There was a lot of interest in systrace a couple of years ago. It is supposed to provide very fine-grained control. I haven't played with it myself. I dunno if any mainstream distros have picked it up.
A slightly more fine grained version of suid/sgid would be good enough (provided that the sysadmin/user/distro can be bothered to set it all up), I usually set all my devices to certain groups so that I can lockdown the devices from the deamons, and it's a bit of a pain maintaining the settings when the distro doesn't bother setting them up in the first place. If someone would wrap the whole lot up nicely and provide some good tools for managing it people wouldn't have to trade off security for being assed to sort it out quite so much... Maybe they could use xml;-}
you can probably arrange that using pam and some goofie permissions, Linux does have a severe lack of fine grained permissions, but that's probably for the same reason as the configuration files not being in XML. (e.g. I'd like to be able to sandbox applications more and provide hierarchical groups).
I'm very surprised no-one has risen to the task yet, it would certainly make Linux head and shoulders above the rest when it comes to security, and that's uba kudos.
won't this cause a situation where you now need to upgrade several libraries to keep your applications working
Yes, that's called the current situation, the reason for moving an XML parser into glibc is so that those 'several libraries' (and the kernel) can also use it, keeping you dependencies down.
glibc contains code for reading fstab, so to move fstab into xml glibc would need to include an xml parser it doesn't have to be a bells and whistles parser, just good enough to replace whatever they use for reading fstab &co. at the moment.
So, given the severity of the issues that could be caused by changing a base library I have to recompile my system whenever the base library changes significantly, and there's no reason why you couldn't keep legacy support enabled for a few years.
Hmm.. I not so sure, Apple vendor lockings seem to be a lot tighter than Microsofts (Microsoft already has judgements against them because of vendor lockins that require them to release protocol and API details)
When you start putting spaces in filenames, it isn't unix anymore.
Well, I was using it to remount Program Files in my.wine, but that's besides the point. What happens when I want to use Japaniese, do I also have to segv because Japaniese isn't Unix?
Yes, because the existing mess is standard compliant (POSIX).
I would say that XML is a more robust standard that has been designed to manage data in a way that is highly suitable for configuration files especially when compaired to the existing POSIX standard been used for the majority? of configuration files. There are also a huge variety of tools for processing and validating XML and a large number of standards (such as XSD and XSL) built around XML that are also usefull for processing and validation. XPath is better than Awk for processing configuration files (ref your fstab example) and to date I do not know of a standard for defining and validating POSIX configuration files.
That doesn't mean that you can't write a crap configuration file in XML, but it does make it easier to pick through and parse someones crap configuration file.
If most existing configuration files are already in POSIX standard then I would expect that the POSIX standard is nothing more than, place your name at the top of the file, do what you like with the rest of it.
That won't work for paths that contain spaces, vanilla gentoo will choke on shutdown if you have spaces in your fstab file because they use a similar awk command.
You need a better argument than "XML is standards compliant". Do I?
Well, it depends on where and how you define 'greed', the RIAA wanting to charge x for songs is also common business sense, now if Britney Spears living in a luxury mansion seems a little excessive for here talent then it's greed, if not then it's not greedy I suppose.
The balance of Apple greed vs RIAA greed lies somewhere between Jobs living in a luxury mansion and Britney living in a luxury mansion.
I would say 'greed' is having more than you require, I would expect that Jobs paypacket is more than anyone could spend (except maybe my girlfriend on shoes) so that makes him greedy in my books, the same goes for Britney.
Well, I think preventing Mac clones comes under the flag of 'greedy' and not 'control freak', Jobs is a good business man and like with most good business men it's money that makes the world go around.
I'd like choice too but I'm not siding with Real on this one., nore am IK, I'm, siding against Apple from more-or-less forcing vendor lockin. (I know that there are OGG and MP3's available from a few vendors, but the ones that advertise: the ones that Joe Sixpack will use all come +DRM)
The music industry does not pay the bandwidth cost of the iTunes Music Store. Apple pays for that from the profits generated from iPods sold.
I don't see what that has to do with anything? I pay for the petrol to go to the mall and back again, woopie woo. (and before you call me a car champion I actually walk to the shops, but it was the only car analogy I could think of)
Why are you championing Real.
Personally I'd be very happy if DRM vanished tomorrow (I'm not going to buy anything with DRM unless I have to e.g. to reverse engineered it) and I'm certainly no champion of Real.
Having said that Real didn't brake anything, they 'mealy' reverse engineered Fairplay DRM so that they could release music that was crippled with Fairplay DRM that people could play on an IPod.
I am a champion of choice and a champion of anything that breaks vendor lockins (and that include people buying music from live acts in pubs instead of RIAA junk). Maybe if the RIAA had competition then you'd start to see prices dropping and some 'singer?' dancer moving out of there $Million mansion.
Well, some of them. It would probably be a good idea to allow the code to be compiled in 'compatability' mode or 'standards' mode so that systems could switch as and when required.
That would allow small or new users of the software to adapt their configurations while still allowing dinsours to roam the earth.
It took me a few months to switch from devf to udev but it took Gentoo about a year to do the switch with all the configuration changes that were required for a distribution as apposed to an individual user. But they did switch and in the end there's a better system that every one can use. It's also tends to be far easier + less code to access configuration information stored in XML (with something like xmlstarlet) than it is to access data in a ad-hoc file format, and the transition is fairly streight forward.
e.g. to select the spec of the moutpoint/usr in a BASH script you could use something like...
foo=`xml sel -t -m "/fstab/filesystem[@file='/usr']" -v "@spec" -f=/etc/fstab`
Why deny people a standards compliant OS for the sake of some crappy awk grep scripts...
And this come from the man that prevents ITunes music from running on anything other that an IPod and prevents Real from releasing DRMed music for the IPod.
Next he'll be saying that the movie industry is charging too much for all the product placement.
So, your worst case scenario is that the schema is just as bad as the current situation. If that's the case then chances are it's going to be better than the current situation.
Sure XML remains inappropriate for many tasks, but I'm not sure why you think it's not appropriate for configuration files, maybe your not upto scratch with XML, XDS, XSL etc...?
You say look at Jabber or Tomcat, I say look at apache, fstab, all the hacks in KDE configuration files in an attempt to make ini files something their not etc.... Sure XLM isn't going to replace.bashrc or init(some people have tried!) but if it replaced 80% or/etc or/usr/kde/share/foo then I expect most peoples lives would be so much easier.
e.g. If people were using XML you could for install xmlstart and run "xml val foo.xsd foo.xml" and your configuration would be verified. This is infinitely better than/etc/init.d/foo restart... oh shit, the configuration file's bad and the service didn't restart. and of couse the huge list of benifits xml has over 'well I just plukked a format out of the air and used that for my configuration files' goes on and on....
I hope this isn't just personal preference but I wish people would start to refer to themselves as customers and not consumers. Doing so often highlights some of the injustices that companies are getting away with by treating people like numbers and not people.
I also think it's kinda funny that the RIAA started using the word 'Artist' instead of 'Musician', I guessing it's because half of their acts are just miming dancers and don't make any music at all.
I though 'Artist Suggesting Ways Around Copy Protection' was going to be about people forging paintings or banknotes, sadly not.
I think loser pays is ok, so long as they only have to pay double their costs. i.e. If Microsoft spends $10 million on lawyers and you represent yourself, if you loose you end up paying nothing.
I always though that the reason injecting water as droplets works is because the oil will cover the outside of the water droplet, increasing the overall fuel / air surface area.
So, your counting the USA as a non-developed nation?
I suppose that's fair, depending on what you mean be developed, since the USA has only been around a few hundred years and most European nations are a lot older than that.
It's also fair to note that Catholic nations / groups have a higher birth rate because the pope denounces contraception.
It may also be that the people are more affluent because they had fewer children to split their money between, a family with one child has a lot more spaire cash than a family with ten children.
Most books are printed on wood pulp paper. Wood pulp paper is slightly acid (the process uses sulphur dioxide) so the book will start to crumble appart after a few years of usage, I'm not quite sure how quickly they degrade, but from some experience 75 years seems to be pushing it. (I've had books a lot younger fall appart like they were moth eaten).
Older books (pre UN drug treaty) were printed on hemp paper and can last hundreds of years without too many problems.
I've used match to prove that a fault wasn't just down to noise or running 12 AM - 12 AM instead of 12 AM to 11:59PM. It didn't help fix the fault, but it did prove that the fault was real. I also used math to show that the error was less than 5% so the results were still statistically significant even if they weren't 100% accurate.
Sure, so anyone can derive a bubble sort but they generally use this kind of bubble sort.
for x = 0 to 10 for y = 0 to 10
(Mathematically the sort is of the order x^2)
But with a bit of match knowledge you can do this kind of bubble sort
for x = 0 to 10 for y = x to 10
Which is of order (x * (x + 1)) / 2 almost twice as quick, just with a little maths.
Now how many programmers who don't know maths would be able to derive a quick/heap/merge sort from a binary search using first principles? A quick sort has an order around log2(x) * x which is usually many orders of magnitude quicker than a bubble sort.
And that's just something simple like a sort, for instance could you write a good hashing algorithm for a hash table?
Programmers who know maths are more often then not going to write faster, less buggy code and are capable of proofing why there code is faster, and less buggy.
Slashdot Mirror
There was a lot of interest in systrace a couple of years ago. It is supposed to provide very fine-grained control. I haven't played with it myself. I dunno if any mainstream distros have picked it up.
;-}
A slightly more fine grained version of suid/sgid would be good enough (provided that the sysadmin/user/distro can be bothered to set it all up), I usually set all my devices to certain groups so that I can lockdown the devices from the deamons, and it's a bit of a pain maintaining the settings when the distro doesn't bother setting them up in the first place. If someone would wrap the whole lot up nicely and provide some good tools for managing it people wouldn't have to trade off security for being assed to sort it out quite so much... Maybe they could use xml
more flexible file permissions
google acl.
needing root to listen on certain ports
you can probably arrange that using pam and some goofie permissions, Linux does have a severe lack of fine grained permissions, but that's probably for the same reason as the configuration files not being in XML. (e.g. I'd like to be able to sandbox applications more and provide hierarchical groups).
I'm very surprised no-one has risen to the task yet, it would certainly make Linux head and shoulders above the rest when it comes to security, and that's uba kudos.
RAM to validate and then process it
You appear to be unfamiliar with the difference between sax and dom.
won't this cause a situation where you now need to upgrade several libraries to keep your applications working
Yes, that's called the current situation, the reason for moving an XML parser into glibc is so that those 'several libraries' (and the kernel) can also use it, keeping you dependencies down.
glibc contains code for reading fstab, so to move fstab into xml glibc would need to include an xml parser it doesn't have to be a bells and whistles parser, just good enough to replace whatever they use for reading fstab &co. at the moment.
So, given the severity of the issues that could be caused by changing a base library
I have to recompile my system whenever the base library changes significantly, and there's no reason why you couldn't keep legacy support enabled for a few years.
Hmm.. I not so sure, Apple vendor lockings seem to be a lot tighter than Microsofts (Microsoft already has judgements against them because of vendor lockins that require them to release protocol and API details)
When you start putting spaces in filenames, it isn't unix anymore.
.wine, but that's besides the point. What happens when I want to use Japaniese, do I also have to segv because Japaniese isn't Unix?
Well, I was using it to remount Program Files in my
Yes, because the existing mess is standard compliant (POSIX).
I would say that XML is a more robust standard that has been designed to manage data in a way that is highly suitable for configuration files especially when compaired to the existing POSIX standard been used for the majority? of configuration files. There are also a huge variety of tools for processing and validating XML and a large number of standards (such as XSD and XSL) built around XML that are also usefull for processing and validation. XPath is better than Awk for processing configuration files (ref your fstab example) and to date I do not know of a standard for defining and validating POSIX configuration files.
That doesn't mean that you can't write a crap configuration file in XML, but it does make it easier to pick through and parse someones crap configuration file.
If most existing configuration files are already in POSIX standard then I would expect that the POSIX standard is nothing more than, place your name at the top of the file, do what you like with the rest of it.
awk '/usr/ {print $1}'
That won't work for paths that contain spaces, vanilla gentoo will choke on shutdown if you have spaces in your fstab file because they use a similar awk command.
You need a better argument than "XML is standards compliant".
Do I?
Well, it depends on where and how you define 'greed', the RIAA wanting to charge x for songs is also common business sense, now if Britney Spears living in a luxury mansion seems a little excessive for here talent then it's greed, if not then it's not greedy I suppose.
The balance of Apple greed vs RIAA greed lies somewhere between Jobs living in a luxury mansion and Britney living in a luxury mansion.
I would say 'greed' is having more than you require, I would expect that Jobs paypacket is more than anyone could spend (except maybe my girlfriend on shoes) so that makes him greedy in my books, the same goes for Britney.
Well, I think preventing Mac clones comes under the flag of 'greedy' and not 'control freak', Jobs is a good business man and like with most good business men it's money that makes the world go around.
I'd like choice too but I'm not siding with Real on this one., nore am IK, I'm, siding against Apple from more-or-less forcing vendor lockin. (I know that there are OGG and MP3's available from a few vendors, but the ones that advertise: the ones that Joe Sixpack will use all come +DRM)
The music industry does not pay the bandwidth cost of the iTunes Music Store. Apple pays for that from the profits generated from iPods sold.
I don't see what that has to do with anything? I pay for the petrol to go to the mall and back again, woopie woo. (and before you call me a car champion I actually walk to the shops, but it was the only car analogy I could think of)
Why are you championing Real.
Personally I'd be very happy if DRM vanished tomorrow (I'm not going to buy anything with DRM unless I have to e.g. to reverse engineered it) and I'm certainly no champion of Real.
Having said that Real didn't brake anything, they 'mealy' reverse engineered Fairplay DRM so that they could release music that was crippled with Fairplay DRM that people could play on an IPod.
I am a champion of choice and a champion of anything that breaks vendor lockins (and that include people buying music from live acts in pubs instead of RIAA junk). Maybe if the RIAA had competition then you'd start to see prices dropping and some 'singer?' dancer moving out of there $Million mansion.
Well, some of them. It would probably be a good idea to allow the code to be compiled in 'compatability' mode or 'standards' mode so that systems could switch as and when required.
/usr in a BASH script you could use something like...
That would allow small or new users of the software to adapt their configurations while still allowing dinsours to roam the earth.
It took me a few months to switch from devf to udev but it took Gentoo about a year to do the switch with all the configuration changes that were required for a distribution as apposed to an individual user. But they did switch and in the end there's a better system that every one can use.
It's also tends to be far easier + less code to access configuration information stored in XML (with something like xmlstarlet) than it is to access data in a ad-hoc file format, and the transition is fairly streight forward.
e.g. to select the spec of the moutpoint
foo=`xml sel -t -m "/fstab/filesystem[@file='/usr']" -v "@spec" -f=/etc/fstab`
Why deny people a standards compliant OS for the sake of some crappy awk grep scripts...
And this come from the man that prevents ITunes music from running on anything other that an IPod and prevents Real from releasing DRMed music for the IPod.
Next he'll be saying that the movie industry is charging too much for all the product placement.
And Mozzila is ? old? I'm fairly sure that I was using a version of Mozzila at least five years ago.
So, your worst case scenario is that the schema is just as bad as the current situation.
If that's the case then chances are it's going to be better than the current situation.
Well I'm busy at the moment but I'm sure I can fit in converting a few apps to xml (possibly with XSD that contain documentation for the xml format)
I'd also like to standatdize command lines:
e.g.
cc if=
patch -i
tar -f
All do the same thing (take a file as input), so why do they have difference command lines?
and even the simple things like --help or what happens when there's no command like input are a horrible mishmash of air plucked foo.
Sure XML remains inappropriate for many tasks, but I'm not sure why you think it's not appropriate for configuration files, maybe your not upto scratch with XML, XDS, XSL etc...?
.bashrc or init(some people have tried!) but if it replaced 80% or /etc or /usr/kde/share/foo then I expect most peoples lives would be so much easier.
/etc/init.d/foo restart ... oh shit, the configuration file's bad and the service didn't restart. and of couse the huge list of benifits xml has over 'well I just plukked a format out of the air and used that for my configuration files' goes on and on....
You say look at Jabber or Tomcat, I say look at apache, fstab, all the hacks in KDE configuration files in an attempt to make ini files something their not etc.... Sure XLM isn't going to replace
e.g. If people were using XML you could for install xmlstart and run "xml val foo.xsd foo.xml" and your configuration would be verified. This is infinitely better than
I hope this isn't just personal preference but I wish people would start to refer to themselves as customers and not consumers. Doing so often highlights some of the injustices that companies are getting away with by treating people like numbers and not people.
I also think it's kinda funny that the RIAA started using the word 'Artist' instead of 'Musician', I guessing it's because half of their acts are just miming dancers and don't make any music at all.
I though 'Artist Suggesting Ways Around Copy Protection' was going to be about people forging paintings or banknotes, sadly not.
Then I wish he'd put a XML parser into glic so that no-one has an excuse for not using XML for configuration files and for data export / import.
I think loser pays is ok, so long as they only have to pay double their costs. i.e. If Microsoft spends $10 million on lawyers and you represent yourself, if you loose you end up paying nothing.
I always though that the reason injecting water as droplets works is because the oil will cover the outside of the water droplet, increasing the overall fuel / air surface area.
So, your counting the USA as a non-developed nation?
I suppose that's fair, depending on what you mean be developed, since the USA has only been around a few hundred years and most European nations are a lot older than that.
It's also fair to note that Catholic nations / groups have a higher birth rate because the pope denounces contraception.
It may also be that the people are more affluent because they had fewer children to split their money between, a family with one child has a lot more spaire cash than a family with ten children.
Most books are printed on wood pulp paper. Wood pulp paper is slightly acid (the process uses sulphur dioxide) so the book will start to crumble appart after a few years of usage, I'm not quite sure how quickly they degrade, but from some experience 75 years seems to be pushing it. (I've had books a lot younger fall appart like they were moth eaten).
Older books (pre UN drug treaty) were printed on hemp paper and can last hundreds of years without too many problems.
I've used match to prove that a fault wasn't just down to noise or running 12 AM - 12 AM instead of 12 AM to 11:59PM. It didn't help fix the fault, but it did prove that the fault was real. I also used math to show that the error was less than 5% so the results were still statistically significant even if they weren't 100% accurate.
Sure, so anyone can derive a bubble sort but they generally use this kind of bubble sort.
for x = 0 to 10
for y = 0 to 10
(Mathematically the sort is of the order x^2)
But with a bit of match knowledge you can do this kind of bubble sort
for x = 0 to 10
for y = x to 10
Which is of order (x * (x + 1)) / 2
almost twice as quick, just with a little maths.
Now how many programmers who don't know maths would be able to derive a quick/heap/merge sort from a binary search using first principles? A quick sort has an order around log2(x) * x which is usually many orders of magnitude quicker than a bubble sort.
And that's just something simple like a sort, for instance could you write a good hashing algorithm for a hash table?
Programmers who know maths are more often then not going to write faster, less buggy code and are capable of proofing why there code is faster, and less buggy.