From LinuxWorld.com: “In a further exploration of the Common UNIX Printing System (CUPS), the Geek tackles configuration — namely adding and managing printers, even unsupported ones, with CUPS’s Web-based interface.” Part 1 of this article is also available.

ZDNet News reports: “Vendors planning to implement the new Document Object Model standard issued by the World Wide Web Consortium earlier this month say the new standard includes additional capabilities for what has become a key driver of the eXtensible Markup Language (XML).”

“If someone puts a backdoor into Linux, someone will eventually find it. Once it is found, I can eliminate it, rebuild the kernel, and get back up and running safely within minutes. With Windows, verifying the existence of the backdoor is nearly impossible. And even if you could, eliminating it yourself would be equally difficult because you don’t have the source code to rebuild the kernel.” More at LinuxWorld.com.

From LinuxWorld.com: “In the second part of a two-part interview, Bob Young discusses the likelihood that Red Hat, which has not yet shown a profit, will continue funding programs like GNOME. He also says that individual members of the open source community have little in common, and draws contrasting pictures of himself and Eric Raymond.”

“Linux is mainstream. No, really. Everywhere I look, not only are Linux and open source equated, but the masses of punditry seem to be embracing it all with great fervor. This is a good thing; it’s just weird from my perspective because there’s so much more to open source software than Linux.” Complete article at ZDNet News.

“Topi Miettinen audited elvis-tiny and raised an issue covering the use and creation of temporary files. Those files are created with a predictable pattern and O_EXCL flag is not used when opening. This makes users of elvis-tiny vulnerable to race conditions and/or data lossage. This problem has been fixed in version 1.4-10 and we recommend that you upgrade your elvis-tiny packages immediately.” Full security advisory available at LWN.net.

Have you heard about the packaging system included with Debian? Are you at a loss to figure out how to actually use these new tools? Debian Planet’s users explain it all.

ZDNet’s Todd Spangler mulls over the latest developments with the online music sharing service: “EMusic President and Chief Executive Gene Hoffman, for one, believes Napster is being disingenuous. “It seems Napster would rather shut down user accounts than to deal directly with the problem of illegally distributed files,” Hoffman said. EMusic said it tried to negotiate a more “consumer-friendly way” to resolve the dispute between the two companies, but Napster refused to cooperate.””

“The Debian GNU/Linux xmcd package has historically installed two setuid helpers for accessing cddb databases and SCSI cdrom drives. More recently, the package offered the administrator the chance to remove these setuid flags, but did so incorrectly.” Full details at LWN.net.

The advisory is at LWN.net: The version of the ncurses library shipped with Debian GNU/Linux 2.2 is vulnerable to several buffer overflows in the parsing of terminfo database files.