTag, which is itself organised along the lines of a Free Software project, combines a free conference program lasting three entire days, a business congress aiming at professional users and enterprises, a government congress aiming at members of governmental agencies, a workshop program maintained by the attending projects and an exhibition consisting of commercial and non-commercial booths."
Roll up for LinuxUser & Developer Expo (Register)The Register heads for the LinuxUser & Developer Expo, coming to Birmingham, UK later this month. "Heavyweights in the open source community such as Alan Cox, Jon 'Maddog' Hall and Tim O'Reilly are down to present keynotes at the show, which is part of the Networks for Business 2003 conference taking place at the Birmingham NEC on June 24-26."
Companies HP sets up separate Linux unit (News.com)News.com reports that HP has set up a new Linux division. "In his new role as vice president of Linux, Martin Fink will report to both ESS boss Scott Stallard and HP's chief technology officer, Shane Robison. Fink had been a vice president in the company's Business Critical Systems unit before the last reorganization. Within the Linux organization, HP plans to add a director of marketing, director of strategy and a director of engineering, although those positions have not been formally named."
Microsoft to kill popular Linux antivirus product (ComputerWorld)ComputerWorld looks into Microsoft's latest acquisition; the RAV technology from Romania's GeCAD Software Srl. "GeCAD's RAV AntiVirus for Mail Servers supports a host of e-mail server products, including the free Sendmail, Qmail and Postfix, and is available for a variety of operating systems, including many flavors of Linux and BSD. Pricing per e-mail domain instead of per mailbox is another major draw, experts and users said." Microsoft plans to discontinue the RAV product line. (Thanks to Jay R. Ashworth)
Expect to see more Linux anti-virus products soon (NewsForge)NewsForge predicts that more anti-virus products for Linux will emerge to replace RAV, and covers the discounts and deals currently available for RAV customers. "Steven Sundermeier, Central Command product manager, says his company is not only not in danger of being bought by Microsoft, but that "Linux is an increasing part of our business. One of the niches of our business plan is the Linux market." To help grow that niche, Central Command is offering RAV users who 'upgrade' to their Vexira product between now and September 30 a 25% discount."
Red Hat Reports Q1 Revenue Of $27.2 Million (ComputerWorld)ComputerWorld reports on Red Hat's revenue for the first quarter of 2003. "In a statement issued after the close of the U.S. financial markets, the Raleigh, N.C.-based company said it had a net income of $1.5 million for the quarter that ended May 31, compared with a net loss of $273,000 in the previous quarter and a $4.6 million net loss one year ago. Red Hat reports its figures using generally accepted accounting principles." (Thanks to Jay R. Ashworth)
Will SCO's Suit Chill the Penguin? (E-Commerce Times)E-Commerce Times is running a "special report" on the SCO case. The article is most interesting in that it shows that the wider press is beginning to figure out that there are GPL issues involved in SCO's having distributed the disputed code. "'The GPL issue is something we've just recently been looking at,' SCO spokesperson Blake Stowell told the E-Commerce Times. 'It's been said that maybe we've contributed Unix source code to Linux, because SCO was formerly a distributor of Linux.' However, Stowell said, when the company discovered that its source code had been incorporated into Red Hat Linux, it stopped distributing its own version of Linux and ended any further Linux development. This move, he noted, showed that SCO was acting according to another GPL clause that could shore up its case." It's about time they started thinking about the GPL...On a similar front, NZheretic's comment to another LWN article is worth a look for those who haven't seen it; there's a great deal of detail regarding SCO's involvement in the Trillian project, which worked to bring Linux to the ia64 processor.
Did SCO open Unix source code? (ZDNet)ZDNet looks at the implications of SCO having shipped its (claimed) code under the GPL. "The issue isn't as clear-cut as either SCO or its opponents would have it, said John Ferrell, an intellectual-property attorney with Carr and Ferrell. 'If anybody tells you they have the definitive answer, they're crazy,' he said. But he'd give the edge to SCO in the situation, not because of its interpretation of the GPL, but because of a legal principle stemming from the 1887 sale of a pregnant cow in Michigan. That case established the so-called doctrine of mutual mistake, under which a contract can be nullified if two parties--in this case SCO and a company using Linux--misapprehended the true nature of what was in the contract."
SCO cancels IBM Unix license (News.com)News.com reports that SCO has dropped its bomb. "SCO said that the termination of the AIX license means that all IBM Unix customers also have no license to use the software. 'This termination not only applies to new business by IBM, but also existing copies of AIX that are installed at all customer sites. All of it has to be destroyed,' [SCOsource manager Chris] Sontag said." That should make SCO some more friends, and convince the world of the benefits of proprietary software as well.
What SCO Wants, SCO Gets (Forbes)Forbes is running an article on the litigious history of SCO, its backers, and its management. "In other words, like many religious folk, the Linux-loving crunchies in the open-source movement are a) convinced of their own righteousness, and b) sure the whole world, including judges, will agree. They should wake up. SCO may not be very good at making a profit by selling software. (Last year the company lost $24.9 million on sales of $64.2 million.) But it is very good at getting what it wants from other companies. And it has a tight circle of friends." (Thanks to "alonzo").
Linux Adoption The Brazilian Public Sector to Choose Free SoftwareThe Brazilian government is planning to migrate 80% of all state-owned computers from Windows to Linux. HispaLinux covers the announcement (in Spanish). PCLinuxOnline has a translated summary by Gonzalo Porcel. Or read the full Google translation. (Thanks to Leon Brooks)
Linux in Europe (IT-Director)IT-Director looks into Linux adoption in Europe. "Following the recent decision by the City of Munich to opt for Linux on the desktop, it is worth taking stock of the progress of Linux in government circles across Europe. This is, in my view, a determining point in the Linux story, because if European governments move to Linux in a big way, it will boost the momentum for Linux everywhere. We have thus assembled a set of press clippings which chart Linux acceptance in government."
Legal South Australia urged to drop bill on Open Source software (TheAge)TheAge reports that South Australia is getting pressure from Microsoft backed Initiative for Software Choice (ISC) over a proposed Open Source software bill. "ISC executive director Bob Kramer said in the letter: "The ISC believes that if this 'preference' legislation were to be enacted it would severely limit software choices for South Australia's government, harming not only its citizens, but also South Australia's vibrant information and communications technology (ICT) industry." You can find a draft of arguments for the bill here, along with a link to the actual bill. (Thanks to James Berry)
Interviews Interview with Marc-Andre Lemburg (EuroPython)EuroPython continues a series of interviews with the people who will be speaking at the EuroPython and Zope Conference. This week meet Marc-Andre Lemburg author of mx Extensions for Python. "EuroPython: On which parts of Python are you working as Python developer? Which parts interest you most? MAL: Since I wrote much of Python's Unicode implementation building on an initial prototype written by Fredrik Lundh a few years ago, I still maintain most of it. These days I tend not to have much time to actually do coding work, but I try to overlook the general design and make sure that it stays in line with what the original idea behind the Unicode integration."
Interview with Mike McCormack (Wine HQ)WineHQ Interviews Mike McCormack. "How many Australian Wine developers live in South Korea and work for an American company? If you said just Mike McCormack then you'd be correct. Mike studied Electrical Engineering and Computer Science at the University of Sydney but now lives in Seoul half the time. The other half he lives in Minneapolis. Full time he's a Wine developer working for CodeWeavers. The arrangement works well for him - he gets to see his girlfriend regularly and has time to concentrate on work too."
The O'Reilly Factor: How Python Grips the Enterprise - Part IIOpenEnterpriseTrends.com has an interview with Alex Martelli. "In Part II of OET's exclusive interview with Alex Martelli, author of O'Reilly's popular Python in a Nutshell and Python Cookbook, we turn to how commercial developers of any stripe (Java, ASP.NET, Win32, C++) can best get started with using the Python scripting language to help their applications share data and business logic. In this discussion, Martelli also includes some great practical tips for your own starter project."
Eight Questions for George Dyson (O'Reilly)O'Reilly interviews computer historian George Dyson. "One of the first significant expenditures of machine cycles at IAS (second only to thermonuclear bomb calculations and meteorology) was a series of experiments conducted by the viral geneticist Nils Aall Barricelli to see if code could be prompted to evolve, within the "artificial universe" of the von Neumann computer, on its own. All the questions raised by Barricelli are equally applicable and equally instructive with regard to the evolution of software "in the wild" today."
Working smarter, not harder: An interview with Kent Beck (IBM developerWorks)IBM's developerWorks features an interview with Kent Beck. "Extreme Programming (XP) founder Kent Beck likes to say he made up XP's fundamentals during a particularly troubled project in 1996. While strictly true, from talking to him you sense he'd really been formulating the process for quite some time. Find out what Kent thinks about the contribution of the Java platform to software development's success (or lack thereof) in this exclusive developerWorks interview."
Web services visionary (IBM developerWorks)IBM's developerWorks has an interview with web services developer Sam Ruby. "Sam Ruby, a member of the IBM Emerging Technologies Group, has become a key part of several Web services-related open source projects over the last three years, including Tomcat and the IBM SOAP stack. He's still contributing both his code and his insight to the community. He spoke with Bob McMillan on a number of topics, including the appeal of open source, the future of Web services, and the power of Web logs."
Resources Emulate legacy operating systems on Linux (IBM developerWorks)Here's an article from IBM developerWorks on emulating legacy operating systems on Linux. "One of the best things to do with a Linux box is to run programs for other operating systems on it. It can simplify your life considerably. Companies spend millions on "server consolidation" in hopes of reducing maintenance, administration, and even heat burdens. They're usually just moving between different flavors of UNIX, though. What they often don't realize, however, is that the range and quality of Linux-hosted OS emulations -- some of them rather old, like CP/M, RSX, OpenVMS, and DOS -- are quite high. Moreover, companies don't always understand just how much this software can enhance the convenience of server-room operations."
Keeping the alligators out of your sewer (NewsForge)NewsForge looks at tools to keep crackers out of your network. "While many vulnerability assessment products can test Linux clients and servers, most run only on Microsoft or, in the case of MacAnalysis, Apple platforms. We've highlighted two that can run on Linux, and one standalone hardware device."
Real-time alerting with Snort, part 1 of 3 (NewsForge)This NewsForge article contains excerpts from the book Intrusion Detection with Snort by Jack Koziol. "Real-time alerting with Snort is highly customizable. You can pick and choose which alerts to be notified of in real time by assigning a priority to each rule or classification of rule. Each rule can have an individual priority attached to it, and every rule can be included in a classification of rules that has a priority attached to it."
Reviews Savanna: A User's Perspective on JuKKDE.News has a review of JuK, an mp3 Jukebox application for KDE. "Okay, I admit it: I'm a blonde who isn't a techie. I'm learning because it is kind of fun, but I'll only go so far. I know most people who will read this will probably chuckle because this is for a techie site, but it is worth noting that I am a user who has switched her desktop from Microsoft to Linux with KDE. That is a pretty big jump."
Mozilla on speed: Firebird 0.6 (MadPenguin)MadPenguin.org reviews version 0.6 of the Firebird browser. "This browser is the beginning of something wonderful. I say it's the beginning because it is very obvious that it is a work-in-progress and is pre-1.0, but let me tell you it is pretty impressive for such an early build."
Mozilla Firebird Plugin Review (Neowin.net)Neowin.net reviews a number of Mozilla Firebird plugins. AdBlock, Autoscroll, LiveHTTPHeaders, Popup ALT Attribute, Mycroft, User Agent Switcher, and Web Developer are covered.
Review: Pogo Linux StorageWare S212 Server (NewsForge)NewsForge reviews the new Pogo Linux StorageWare S212 Server. "The server comes with Red Hat Linux 9's three-CD set, plus a Pogo Linux Recovery CD, which contains all the post-install scripts required to bring the box back into factory condition. It includes kits for the 2.4.20-9 kernel, official update RPMs to Red Hat 9 (very handy), and other Pogo Linux personality items like wallpaper and splash screens."
Review of Quanta Plus (ContentPeople)ContentPeople features a review of Quanta Plus. "In recent times, we have seen the advent of Linux as a prominent web development platform, no doubt as a result of the popular LAMP framework: Linux Apache MySQL PHP. Thanks to its open source nature, it has given everyone access to an enterprise class environment for web applications. The LAMP community has created a variety of supporting text editors, tools and utilities to help you craft your web applications. One of the most popular is the Quanta Plus web development environment."
Slash'EM: The Sum of All NetHacks (O'ReillyNet)O'ReillyNet takes a look at the game Slash'EM, a variant of NetHack. "Slash'EM is written in C, with its Qt windowing interface in C++. Of course, because of its NetHack lineage, the current release contains lots of code which the present team did not develop originally. Normally, incorporating code from outside a project can be a problem due to incompatibilities among various open source licenses, but things work differently within the NetHack family. J. Ali Harlow, 36, a programmer for the Applied Vision Research Centre of City University in London, England and one of the current maintainers of Slash'EM, says, "There's no such problem with code that has been written to be used with NetHack. We seek to use the best of these whenever possible.""
YALAX: Yet Another Look At Ximian (Tux Reports)Tux Reports reviews the Ximian Desktop 2. "There are as many different philosophies for the perfect desktop as there are Linux developers and users. Each of us has developed our preferences and opinions. Some of us may perceive Ximian Desktop 2 as nothing more than GNOME with some eye-candy, or an attempt to clone Windows. Others may argue that following the KISS principle, by simplifying the applications, system menus and documentation, avoids overwhelming new users. In other words, one persons opinion is another persons opportunity to complain."
Miscellaneous One-day Linux project brings Internet to disadvantaged Miami kids (NewsForge)South Florida area LUG members help inner city kids in this NewsForge article. "11 a.m. - Chris Williams, a Ft. Myers programmer and sysadmin, huddles with Gonzalo. They decide to replace the existing Red Hat installation on the server with Mandrake 9.1 because of its ease of administration, plus the fact that Gonzalo is used to Mandrake, and he's the one who will be responsible for ongoing maintenance of the Center's computers."
Page editor: Forrest Cook Announcements Non-Commercial announcements LJ Readers' Choice AwardsSubmissions are open until June 23 for the 2003 Linux Journal Readers' Choice Awards, nominate your favorite applications soon.
WeWantLinux.org surveyResponses are being requested for the WeWantLinux.org survey. "The WeWantLinux.org survey shows a high level of interest in computers pre-loaded with GNU/Linux, even among non-Linux users. The WeWantLinux.org survey site continues to gather data on consumer interest in computers pre-loaded with the GNU/Linux operating system. With nearly 1700 survey entries validated, the results show a high level of interest in Linux PCs across the board. The survey site will remain active for the forseeable future, but the interim results are worth noting."
Extremadura, Spain deploys 80,000 GNOME desktopsThe Extremadura regional government has announced (at GUADEC in Dublin) the completion of the deployment of 80,000 computers running the LinEx distribution and GNOME in schools. There's now one system available for every two students. "The Junta of Extremadura has also created 33 computing centers for the general population. The centers feature one-on-one computer assistance, so users who are unfamiliar with computers can learn computer and e-mail basics. The centers have drawn citizens of all ages and walks of life. The oldest user of the centers is 99 years old."
The Center of Open Source & Government Endorses South African Open Source StrategyThe Center of Open Source & Government endorses the South African Proposed Strategy for Using Open Source Software in the South African Government by providing rationally defensible policy guidelines. The South African Strategy (PDF format) is a reasonable road map for a viable Open Source Government Policy.
Research Predicts Massive Growth in European Linux Server MarketAn IDC Research report sponsored by LinuxWorld shows that in 2003 Linux is expected to ship over 162,000 servers in Western Europe, a market worth $621 million. By 2007 this sum is anticipated to have more than doubled in value to $1.9 billion and tripled in volume (203% growth), shipping on almost half a million servers.
Opinion on Brazil making Open Source mandatory in governmentTony Stanco has sent us his opinion of Brazil's new open source policy. "While I think that Open Source in government is a good thing and have been working towards that goal for many years, making it mandatory is an industrial policy that may not succeed, which will hurt Open Source in the long run."
Linux Creator Linus Torvalds joins OSDLHere's a press release from the Open Source Development Lab (OSDL) on the appointment of Linus Torvalds as the first OSDL Fellow. George Weiss, vice president and research director for Gartner, is quoted; "Linus Torvalds adds tremendous credibility to OSDL's efforts to drive the evolution of Linux forward into enterprise computing and carrier environments. The computing market is still questioning how far and how fast Linux can go as an enterprise-ready platform. With Linus at OSDL, many will be looking for leadership from the lab for answers to those questions."
Changing of the Guard at YAS (use Perl)According to Use Perl, the Perl Foundation has a new president. "In a recent meeting of the board of directors of Yet Another Society (a.k.a. The Perl Foundation), long-standing President Kevin Lenzo decided to step down from his role to pursue other commitments. In his place the board elected a new President, Allison Randal."
Commercial announcements IBM Comment on SCO Press ReleaseIBM responds to SCO in a short press release. "Since filing a lawsuit against IBM, The SCO Group has made public statements and accusations about IBM's Unix license and about Linux in an apparent attempt to create fear, uncertainty, and doubt among IBM's customers and the open source community."
Linux Security Cookbook released by O'ReillyO'Reilly has published the book "Linux Security Cookbook".
Upgrade for RAV AntivirusCentral Command is offering a discount to existing RAV Antivirus customers. "With the recent announcement from Microsoft Corporation of the pending acquisition of RAV Antivirus technology the future support of the existing RAV Antivirus product line has caused concern from existing RAV Antivirus customers."
TimeSys-Powered Mars Exploration Rover Demonstrated at JavaOne(SM) ConferenceTimeSys Corporation has announced that its TimeSys Linux RTOS (real-time operating system) and JTime real-time Java(TM) virtual machine are driving the Mars Exploration Rover concept vehicle being demonstrated by NASA's Jet Propulsion Laboratory (JPL) and Sun Microsystems' James Gosling at the JavaOne Conference this week in San Francisco.
Transmeta Bolsters Commitment to China with Midori Linux AgreementTransmeta Corporation has announced it has entered into an agreement to allow Chinese 2000 Holdings Ltd. to develop and market Transmeta's Midori(TM) Linux for mobile and embedded devices in China and other countries in the Asia-Pacific region. The collaboration between the two companies on Midori Linux development and marketing focuses on China, Hong Kong, Macau and Taiwan.
Resources OSDL and SD Times: Linux Survey ResultsOSDL and SD Times have released the results of a joint survey on the use of Linux in corporations. "The survey of 8,000* SD Times readers, mostly senior managers at corporations with more than 1,000 employees, showed broad and deep use of Linux in IT shops even though only a third of the companies had adopted the open source operating system as a corporate standard computing platform."
UML 2.0 Standard releasedA new UML 2.0 standard was released at the OMG Technical Meeting in Paris.
Upcoming Events GU4DEC LiveDo you want to see what's going on at GUADEC? Well now you can. Just check out the LIVE GU4DEC site.
LinuxWorld Expands Conference ContentAn expanded conference program for LinuxWorld Conference & Expo has been announced. "LinuxWorld's CIO Agenda is a new program featuring sessions specifically designed for CIOs who need to be well-versed in the implications of Linux adoption. With topics in business, security, system administration, application development, and emerging technologies, the CIO Agenda will provide CIOs with insights on how Linux and open source can benefit their organizations."
Linux.Conf.Au 2004 call for papersThe 2004 iteration of Linux.Conf.Au is happening January 14 to 17 in Adelaide. The call for papers has just gone out, with abstracts due by August 18. Speakers who have already been confirmed include Keith Packard, Jon 'maddog' Hall, Bdale Garbee, Rusty Russell, and Andrew Tridgell.
EducationaLinux 2004, AdelaideEducationaLinux 2004 will be held on January, 2004 in Adelaide, Australia. "This conference presents an opportunity for anyone who is a part of the education system to get together, share ideas and network with other like-minded individuals using or promoting open source in education."
Events: June 19 - August 14, 2003
Web sites Debug Linux C programs at AskIgor.orgA new debugging server called AskIgor is online. "We're doing a public debugging server - a Web site that accepts buggy Linux C programs and automatically tells you why the program failed. This has been brewing for two years, and is starting to get ready. We'd like any feedback on things people like/dislike about it."
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Page editor: Forrest Cook Letters to the editor Nathan Hanks again demonstrates his ignorance of security
Quoting http://www.techweb.com/wire/story/TWB20030603S0012
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||