| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for July 1, 2004The Grumpy Editor's guide to graphical mail clients
Your editor, remember, is looking for a mail client which enables the processing of vast amounts of mail in a flexible manner. An LWN editor can spend hours each day dealing with email from various sources; actually getting an LWN Weekly Edition out every week very much depends on the use of an efficient, reliable client. In particular, your editor is looking for:
For this article, your editor spent a significant amount of time working with Balsa, Evolution, KMail, Sylpheed, and Thunderbird. These programs all have a great deal in common; they would appear to have all been built from the same basic template. A tall pane on the left contains the folder hierarchy, usually split between local folders and those found on some remote server. The top right pane gives a folder view, while the bulk of the space, in the bottom right, contains the text of a message itself. Separate windows are used for composition of new messages. Each client has its own keyboard shortcuts (we will get to that later), but the mouse-oriented interaction is quite similar between all of them. A user familiar with one of these clients could make use of another with little trouble. Could it really be that the optimal model for graphical email clients has already been found, and that no further experimentation is called for at this point? Or could it be that all of these clients are imitating a popular proprietary email offering? All of the clients have most of the expected features: built-in address books; support for multiple accounts; disconnected operation; secure POP, IMAP, and SMTP access; threading of folders; hierarchical folders; filtering of messages based on various criteria; etc. Most of the common features will not be discussed here.
Balsa![[Balsa]](/images/ns/grumpy/balsa-sm.png)
Balsa is a longstanding GNOME
client. In recent years it has been somewhat upstaged by Evolution, but
development on Balsa continues. The 2.1.3 development release came out in
May, 2004, but your editor was unable to make it work on his system; this
review, thus, looks at the stable 2.0.17 release.
Balsa lacks the polish of some of the other mail clients we'll look at here, but it has many of the same capabilities. It can deal with remote mailboxes via POP or IMAP, and local mailboxes in mbox, maildir, and MH format. It can only use SMTP for outgoing mail; there is no option for passing a message to a local command. Balsa has one failing which it shares with a few other clients: it makes the user wait while it talks with the remote SMTP server. It would be nice if this conversation could happen in the background; there is little joy in staring at a "connecting to server" dialog for an indefinite period of time. Yes, one can always set up a local MTA to handle this task, but that should not be necessary. Balsa can render HTML mail reasonably well, though it cannot create such mail (the lack of this feature does not strike your editor as a problem). Its display of multipart MIME messages is somewhat awkward; it can only show one part at a time, forcing the user to bounce between tabs to see the whole message. There is a reasonable set of keyboard shortcuts which, happily, do not require extensive use of modifier keys. There is no provision for changing the shortcuts, however. Balsa's interface can be somewhat annoying; it can, at times (such as when getting a large message from a remote server), become unresponsive to the user, who is left wondering what is really going on. The address book interface looks powerful, but it would be nicer if it started with a default, local book and didn't require the user to dig through the preferences dialog before allowing addresses to be saved. Balsa has a basic set of filter operations, though less advanced than most other mail clients. One unique filter operation, however, allows matching messages to be automatically sent to the printer. The potential for paper waste and embarrassment is impressive. All told, Balsa is a reasonably capable mail client. One gets the impression, however, that its time in the limelight has passed. Most of the other clients reviewed here are more capable and smoother to operate.
Evolution![[Evolution]](/images/ns/grumpy/evolution-sm.png)
Evolution has the
broadest focus of any of the clients reviewed; it merges
the email functionality with contact management, task list, and calendaring
functions. Your editor, who is looking for an email client rather than a
calendar manager (he addressed
that problem a few months back), did not look at these other
capabilities in any great detail. One can certainly imagine uses where an
integrated calendar manager would be useful, but, if one is seeking a
focused mail client, calendars and such can be a distraction.
Version 1.5.9.2 (a pre-1.6 development release) was looked at for this review. Evolution can handle a wider range of email account types than any of the other clients reviewed. Along with the usual forms (IMAP, POP, local mailbox), Evolution can work with Novell GroupWise accounts and folders in maildir or MH format. An attempt to set up an MH directory, however, crashed Evolution and rendered it incapable of launching; such is life when one plays with development releases. Use of Evolution to read netnews groups is also supported. Outgoing mail can be sent via SMTP to a server, or passed to a local application. Evolution has a nice feature where it can query the remote mail server to determine what sorts of authentication and encryption features it supports. Some basic spam filtering is built into Evolution; users can mark messages as being "junk" and, once the internal filter is properly trained, apply filters to clear the spam out of the way. The filtering appears to be based on SpamAssassin. The documentation mentions an option to have Evolution pass mail to spamd for evaluation, but that option does not yet actually exist in the configuration dialogs. Evolution provides a set of keyboard shortcuts which allows some actions to be performed without the mouse. There is no evident way of configuring shortcuts, however; if you don't like the defaults, there's little to be done. Evolution provides full support for HTML mail. Incoming HTML is rendered by default. It can compose mail in HTML format, and a full set of operations is provided enabling the composition of truly gaudy messages. Happily, Evolution defaults to sending plain text mail only; users must explicitly say they want to create HTML messages. There are some nice features for finding messages within folders. A search bar in the main menu can quickly narrow the view to messages meeting the search criteria. The "vFolder" mechanism is a more advanced feature which enables the creation of custom views which can include messages from multiple folders which meet the search criteria.
KMail![[KMail]](/images/ns/grumpy/kmail-sm.png)
KMail is the KDE mail
client, part of the "kdepim" package. In many ways, KMail is the most
configurable and flexible of the graphical email clients out there.
KMail can handle incoming mail via POP, IMAP, and local mailboxes in mbox or maildir format. Outgoing mail is transferred via SMTP or handed to a local program. KMail's account setup is, however, a little more confusing than that found in the other mailers. Mail identities, mail sources, and "transports" (ways of sending mail) are all configured separately; they can then be mixed and matched in arbitrary ways. Those who are so inclined can select a different outgoing transport for each message. The system is flexible, but not necessarily straightforward to set up at the outset. Like Evolution, KMail can query remote mail servers to determine their encryption and authentication capabilities. This is such an obviously good feature that one wonders why all mail clients do not work that way. KMail has extensive configuration options. Uniquely among the clients reviewed (but standard for KDE applications), KMail provides an easy mechanism for configuring keyboard shortcuts. The defaults also make some sense: "R" for reply, for example. Given that regular, unmodified keystrokes have no intrinsic meaning in the context of a mail client window, why make users lean on the control key to get anything done? One should be able to simply hit "N" to see the next message, and KMail's designers understand that. The usual filtering operations are available. KMail does not, however, have any sort of internal spam filtering built into it (though some of the available, undocumented options, like "mark as spam," suggest that this capability is coming). Filters can, among other things, change the default identity or outgoing transport which applies to a given message, or rewrite header fields. Like Evolution, KMail supports virtual folders created by searching; there is no search bar in the main window, however. KMail can render HTML mail quite nicely, but it refuses to do so until the user explicitly requests HMTL rendering for a specific message. It also will not load external images until you get past a configuration screen with dire warnings on it. KMail does not appear to be able to create HTML messages.
As a whole, KMail has a pleasant, responsive interface. It is visually
pleasing, and makes relatively good use of the screen space. More than
some other clients, it provides feedback on what it is doing at any given
time, and does not make the user wait unnecessarily. On the other
hand, it has an obnoxious habit of popping up "tool tips" with the message
In summary: KMail is a capable client; its developers have clearly given some thought to how to make life easier for their users. It is arguably one of the best mail clients available.
Sylpheed![[Sylpheed]](/images/ns/grumpy/sylpheed-sm.png)
Sylpheed is a GTK+ mail client
which advertises itself as fast and lightweight. Like Balsa, Sylpheed
feels a little rough in the modern world. This client, however, has some
capabilities that the others lack.
At the top of the list of those capabilities might be "actions." Sylpheed includes a mechanism for running external programs on messages; the output of that program can, optionally, replace the original message. Actions can be created with a dialog box (canned actions can also be obtained from the net and added directly to the configuration file); thereafter they show up under the "Tools/Actions" menu. It would be nice if an action could be bound to a keystroke, but... ...Sylpheed does not allow the configuration of keyboard shortcuts. Shortcuts do exist for most operations, but they all require the use of the control key. The font selection available in Sylpheed is also somewhat restrictive; it cannot use the nice anti-aliased fonts the way some of the other mail clients can. If you spend a lot of time staring at a mail client every day, this makes a difference. Sylpheed tends to hang up at times; when an action is being run, for example. It also makes the user wait for SMTP conversations to complete when sending a message. This client cannot render HTML mail; it wings it by stripping out the markup and simply displaying the remaining text. This technique works surprisingly well; if you don't get much HTML mail, you may never even notice the lack of proper support. Sylpheed can work with POP and IMAP mailboxes, or with local mailboxes in the mbox format. It creates local mailboxes using the MH format; it can also be configured to use the MH inc command to incorporate new mail. It has no support for mailboxes in maildir format. The Sylpheed address book is minimal but functional; there is no LDAP support, however. For those who find Sylpheed inadequate, but who like the basic platform, the Sylpheed-Claws project may be worth a look. Sylpheed-Claws is an ongoing effort to add vast numbers of features to Sylpheed. Some of these include a plugin mechanism, spell checking (a feature available on most other mail clients), the ability to assign actions to icons on the toolbar, a search bar for narrowing folder views, themes, message scoring, HTML viewing (using an external viewer), better GPG support, LDAP support, and more. The biggest problem with Sylpheed-claws, however, is that it is very much a development release; you editor was able to make it crash in several different ways. Crashing is not a desirable feature in a vital work tool. Sylpheed is a powerful client which is clearly aimed at serious users. In your editor's not entirely humble opinion, what it could best use at this point is (1) a bit more attention to polish, human factors, and visual appeal, and (2) a concerted effort to move the best, most stable features from Sylpheed-Claws into the mainline client. With some work in that direction, Sylpheed could be a powerful contender for the title as the best graphical client for advanced users.
Thunderbird![[Thunderbird]](/images/ns/grumpy/thunderbird-sm.png)
Thunderbird is
the standalone mail client from the Mozilla project; its most recent
release is version 0.7.1. Thunderbird is a slick product; it is visually
appealing and, for the most part, easy to use.
Unlike other mail clients, Thunderbird has no provision for local maildrops at all; it can only obtain mail via POP or IMAP. It does maintain local folders, however; they are buried deeply under the user's .thunderbird directory, and appear to be in mbox format. Thunderbird can be used to read netnews from NNTP servers. On the outgoing side, Thunderbird expects to talk to an SMTP server, and it makes you wait while the conversation takes place. Thunderbird handles HTML mail without trouble; one would expect a Mozilla project to get that part down reasonably well. The client will, by default, execute Javascript contained within HTML mail; your editor is hard put to come up with a reason why one would ever want to leave that option enabled. Thunderbird also sends mail in HTML format and, discouragingly, comes configured to send HTML by default. Thunderbird is a highly configurable client. The actual configuration can be a bit confusing, however; quite a few options (such as sending HTML mail) are part of the account configuration. A user will look for such options under the "options" menu in vain. Thunderbird also has a powerful extension mechanism, with numerous extensions available on the net. The default keyboard shortcuts are heavily reliant on the control key, and there is no provision for changing them. The "keyconfig" extension mitigates that problem somewhat, though it is not trivial to use and cannot create shortcuts for all that many operations. Thunderbird has some strange behavioral glitches. Clicking on a URL in a message, for example, causes Thunderbird to copy the web page to a local file and run a browser on that file; this strange behavior breaks all the images and links, among other things. If, instead, the user drags the URL to a browser window, the right thing happens. Thunderbird is also reluctant to use folders on the remote IMAP server that it didn't create itself; folders created by a different mail client tend to be completely inaccessible. On the other hand, Thunderbird's composition window is relatively nice and easy to use. The interaction with the address book is easy and transparent, and Thunderbird makes it easy to set various types of headers ("Bcc:", "Reply-To:") without having to dig through menus. Thunderbird has its own bayesian spam filter built in. Messages which look like spam are prominently marked as such; the user then has the option of correcting things. The toolbar icon toggles between "Junk" and "Not junk," depending on the current marking of the message; the user thus has to actually look at it to see what it will do at any given time. This sort of modal interface is an encouragement to the user to make mistakes. The keyboard shortcuts for marking and unmarking spam, at least, are distinct. There is a search bar in the main window for quickly narrowing folders. There are no virtual folders for holding search results, however. Thunderbird is an impressive client; for version 0.7 it is in very good shape. Your editor would like to see some attention paid to the needs of users who want to do nonstandard things, such as adding custom operations to the toolbars. Given that most of the details and polish are already in place, a bit of careful feature work could turn Thunderbird into a truly powerful and useful program.
Other important pointsA grumpy editor who posts to lists like linux-kernel lives in fear of two things: (1) sending text in very long lines, and (2) sending patches which have been word-wrapped by the mail client. Committing either faux pas can cause a budding kernel hacker to contemplate a switch to Visual Basic programming. Your editor attempted to get each mailer to send an unmolested patch while performing word wrapping on the accompanying text. Note that some people really want to see patches inline, rather than as attachments, which complicates the situation - any of the mail clients reviewed here can send an attachment without trouble.Only Sylpheed passed this test in a clear way. If the "wrap on input" option is selected, typed text will be wrapped, but an inserted file will be left alone. KMail sort of works, in that word wrap can be disabled for specific messages. If you use the "external editor" option (which works in a bit of a confusing way; you must type a keystroke in the text area of the composition window to get your editor), whatever the editor produces will not be messed with. Balsa wraps everything, as does Evolution. Thunderbird, interestingly, has no option for inserting a file into an outgoing message; you must cut-and-paste it in (and deal with wrapping problems), or send it as an attachment. Another important feature, as far as your editor is concerned, is the ability to feed a message to an external program. After all, it just might be possible that users may think of things to do with their mail which, inexplicably, just didn't occur to the implementers of the mail client. Such operations might include feeding a message to sa-learn to better train SpamAssassin's filter, or, in your editor's case, inserting a software announcement into the LWN site. Support for external programs is poor in most of the clients reviewed. Some of them can invoke an external program while filtering messages (thus, for example, allowing SpamAssassin to be used to clean out junk), but only Sylpheed has a separate mechanism for running programs on specific messages. Even then, only Sylpheed-Claws brings that mechanism to the toolbar, and there is still no way to assign an action to a keystroke. Thunderbird has an "external application" extension, but it is really just an application launcher; it can't be used to process messages. There should be no reason why the right kind of extension couldn't be written; it's just that, as far as your editor can tell, nobody has done it yet. In general, extensibility is an important feature for a complex application. The original developers will never think of everything, and really should not even try. If the application provides an easy way for others to add capabilities, the result will often be a rich ecosystem of features far beyond the imagination of the application's designers. Among the clients reviewed above, only Thunderbird provides support for first-class extensions - though Sylpheed-Claws is getting there. In the long term, the email client which best supports extensions may well be the one which gathers the largest, happiest user base.
ConclusionsA few other free graphical clients exist, but didn't make it into this review:
So, with all these options, which would your editor choose? The answer, for the moment, is "none of the above." Your editor is not yet sold on the advantages of a graphical client for this sort of work; these clients do have a number of nice features, but an email client must, above all else, enable quick and efficient processing of mail. Anybody who has tried to exchange email with your editor knows that he can easily get far behind; if the email client adds friction to the process, that problem will get worse. Some of the clients reviewed look like they could eventually be a part of a workable email system. With luck, future development will take at least one of them in a direction where it is, on the one hand, polished, feature-rich, and usable, while being, on the other hand, easy to integrate into a wider way of doing things. Meanwhile, your editor will proceed to look at some of the current non-graphical offerings (this includes emacs-based clients, which are becoming increasingly graphical in their own right). Stay tuned.
The Global File System goes full circle In 2003, Red Hat announced that it was acquiring Sistina, and that it would work to release Sistina's current technologies as open source in 2004. Red Hat made good on that promise on June 24 by re-releasing the Global File System under the GPL. The Global File System (GFS) has a fairly long and interesting history. According to the OpenGFS website, the GFS project started at the University of Minnesota and was sponsored from 1995-2000 by the University. Then Matthew O'Keefe, a professor at the university, founded Sistina around GFS. Sistina stopped making new versions of GFS available under the GPL in 2001. It's important to note that it's inaccurate to say (as many have) that GFS has been "re-released" under the GPL -- the original code that was available under the GPL remained available under the GPL. Sistina simply quit putting out new releases under the GPL, but users still had the option of using and working with releases prior to Sistina's license change, as did the OpenGFS project. The release put out by Red Hat last week actually consists of more than just GFS the file system; it totals nine components in all. In addition to GFS itself, Red Hat has released the clustering extensions to the Logical Volume Manager 2 (LVM2). Also, Red Hat has released clustering infrastructure tools and cluster block devices that work with GFS; The Cluster Configuration System (CCS), Cluster Manager (CMAN), Distributed Lock Manager (DLM), GFS Unified Lock Manager (GULM), the Fence I/O fencing system, the Global Network Block Device (GNBD) and the Cluster Snapshot Block Device (CSBD). Linux has no shortage of filesystems to choose from, but GFS is quite a bit different from Ext3, ReiserFS and other popular file systems being used with Linux today. The GFS release probably isn't that interesting for users with a single Linux workstation or for small installations of Linux systems that don't require a great deal of filesystem sharing or redundancy. For Linux shops that have deployed or plan to deploy Linux in a clustering capacity or using a Storage Area Network (SAN) to share filesystems among servers, instead, GFS is a very interesting technology. GFS allows Linux servers to share a single file system on a block device via fiber channel, iSCSI, NDB or other technology, and allows those servers to simultaneously read from that file system and coordinates writes to the filesystem to avoid data being overwritten. Changes to the filesystem made by one server are immediately available to other servers. GFS is different from the Network File System (NFS) in that it removes the requirement for clients to access storage devices through an NFS server. It removes some of the overhead from working with data, making GFS more robust. One can use the two technologies in conjunction with one another, using GFS to give a set of servers access to a filesystem stored on a set of fiber channel drives (for example) and then exporting the filesystem to clients via NFS. GFS is highly scalable, which means that hundreds of systems can share a filesystem on a SAN. In addition, as one might expect, file system and volume resizes can be performed while the system is running -- which means that enterprise systems don't need to be brought down for filesystem maintenance when a deployment starts to require more space. The file servers themselves can be clustered to provide high availability, redundancy and increased performance. Just what the doctor ordered for a database cluster, enterprise file servers, large e-mail installations and many other applications. For those interested in trying out GFS, source RPMs are available for Red Hat Enterprise Linux 3, CVS snapshots are available, and enterprising Fedora user Lennert Buytenhek has already whipped up FC2 RPMs of GFS and the necessary tools. Packages are no doubt being prepared for other popular Linux distributions as well. Instructions on using GFS can be found here. Of course, RHEL users still have the option of buying GFS for a mere $2200. The GFS team is now working to put GFS into the mainline Linux kernel. It shouldn't be terribly difficult for a project this useful to find a healthy community of users to apply whatever elbow grease is necessary to make that happen.
A look at Slackware 10.0 The long-awaited Slackware 10 release has hit the streets, so to speak. Though Patrick Volkerding's Slackware wasn't the very first Linux distribution (it was originally based on the SLS distribution) it has outlived all of its predecessors. First released on July 16, 1993, Slackware has come a long way since its floppy-based origins -- though in some ways, it has also remained very much the same.The Slackware installer, for example, has changed very little over the years. Though the lack of a graphical installer may intimidate new users, the text-based menu installer still serves well and is quite simple to use if one will only take the time to read the text. This writer installed Slackware 10, using the "install everything" option, on a Toshiba Satellite 1415-S105 notebook in about twenty minutes. That includes disk partitioning, network setup and reboot. Slackware's installer may lack bells and whistles, but it serves just fine on almost any hardware. Slackware also continues to use the BSD-style init scripts, though slightly streamlined in this release, as opposed to the SYSV style init scripts that are used by most other Linux distributions. Whether this is an annoyance or feature largely depends on the personal preference of the user. The latest Slackware release is based on the stock 2.4.26 Linux kernel, with an optional 2.6.7 kernel for users who wish to run the 2.6 series. Apparently, the 2.6 kernel series hasn't quite yet lived up to Volkerding's standards for a default kernel. Nor has Slackware jumped to the Apache 2.0.x series yet; it still ships with Apache 1.3.31. Slackware also still includes lprng and LILO, which have been replaced by CUPS and GRUB in most distributions -- though Slackware also now includes CUPS alongside lprng. Slackware still includes a wide array of window managers and desktop environments, and tends to stay on or close to the cutting edge there. KDE 3.2.3 is included, as is GNOME 2.6.1, XFce 4.0.5, Blackbox, Fluxbox, and many others. While most popular distributions tend to brand the window managers and desktop environments -- Red Hat's "Bluecurve" and Mandrake's "Galaxy" themes come to mind -- Slackware ships them more or less as-is. In fact, all packages shipped with Slackware "follows the setup and installation instructions from its author(s) as closely as possible." This writer tends to prefer the "generic" version of packages, so Slackware is his favored choice in this area. Though not part of the default install, there are a few new package tools for Slackware 10. There's now a "slackpkg" tool to help with upgrading an older release of Slackware, and "slacktrack" to help building Slackware packages. Users who wish to try these new tools will find them in /extras, on the third Slackware disk. Speaking of disks, it's also worth noting that Slackware is still fairly lightweight in terms of disks required for installation. Only the first disk is necessary for a basic install with KDE, while the second disk will be necessary for users wishing to use GNOME. Users who wish to use the ZipSlack distribution will need to grab disk four. Users interested in trying Slackware before it's available in stores or to subscribers can find ISOs through BitTorrent or through one of the unofficial mirrors. The only complaint this writer has about Slackware 10 is the lack of a simple sound configuration utility. Configuring sound on the Toshiba laptop with Slackware was a bit more challenging than with other distributions, which usually find and enable the sound card without any user intervention. Other than that, however, installing and configuring Slackware was a pleasure. In all, Slackware is a solid distribution that's easy to set up and run. For users who are already running Slackware-based systems, the upgrade is well worth it. Users who have never tried Slackware might find that it's well worth the time to test out.
Page editor: Jonathan Corbet Security The netfilter packet of death Adam Osuchowski and Tomasz Dubinski have sent out an advisory regarding a new vulnerability in the 2.6 netfilter subsystem. Netfilter, being the Linux firewalling code, inspects network packets and makes decisions on which ones to pass on. Use of netfilter is supposed to increase security, so it is always discouraging when the opposite happens. Fortunately, the number of sites vulnerable to this particular bug should be fairly small.TCP packets can contain an "options" field within the header. This field allows TCP implementations to change how the protocol works; options can be used to turn on features like selective acknowledgments, change how checksumming is done, and so on. Each option has a simple format:
Multiple options can be packed into the field; an option number of zero terminates the list. If netfilter is asked to filter packets based on the contents of the TCP options field, it goes into a loop stepping through each option present in a packet. Unfortunately, it treats the length byte as a signed quantity; the result is that, with an option number greater than 128, netfilter's index into the options field can be pushed backward, and the code can end up in an infinite loop. That tends to slow packet delivery somewhat. The fix is straightforward: declare the options array as unsigned. The good news is that, in all likelihood, very few firewalls filter on the TCP options field, and, of those, most have probably not yet been upgraded to 2.6. The bad news is that there are almost certainly many other bugs in the kernel (and elsewhere) caused by confusion between signed and unsigned types. These vulnerabilities can be hard to find without detailed, tedious auditing. And some of them, certainly, will have a larger impact than this one.
The U.S. Constitution locked up As seen in Lawrence Lessig's weblog: Amazon.com is offering an electronic version of the U.S. Constitution aimed at Microsoft's reader. It's all nicely equipped with the usual digital rights management stuff; according to Amazon, permission to print the Constitution has been denied.The irony of the situation is self-evident. We at LWN would certainly never want to INDUCE anybody to commit a crime, but... if somebody were to get around the DRM and dump a copy of this electronic book onto their printer, it would be a clear violation of the DMCA. For somebody looking for a day in court, it would be harder to find a more desirable case to defend than being charged with printing the U.S. Constitution. Explaining the problems of U.S. copyright law to otherwise uninterested parties has always been a challenge; given enough products like this one, that task is likely to get easier.
New vulnerabilities Apache: denial of service
FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling
giFT-FastTrack: remote denial of service attack
gzip: temporary file execution problem
kernel: netfilter denial of service
pavuk: buffer overflow
Updated vulnerabilities Apache mod_proxy: denial of service
apache2: stack-based buffer overflow in ssl_util.c
aspell: bounds checking problem
dhcp: buffer overflows
Filename disclosure vulnerability in fam
flim: insecure file creation
gtkhtml: malformed messages cause crash
Horde-IMP: improper input validation
iproute: local denial of service
racoon: failure to verify signatures
racoon: denial of service vulnerability
kdelibs: cookie disclosure
kernel: symlink overflow in the iso9660 filessytem
kernel: denial of service
kernel-utils: setuid vulnerability
krb5: unauthorized root privileges
libpng, libpng3: buffer overflow
libxml2 - arbitrary code execution
logcheck: symlink vulnerability
mailman: password disclosure
mikmod: buffer overflow
mod_python: denial of service vulnerability
mozilla: multiple vulnerabilties
mpg321: format string vulnerability
MySQL: temporary file vulnerabilities
neon: buffer overflow
Nessus NASL scripting engine security issues
netpbm: insecure temporary files
openssh: timing attack leads to information disclosure
OpenSSL: denial of service vulnerabilities
postgresql buffer overflow in ODBC driver
python: buffer overflow
racoon: improper certificate validation
rsync remote file write attack
squid: buffer overflow
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Kmail icons]](/images/ns/grumpy/kmail-reply.png){kind=small}
subject when the pointer moves over the subject in the folder view pane;
this behavior creates a great deal of distracting flashing while not really
giving the user any useful information. Some of the toolbar icons are less than
instructive; try to guess what the three shown on the left mean. (They
are "get new mail", "reply", and "forward").
![[Mahogany]](/images/ns/grumpy/mahogany-sm.png)