However, that's going to change. There is already support for RPC security when using NFSv4 in Linux 2.6.
Unfortunately NFS sucks [1]. If I go to someone's house can I mount an NFS export as easily as I can an SMB share? No, because the UID/GIDs don't match up. SMB keys on usernames.
[1] In truth SMB sucks too because of the many layers of protocol.
Dude, it's close enough. Tag, watermark, what's the difference?
The difference is if it where a watermark you wouldn't see it. A watermark is information that is non-destructively encoded with the target data. If the recipient's name is just prefixed in some header that is not a watermark. Presumably it could be overwritten to obscure it whereas a watermark could not be removed without destroying the original data.
If you should need to recompile your Red Hat kernel do not try to install the raw kernel source from kernel.org. Red Hat and other distributions require that they use their versions of kernels specifically taylored to their distribution. For Red Hat, install the kernel-.src.rpm (note that this is different from the kernel-source package) and look at the file/usr/src/redhat/SPECS/kernel-2.4.spec. At the top of this file you will see something like the following: Summary: The Linux kernel (the core of the Linux operating system)
# What parts do we want to build? We must build at least one kernel. # These are the kernels that are built IF the architecture allows and # no contrary --with/--without arguments are given on the command line. %define buildup 1 %define buildsmp 0 %define buildBOOT 0 %define buildenterprise 0 %define builddebug 0 %define buildjensen 0 %define buildtape 0 %define buildBOOTtape 0
Change all of the 1's to 0's leaving a 1 for only the kernel version you wish to build. The above listing shows the modified spec file for building the uni-processor kernel. Now build with an appropriate target option like:
# rpm -bb --target i686 SPECS/kernel-2.4.spec
If you do not do this, RPM will attempt to build multiple kernel versions. Usually it is only necessary to build one kernel specifically targeted for your machine. Building all of the kernels defined in the default kernel.spec will take many hours even on a fast machine. When the build is complete there should be an RPM in the RPMS/i686 directory (or the directory for the specified target) that can be installed with: # rpm -Uvh RPMS/i686/kernel-2.4.20-28.7.i686.rpm
Now can someone explain how to run make xconfig beforehand?
This is the highest building in town. In a day of disaster people gothered on the roof of this builing and have been looking at a beautiful shining above Atomic Plant. This was the shinning of radiation.
Why do people think making something Open Source is unanimously good? Indeed, in this case I think Open Sourc-ing Java would be a bad move. Java has a slew of sattelite ecosystems and things that are portrayed as "technologies" themselves. I think Java desperately needs a backbone on which those entites can rely on for stability. In fact I think this is why Java is a little too popular. Now days you cannot get a Java project without being required know J2EE, JNDI, JABC, JDEF, JJJ, and fifteen other acronyms. The whole thing has become an exercise in marketing. Now factor in the coup de gras of different permutations created by Open Source people and you're thuroughly confusing the situation.
Incedentally, isn't it strange how the Java API can evolve so much and yet despite the holes in POSIX no one has even considered changing it.
Nonsense. What a waste of resources. Also, you clearly don't know what it really costs. What would you rather have - a 2.5 GHz Wintel Dell workstation ($399 deal right now) or one of these which will probably cost more when you get a case and memory and a disk....?
...is this really/. front page news? This came out on the FreeBSD mailing list 36 hrs ago.
Yes. Most of us are not on the FreeBSD mailing list. Instead we wait for the more mainstream outlets like./ to report the problem. Also it's good to wait about 36 hours or so for the fix to go through the motions as the sudden intrest rattles free other problems.
Given Theo's past attitude of "it's not important to me so it's not important to OpenBSD." Though his goal always seemed self-serving e.g. "I write it for myself and if others use it, fine," it's good to see that he is opening his mind to the one area OpenBSD is severly lacking.
Well SMP is not important for file server (e.g. HTTP servers). If you look at a lot of the low end machines these days they're single processor. It's just not that compelling to have multiple CPUs in a file server anymore. CPUs are much faster than they need to be to do whatever they do between I/O.
It could use some desktop polish (though I only use it for firewalls and servers since I only use it at home), SMP is the gaping hole in OpenBSD's offering.
Are we talking about the same operating system? I'm talking about the one leading netcraft uptime stats. Why would you desicrate a wonderful pure blood OS with a d-d-d-d-desktop?
Good. IFAIC the best possible scenario is for TCPA to succeed enough for it to be used to sign code and implement security useful to consumers but for DRM to fail which according to you it will because of the complexity of negotiation between TCPA-enabled hardware. Then again, I think you might be right that TCPA will not survive without DRM.
As usual there are many comments about how Microsoft is taking over your bios. Just because your laptop has a security device in it (my thinkpad does) doesn't mean Microsoft is going to gain control over your machine. People frequently speak about TCPA and DRM as if they refer to the same thing because TPCA is prerequisite for DRM. That is NOT true.
TPCA just means the motherboard has some hardware for generating and possibly storing cryptographic keys. There might also be some secure memory and other things that assist with performing security critical computing on a PC without someone deciphering the keys or reading private data or media directly from memory. It is a feature that should probably be considerd good particularly for people who wish to use such a computer for monitary transactions or other highly secure communications.
Digital Rights Management has to do with delivering media to a PC in a way that restricts the user from decoding and copying it as it is displayed on the target output device. TCPA would be necessary to do this but that is incedental (but not coincidental).
People think TCPA and DRM equates to the consumer loosing control of their computers. In some cases this will be true. Your employer could lock down your workstation tight as drum so you can't install that scewball program. But the TCPA hardware is just another couple of chips on the board. How keys are managed and how the secure memory is accessed is understood. I believe there's a GPL driver for the security chip in my Thinkpad T30. As for DRM, well... too bad. You won't be able to rip that DVD or burn or fry or copy whatever. Last I heard it *was* illegal. Get out and play frisbee instead. Write your own music. Build a toy car with your kid.
Since NMAP source is GPL, does it's inclusion in Battle Royale make the movie a derivative work and therefore also subject to the GPL?
Can a movie scan my servers for vulnerbilities? If not, then the movie is not a derived work of any software that does.
However, you cannot copy someone's writing verbatum without atttributing it properly. If you published this comment in a book and claimed it was your own, that would be copyright infringement. This would also be true of displaying source code in a movie. If you cannot really read it it probably isn't. But if you can, and a significant portion is displayed, there should be proper attribution in the credits at least like:
"Some source code displayed in this movie was obtained from the nmap software package at http://insecure.org/"
No. This is stupid. By claiming to revoke any particular user's right based on political reasons is not consistent with the ideals of the Free Software movement. The nmap people are no better than SCO in this respect. This is precisely the kind of ammunition that the SCO Group can use to lend creedence to their claims. It can be used as just another split-hair to make it look like their being defensive.
They made the system flexible, that flexibility got them into some trouble, and it's also what got them out of it.
To be honest the whole problem sounds a little... well dumb. Basically they got ENOSPC so the system sat there rebooting itself. I'm a little surprised they missed this scenario. I didn't get the impression they have some kind of "safe-mode" coded in. That would stop the system from trying to perform the errant operation over and over. Also, you could have a "panic" path that resets and deletes whatever it can (ignoring errors along the way) to restore the system to a known minimalistic working configuration and then reboot. Or make a little change everytime you panic so there's at least a chance the system will wiggle it's way out of a faulty cycle.
Subject: [linux-elitists] Microsoft goes after Linux kernel downloaders? Date: Mon, 16 Feb 2004 20:15:28 -0600
I went trolling, and it seems I caught the biggest fish of them all.
When the story about the MS leak appeared on Slashdot this past week, I thought I'd have a bit of fun. A post entitled "Kernel source here," which pointed to a torrent of Linux 2.6.2, was all it took to hook about a thousand would-be NT and 2000 source downloaders.
"You can find the build applications and such with Google already."
I trickled the torrent out at about 1k/s for the first few hours, then let it go full-speed once we'd crossed over 600 active participants. Let 'em all have the punchline at once.
Imagine my surprise when my DSL stops working this morning, I call my provider, and I learn that I've been accused of copyright infringement. I argued that I was doing absolutely nothing wrong, and they turned service back on. After I asked to see the accuser's email, they forwarded the below. Sure enough, it's a bona fide valentine from MS Legal:
J.K. Weston
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052
jkweston@microsoft.com
Tel: (425) 703-5529
14 Feb 2004
URGENT/IMMEDIATE ATTENTION REQUIRED
VIA ELECTRONIC MAIL
[My ISP]
Re: NOTICE OF POTENTIAL UNLAWFUL DISTRIBUTION OF MICROSOFT SOURCE
CODE AT: [one of my IPs]
Date of Infringement: Detail below.
Dear [My ISP]:
We have received information that one of your users as identified
above by the SITE/URL [My IP] may have engaged in the unlawful
distribution of Microsoft's source code for Windows 2000, and/or
Windows NT4, by distributing and offering for download these source
code files via a peer-to-peer network.
Since you own this IP address, we request that you take appropriate
action against the account holder under your Abuse Policy/Terms of
Service Agreement.
The IP they chose wasn't the tracker, it was a system participating as a torrent peer. This makes me wonder if there are a thousand other P2P Linux 2.6.2 downloaders enjoying MS' Feb 14 love.
Now, admittedly I was just asking for it by hinting at something that might offend the big giant. Still, it took them three or four days to issue this letter. In the meantime, shouldn't they have been able to find someone capable of cracking open a.tar.bz2? Did nobody raise the question of how a leaked CD fits into a 32m file? ___________________________________________ ____
Excuse me but this actually sounds pretty good. This "containers" thing permits running hundreds of virtual machines on one host (and not a moment too late as that idea is becoming a very popular -- I have a VPS runing UML and it's very snappy). The DTrace utility sounds nice although I probably shouldn't say that considering I've never tried it. And they're going to run Opteron and claim that they can beat the Linux benchmarks. I don't know about you but I wouldn't mind having an Opteron box running Solaris 10.
But what percentage are used for business purposes. 3% would suggest that 3 in 100 are Linux. I don't see any Linux desktops at my company. There are quite a few Linux servers but no desktops here.
Nobody wants to see some small company in Norway get control over the browser market.
Why is this modded "Insightful". The OP just said Opera followed the standards better than Mozilla. Quite frankly I'm getting a little tired of this "it ain't free" crap. How much money are we taking about? If you're a small company that uses webapps for everything from email to inventory you might want the best.
Slashdot Mirror
However, that's going to change. There is already support for RPC security when using NFSv4 in Linux 2.6.
Unfortunately NFS sucks [1]. If I go to someone's house can I mount an NFS export as easily as I can an SMB share? No, because the UID/GIDs don't match up. SMB keys on usernames.
[1] In truth SMB sucks too because of the many layers of protocol.
The last comment in the cited Wikipedia entry has some timing issues:
"Recently, the project was delayed 24 hours."
make Java easier to install on Linux
Uh, what's so hard about unrolling a tar-ball and setting the JAVA_HOME environment variable?
Is mplayer plugin supposed to have audio?
Given the lack of originality in naming it should't be too difficult to think up a new name ...
:)
Windux
Windonux
MicroLinuxSoft
Dude, it's close enough. Tag, watermark, what's the difference?
The difference is if it where a watermark you wouldn't see it. A watermark is information that is non-destructively encoded with the target data. If the recipient's name is just prefixed in some header that is not a watermark. Presumably it could be overwritten to obscure it whereas a watermark could not be removed without destroying the original data.
Imagine the potential antitrust suit if Java wasn't there to compete against dot Net.
So what you're saying is if Sun goes away so does Java?
..Microsoft wins again.
Think about it; think about how little $2B is to MS, compared to 10 years with no harassment from Sun.
Huh? Two billion dollars is 20% of their anual net income.
If you should need to recompile your Red Hat kernel do not try to install the raw kernel source from kernel.org. Red Hat and other distributions require that they use their versions of kernels specifically taylored to their distribution. For Red Hat, install the kernel-.src.rpm (note that this is different from the kernel-source package) and look at the file /usr/src/redhat/SPECS/kernel-2.4.spec. At the top of this file you will see something like the following:
Summary: The Linux kernel (the core of the Linux operating system)
# What parts do we want to build? We must build at least one kernel.
# These are the kernels that are built IF the architecture allows and
# no contrary --with/--without arguments are given on the command line.
%define buildup 1
%define buildsmp 0
%define buildBOOT 0
%define buildenterprise 0
%define builddebug 0
%define buildjensen 0
%define buildtape 0
%define buildBOOTtape 0
Change all of the 1's to 0's leaving a 1 for only the kernel version you wish to build. The above listing shows the modified spec file for building the uni-processor kernel. Now build with an appropriate target option like:
# rpm -bb --target i686 SPECS/kernel-2.4.spec
If you do not do this, RPM will attempt to build multiple kernel versions. Usually it is only necessary to build one kernel specifically targeted for your machine. Building all of the kernels defined in the default kernel.spec will take many hours even on a fast machine. When the build is complete there should be an RPM in the RPMS/i686 directory (or the directory for the specified target) that can be installed with:
# rpm -Uvh RPMS/i686/kernel-2.4.20-28.7.i686.rpm
Now can someone explain how to run make xconfig beforehand?
This is the highest building in town. In a day of disaster people gothered on the roof of this builing and have been looking at a beautiful shining above Atomic Plant. This was the shinning of radiation.
Why do people think making something Open Source is unanimously good? Indeed, in this case I think Open Sourc-ing Java would be a bad move. Java has a slew of sattelite ecosystems and things that are portrayed as "technologies" themselves. I think Java desperately needs a backbone on which those entites can rely on for stability. In fact I think this is why Java is a little too popular. Now days you cannot get a Java project without being required know J2EE, JNDI, JABC, JDEF, JJJ, and fifteen other acronyms. The whole thing has become an exercise in marketing. Now factor in the coup de gras of different permutations created by Open Source people and you're thuroughly confusing the situation.
Incedentally, isn't it strange how the Java API can evolve so much and yet despite the holes in POSIX no one has even considered changing it.
Nonsense. What a waste of resources. Also, you clearly don't know what it really costs. What would you rather have - a 2.5 GHz Wintel Dell workstation ($399 deal right now) or one of these which will probably cost more when you get a case and memory and a disk....?
How about that Gecko think, I never liked him any way.
I thought they had a contest to name him and arrived at "Geeko".
...is this really /. front page news? This came out on the FreeBSD mailing list 36 hrs ago.
./ to report the problem. Also it's good to wait about 36 hours or so for the fix to go through the motions as the sudden intrest rattles free other problems.
Yes. Most of us are not on the FreeBSD mailing list. Instead we wait for the more mainstream outlets like
Given Theo's past attitude of "it's not important to me so it's not important to OpenBSD." Though his goal always seemed self-serving e.g. "I write it for myself and if others use it, fine," it's good to see that he is opening his mind to the one area OpenBSD is severly lacking.
Well SMP is not important for file server (e.g. HTTP servers). If you look at a lot of the low end machines these days they're single processor. It's just not that compelling to have multiple CPUs in a file server anymore. CPUs are much faster than they need to be to do whatever they do between I/O.
It could use some desktop polish (though I only use it for firewalls and servers since I only use it at home), SMP is the gaping hole in OpenBSD's offering.
Are we talking about the same operating system? I'm talking about the one leading netcraft uptime stats. Why would you desicrate a wonderful pure blood OS with a d-d-d-d-desktop?
Good. IFAIC the best possible scenario is for TCPA to succeed enough for it to be used to sign code and implement security useful to consumers but for DRM to fail which according to you it will because of the complexity of negotiation between TCPA-enabled hardware. Then again, I think you might be right that TCPA will not survive without DRM.
As usual there are many comments about how Microsoft is taking over your bios. Just because your laptop has a security device in it (my thinkpad does) doesn't mean Microsoft is going to gain control over your machine. People frequently speak about TCPA and DRM as if they refer to the same thing because TPCA is prerequisite for DRM. That is NOT true.
... too bad. You won't be able to rip that DVD or burn or fry or copy whatever. Last I heard it *was* illegal. Get out and play frisbee instead. Write your own music. Build a toy car with your kid.
TPCA just means the motherboard has some hardware for generating and possibly storing cryptographic keys. There might also be some secure memory and other things that assist with performing security critical computing on a PC without someone deciphering the keys or reading private data or media directly from memory. It is a feature that should probably be considerd good particularly for people who wish to use such a computer for monitary transactions or other highly secure communications.
Digital Rights Management has to do with delivering media to a PC in a way that restricts the user from decoding and copying it as it is displayed on the target output device. TCPA would be necessary to do this but that is incedental (but not coincidental).
People think TCPA and DRM equates to the consumer loosing control of their computers. In some cases this will be true. Your employer could lock down your workstation tight as drum so you can't install that scewball program. But the TCPA hardware is just another couple of chips on the board. How keys are managed and how the secure memory is accessed is understood. I believe there's a GPL driver for the security chip in my Thinkpad T30. As for DRM, well
Since NMAP source is GPL, does it's inclusion in Battle Royale make the movie a derivative work and therefore also subject to the GPL?
Can a movie scan my servers for vulnerbilities? If not, then the movie is not a derived work of any software that does.
However, you cannot copy someone's writing verbatum without atttributing it properly. If you published this comment in a book and claimed it was your own, that would be copyright infringement. This would also be true of displaying source code in a movie. If you cannot really read it it probably isn't. But if you can, and a significant portion is displayed, there should be proper attribution in the credits at least like:
"Some source code displayed in this movie was obtained from the nmap software package at http://insecure.org/"
Mike
Fyodor does what the Samba team SHOULD HAVE done.
No. This is stupid. By claiming to revoke any particular user's right based on political reasons is not consistent with the ideals of the Free Software movement. The nmap people are no better than SCO in this respect. This is precisely the kind of ammunition that the SCO Group can use to lend creedence to their claims. It can be used as just another split-hair to make it look like their being defensive.
Great! I should be able to pick up a lot of unpurchased mp3s at a great price. They're probably going for like $2.
They made the system flexible, that flexibility got them into some trouble, and it's also what got them out of it.
... well dumb. Basically they got ENOSPC so the system sat there rebooting itself. I'm a little surprised they missed this scenario. I didn't get the impression they have some kind of "safe-mode" coded in. That would stop the system from trying to perform the errant operation over and over. Also, you could have a "panic" path that resets and deletes whatever it can (ignoring errors along the way) to restore the system to a known minimalistic working configuration and then reboot. Or make a little change everytime you panic so there's at least a chance the system will wiggle it's way out of a faulty cycle.
To be honest the whole problem sounds a little
Don't know if you were joking, but
.tar.bz2? Did nobody raise the_ ____
It's no joke:
Subject: [linux-elitists] Microsoft goes after Linux kernel downloaders?
Date: Mon, 16 Feb 2004 20:15:28 -0600
I went trolling, and it seems I caught the biggest fish of them all.
When the story about the MS leak appeared on Slashdot this past week,
I thought I'd have a bit of fun. A post entitled "Kernel source here,"
which pointed to a torrent of Linux 2.6.2, was all it took to hook
about a thousand would-be NT and 2000 source downloaders.
"You can find the build applications and such with Google already."
I trickled the torrent out at about 1k/s for the first few hours, then
let it go full-speed once we'd crossed over 600 active
participants. Let 'em all have the punchline at once.
Imagine my surprise when my DSL stops working this morning, I call my
provider, and I learn that I've been accused of copyright
infringement. I argued that I was doing absolutely nothing wrong, and
they turned service back on. After I asked to see the accuser's email,
they forwarded the below. Sure enough, it's a bona fide valentine from
MS Legal:
J.K. Weston
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052
jkweston@microsoft.com
Tel: (425) 703-5529
14 Feb 2004
URGENT/IMMEDIATE ATTENTION REQUIRED
VIA ELECTRONIC MAIL
[My ISP]
Re: NOTICE OF POTENTIAL UNLAWFUL DISTRIBUTION OF MICROSOFT SOURCE
CODE AT: [one of my IPs]
Date of Infringement: Detail below.
Dear [My ISP]:
We have received information that one of your users as identified
above by the SITE/URL [My IP] may have engaged in the unlawful
distribution of Microsoft's source code for Windows 2000, and/or
Windows NT4, by distributing and offering for download these source
code files via a peer-to-peer network.
Since you own this IP address, we request that you take appropriate
action against the account holder under your Abuse Policy/Terms of
Service Agreement.
The IP they chose wasn't the tracker, it was a system participating as
a torrent peer. This makes me wonder if there are a thousand other
P2P Linux 2.6.2 downloaders enjoying MS' Feb 14 love.
Now, admittedly I was just asking for it by hinting at something that
might offend the big giant. Still, it took them three or four days to
issue this letter. In the meantime, shouldn't they have been able to
find someone capable of cracking open a
question of how a leaked CD fits into a 32m file?
__________________________________________
Excuse me but this actually sounds pretty good. This "containers" thing permits running hundreds of virtual machines on one host (and not a moment too late as that idea is becoming a very popular -- I have a VPS runing UML and it's very snappy). The DTrace utility sounds nice although I probably shouldn't say that considering I've never tried it. And they're going to run Opteron and claim that they can beat the Linux benchmarks. I don't know about you but I wouldn't mind having an Opteron box running Solaris 10.
[disclaimer: I have 50 shares of SUNW]
But what percentage are used for business purposes. 3% would suggest that 3 in 100 are Linux. I don't see any Linux desktops at my company. There are quite a few Linux servers but no desktops here.
Nobody wants to see some small company in Norway get control over the browser market.
Why is this modded "Insightful". The OP just said Opera followed the standards better than Mozilla. Quite frankly I'm getting a little tired of this "it ain't free" crap. How much money are we taking about? If you're a small company that uses webapps for everything from email to inventory you might want the best.