Author: JT Smith
Category:
Author: JT Smith
Category:
Author: JT Smith
2.4.4-ac4
o Fix future domain scsi (Carlo Prelz)
o Merge Linux 2.4.5pre1
o Fix ipx without sysctl compile (Pavel Roskin)
o Revert fork changes to match Linus 2.4.5pre1
o Drop the threaded core dump code
| It can go back in when it works
o Drop pa-risc work – it’ll be easier to resync
just once as pa has moved on a lot
o Add spin_lock_prefetch to get_empty_inode (me)
| Experimenting
o Kbuild has moved (Keith Owens)
o Update kernel docs on memory barriers (Rusty Russell)
o Move es1370 pci_enable and do some cleanup (Marcus Meissner)
o Fix netfilter overuse of __exit (Rusty Russell)
o Fix alpha build bug (Michal Jaegermann)
o Fix tigon1 build (Olivier Galibert)
o Fix tmpfs deadlocks writing into a file from
an mmap of itself (Christoph Rohland)
o Fix missing (but harmless) return in vmtruncate (Al Viro)
2.4.4-ac3
o Fix hang on boot with SMP (Andrea Arcangeli)
| and fixes a few more uglies too
o freevxfs module name was wrong (should be
freevxfs.o) (me)
o Update alloc_etherdev docs (Erik Mouw)
o Remove dead funcs, put back ip_set_manually
in the ipconfig code (David Miller, Arnaldo Carvalho de Melo)
o Fix SA_ONSTACK standards violation (for x86) (Christian Ehrhardt)
| Other arch maintainers should check.
o Add another species of SB AWE 32 (Bill Nottingham)
o SE401 USB camera driver (Jeroen Vreeken)
o Correct MAX_HD and make stuff static in ps2esdi (Hal Duston)
o Fix inode-nr corruption (Al Viro)
o Fix pgd_alloc for user mode linux (Jeff Dike)
o Fix UML hostfs for get_hardsect_size (Jeff Dike)
o Tidy up APM options setting, add module opts (Stephen Rothwell)
o Fix acm open race (Oliver Neukum)
o Further bounce buffer fixes (Arjan van de Ven)
o ACPI updates (Andrew Grover)
o Move pci_enable_device earlier on via audio (Arjan van de Ven)
Category:
Author: JT Smith
What this means is that unless a knowledgeable sysadmin has taken
explicit action to prevent it, any 15-year-old who can copy code off
the
Internet can use Microsoft’s IIS to bypass your firewall, bypass your
password system, and gain administrator-level access to the machine
that hosts your webserver. They can inspect, alter or delete files at
will no matter how you have them secured. They can also use root-level
access to that machine as a springboard for attacks on other systems
inside your firewall.
A writeup on this latest in the apparently unending stream of gaping
holes in Microsoft’s security is at:
http://www.eeye.com/html/Research/Advisories/AD20010501.html.
This is about bad as it gets, folks. It’s a big, nasty problem even by
Microsoft’s security-bug-of-the-month standards.
At Craig Mundie’s anti-open-source sermonette in New York tomorrow (Thursday),
I hope someone will have the temerity to ask him a few simple
questions:
1. Should Microsoft’s record on security inspire confidence in
customers considering entrusting their digital identities to
Microsoft’s Hailstorm system and their critical business
data to .NET?
2. Even the most cursory inspection of sites that specialize in
tracking security bugs (such as CERT and BugTraq) suggests that
open-source operating systems such as Linux and the BSDs have
a far better security record than Microsoft Windows, both in
having fewer vulnerabilities and in more rapid deployment of
fixes. How does Microsoft propose to close the technology gap
and catch up to the quality level of these systems?
3. How can potential operating-system customers with millions
(perhaps billions) of dollars riding on the security of their
computer systems form a rational estimate of their exposure
if they cannot inspect the source code of those systems?
4. If the answer to question 3 is “You can see the source code if
you’re a big enough company to pay us for the privilege”, then why
should customers have to pay for the privilege of doing the job
Microsoft’s own QA teams so frequently bungle?
5. How would you respond to the following statement: “Any engineer or
executive who, disregarding best practices, entrusts
security-critical functions to closed-source software is committing
an actionable breach of their responsibility to their employer?”
If a thousand men were not to pay their tax-bills this year, that would
… [be] the definition of a peaceable revolution, if any such is
possible.
— Henry David Thoreau
Category:
Author: JT Smith
Author: JT Smith
Author: JT Smith
Author: JT Smith
Minutes of the GNOME Board meeting 1 May 2001 From: Daniel VeillardTo: foundation-announce@gnome.org Cc: foundation-list@gnome.org, gnome-hackers@gnome.org Date: Thu, 3 May 2001 05:50:02 -0400 Minutes of the GNOME Board meeting 1 May 2001 ============================================= Presents: ========= Havoc Pennington (chairing) Miguel de Icaza Raph Levien Daniel Veillard (minutes) Dan Mueth John Heard Owen Taylor Bart Decrem Maciej Stachowiak (:15) Missing: ======== Federico Regrets: ======== Jim Gettys Decisions: ========== - The board selected the Gnome-2.0 Release coordinators Martin Baulig and Sander Vesik, asking them to build the Release Team for Gnome-2.0 with the help of the others candidates - The GNOME Foundation membership proposal has been approved as the GNOME Membership Policy 1.0 Action Done: ============ ACTION: Bart will follow the 'small conferences' meeting and will report in one month => Rebecca will be the Conference Master for Gnome She will double check that Guadec 3 can be done in Spain ACTION: Maciej will post to Gnome-Hacker to get people stepping in as Gnome-2.0 coordinator. => done ACTION: Havoc make sure that we get the 2.0 volunteers and what need to get done to start the release coordinator work => done Action: ======= ACTION: Havoc send the AB list to the board looking for completion of the member liasons. => still pending ACTION: John try to get a Copyright assigment form and procedure for the GNOME Foundation Discussion: =========== - Fundation: not much to report, still some lawyer work needed. - Release coordinators: Martin Baulig, Sander Vesik, George Lebl, Chris Lahey, Jonathan Blandford, Peter Teichman and Dave Camp expressed interest in helping with the GNOME 2.0 release, according to the discussions and plans that came out of GUADEC. Also, Jody Goldberg wants to help on the office/apps part of it. We selected Martin Baulig and Sander Vesik to take the lead on building a Release Team and work with the folks who volunteered to put together a GNOME 2.0 release plan. This will include a listing of all the top-level tasks that need to be accomplished, along with preliminary due-dates for each of these and a full committee roster with specific responsibilities assigned to each team member. We'd like to see quick progress on this, and have at least the committee structure and responsibilities flushed out within 2 weeks. It is relatively clear that the work of doing the release coordination for GNOME 2.0 will be larger than what was needed for GNOME 1.4. We hope that Martin and Sander will be able build a strong team covering the various tasks needed, the following ones were listed (but the list is far from complete): - PR coordinator - documentation/QA coordinator - library freeze - porting - translation - UI freeze - Membership policy: The community had many opportunities to review it. There were no negative feedback. So we adopt the proposal as GNOME Membership Policy 1.0 Interesting points discussed: - we want the Gnome project to stay open to anybody who want to contribute to it - Opening to the ISV community is okay but people should not just use it but helping or contributing the project is still required to qualify. Daniel -- Daniel Veillard | Red Hat Network http://redhat.com/products/network/ veillard@redhat.com | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/
Category:
Author: JT Smith
The articles warned that Microsoft’s .NET product strategy was just a faint whisper of what Microsoft actually intends for the long-term. That strategy is to get the consuming public completely dependent (in one way or another) on Microsoft, and to have us pay for that privilege. Prior to .NET, Microsoft enjoyed a relatively unchallenged position in the browser and development tools product markets.”
Author: JT Smith
DTML course overview
The beehive DTML course is designed to describe all important
DTML-tags and their use in internet-applications. On the basis of
many practical examples, the participant can learn how to work out
solutions for tasks that an internet-developer is confronted with.
Each participant receives more than 40 pages of accompanying-material
that reflect the course-contents employing many practice-approach
examples, diagrams, and reference-tables. In that documentation about
Zope and DTML is somewhat limited, this collection of DTML
information is extremely valuable.
ZCLASS course overview
beehive’s ZClass course focuses its attention on the use of Zope
classes–so-called ZClasses. Using Zope’s ZClasses web-developers can
develop internet-applications without any knowledge about python.
Each participant gets extensive accompanying-material and a bound
copy of beehive’s ebook “ZClasses”.
beehive elektronische medien GmbH has written the book on Zope.
Three paper books to be published this Summer and four ebook
tutorials available from the website have made beehive’s reputation
in the Zope community, a community of well over the 10,000 members of
Zope.org. beehive has always made Zope education and publishing job
one. With the success of beehive’s Zope courses in Europe, North
America is the obvious next step.
For more information about beehive elektronische medien GmbH visit
the web site at www.beehive.de or either phone Berlin at +49 30 84 78
20 or Washington at +1 202 548 0410.
Contact:
beehive North America,
1231 Pennsylvania Ave, SE, Washington, DC 20003,
Contact: Chris Abraham, (202) 548-0410
cja@beehive.de http://www.beehive.de.
