Jan 7, 2007. That's the day that I finally decided to take the plunge and install Suse 10.2 on a spare 60GB drive that I installed in my P4/2.4GHz 512MB ram system. The install went as smoothly as any OS that I had ever loaded. I should have known that was a bad omen. Feb 6, 2007 System is now able to recognize the DVD part of the CD/DVD burner. I have had ample time to examine Suse's new (to me) way of doing things like the Yast Update system that sucks big time because it takes so long. Smart is much better. Mar 13, 2007 Have yet to get mplayerplugin to work with Firefox on any of the 3 Suse 10.2 boxes that I have installed it on. A 4th test system with Fedora Core 6 works perfectly. Wine is much improved over what I had been using before the changeover, but kmail lost some functionality and it's address book system has been screwed over. Media devices mount by the volume info which renders any software invalid that expects to see a fixed mount point. Yes, someone here posted a link to a workaround but my question is: why in Hell did Suse allow this bastardized code to make it into production in the first place? It shouldn't take a rocket scientist to figure out that the system should provide static mount points for a device, not the &%$#@ volume info of the media in it. I am 2 months into Suse 10.2 and I still do not have a polished system running as well as my old Suse 9.1 that I ran for over 2 years. Yes, I think that Suse's potential is there or I wouldn't still be using it. I have tried Ubuntu, Knoppix, FC-6 and Suse 10.2 and it looks like Suse is the most polished. If I cannot get past some of the "ease of use" issues that it presents, though, I may be forced to abandon Suse 10.2 and use another distro until such time as Suse gets it's act together. Fred -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Stevens wrote:
why in Hell did Suse allow this bastardized code to make it into production in the first place? It shouldn't take a rocket scientist to figure out that the system should provide static mount points for a device, not the &%$#@ volume info of the media in it.
IIRC this came in with 10.0, so it may be a bit late to complain now. ;) I think it's a consequence of the HAL automounting stuff, which is slick when it works. Unfortunately it doesn't always. Upgrading from 10.1 to 10.2 broke automounting of USB floppy drives, for example. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, 13 Mar 2007 23:06:54 -0500
Stevens
I am 2 months into Suse 10.2 and I still do not have a polished system running as well as my old Suse 9.1 that I ran for over 2 years. Yes, I think that Suse's potential is there or I wouldn't still be using it. I have tried Ubuntu, Knoppix, FC-6 and Suse 10.2 and it looks like Suse is the most polished. If I cannot get past some of the "ease of use" issues that it presents, though, I may be forced to abandon Suse 10.2 and use another distro until such time as Suse gets it's act together.
obviously Fred your mileage varies, but I've gotten a Suse install down to it takes less than a week for me to get all the "goodies" up and running. Used Suse since 9.x and mandrake/riva before that. Dunno, Suse still seems the easier of the two to get up and running with m$ fonts, java, flash, mplayer and plugins, nvidia driver (the goodies) Have two systems running 10.2 now and one on 10.0 that will be "upgraded" (never truly upgraded, rather fresh install each time) soon. I'll admit though the thorn in the side is the updating setup which is out of the box. Seems I got it under control now with the removal of zmd, but it's been a pain since 10.0 or so. Steve -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tuesday 13 March 2007, Steve Jeppesen wrote:
obviously Fred your mileage varies, but I've gotten a Suse install down to it takes less than a week for me to get all the "goodies" up and running.
Build your self a check list. Things to save. Things to install. Things to tweak. I've gotten pretty good at it, such that I can now install usually in one pass, without having to go back 5 times for things i forgot. The last big workstation I installed for an engineering firm with Dual monitors, Vmware, cifs shares from the main server mounted automatically, email for the engineer, his Akregator, Address book and his mail copied took 1.5 days, including hunting down dual screen wall paper. hint: http://www.digitalblasphemy.com/freegallery.shtml _____________________________________ John Andersen
On Wednesday 14 March 2007 05:06:54 Stevens wrote:
Media devices mount by the volume info which renders any software invalid that expects to see a fixed mount point. Yes, someone here posted a link to a workaround but my question is: why in Hell did Suse allow this bastardized code to make it into production in the first place? It shouldn't take a rocket scientist to figure out that the system should provide static mount points for a device, not the &%$#@ volume info of the media in it.
If you add the device to fstab, the media system will ignore the device and not try to mount it. Now, for that you need a device name, and you can get one using /dev/dsk/by-id I guess. I don't think there is any functonality lost here. -- Duncan Mac-Vicar Prett Novell :: SUSE R&D, Maxfeldstr. 5, 90409 Nürnberg GF: Markus Rex, HRB 16746 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 05:19, Duncan Mac-Vicar Prett
On Wednesday 14 March 2007 05:06:54 Stevens wrote:
Media devices mount by the volume info which renders any software invalid that expects to see a fixed mount point. Yes, someone here posted a link to a workaround but my question is: why in Hell did Suse allow this bastardized code to make it into production in the first place? It shouldn't take a rocket scientist to figure out that the system should provide static mount points for a device, not the &%$#@ volume info of the media in it.
If you add the device to fstab, the media system will ignore the device and not try to mount it. Now, for that you need a device name, and you can get one using /dev/dsk/by-id I guess.
I don't think there is any functonality lost here.
You are certainly entitled to your opinion which, in this case, is wrong. Functionality IS lost when I have programs that cannot access the CD/DVD drive because they are looking for a /dev/cdrom or /dev/hdc mount point and wonderful Suse 10.2 won't provide it. Why not? Who knows. As one writer said here recently, Solaris has been providing both volume label mounts and links to device mount for years. Look, Mac, when a non-guru like my daughter or son-in-law runs into roadblocks like these, they don't have (and should not need) the expertise it takes to hammer out a command line workaround. The system should just work. No muss, no fuss, just work. And there are really important (to lots of folks) parts of Suse 10.2 that don't. At least they don't here. Just remember that Betamax was a superior video tape recording system but it lost out to VHS and became a historical footnote. I don't want Suse to do the same because the system development teams can't see the big picture. Fred -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Functionality IS lost when I have programs that cannot access the CD/DVD drive because they are looking for a /dev/cdrom or /dev/hdc mount point and wonderful Suse 10.2 won't provide it. Why not? Who knows.
I'm curious what applications or programs you are having issues with. I've had just one application (X-Plane) take issue with the way mount points are handled in SUSE, and that is because the installer is poorly (or badly?) programed. The workaround in this case it to sym link /mnt/dvd to /media/XPLANE and it works fine... not the most elegant solution, but the fault (in my opinion) is the X-Plane installer not HAL or anything related to how SUSE implements mount points. Otherwise all applications I have that need to access the DVD writer or DVD reader I have in my PC work perfectly. C. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, 13 Mar 2007 23:06:54 -0500 Stevens <.> wrote:
I am 2 months into Suse 10.2 and I still do not have a polished system running as well as my old Suse 9.1 that I ran for over 2 years.
No wonder that some people got stuck with "old" releases! I also kept SUSE 9.1, which I consider best even if unsupported. During the beta tests I ran into several newer releases, but they just became more robust. It also could be, that I simply don't use features others nee- ding edge-stuff are interested in, therefore all the 10.x-s got repla- ced on the spare partition I have and now have an extra SUSE 9.1 there;) It's a shame, that on the opensuse list several of the oldie-related threads ended up with the answer "do update" :( Pelibali -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 09:51, Clayton wrote:
Functionality IS lost when I have programs that cannot access the CD/DVD drive because they are looking for a /dev/cdrom or /dev/hdc mount point and wonderful Suse 10.2 won't provide it. Why not? Who knows.
I'm curious what applications or programs you are having issues with. I've had just one application (X-Plane) take issue with the way mount points are handled in SUSE, and that is because the installer is poorly (or badly?) programed. The workaround in this case it to sym link /mnt/dvd to /media/XPLANE and it works fine... not the most elegant solution, but the fault (in my opinion) is the X-Plane installer not HAL or anything related to how SUSE implements mount points.
Otherwise all applications I have that need to access the DVD writer or DVD reader I have in my PC work perfectly.
That's because you are working in a smaller universe. Never assume that just because something works there that it works everywhere. Dvdshrink is one app that I can think of right now. It runs under wine and expects a mounted device, not a damned media label. It worked just fine under Suse 9.1 and it should work fine now but it doesn't. No, I do not think that I should create a simlink each and every time that I want to use one of these programs that require a device mount point. Yes, I know what the problem is and I would like for the design team to realize that it is a problem that needs to be fixed. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2007-03-14 at 10:13 -0500, Stevens wrote:
On Wednesday 14 March 2007 09:51, Clayton wrote:
Functionality IS lost when I have programs that cannot access the CD/DVD drive because they are looking for a /dev/cdrom or /dev/hdc mount point and wonderful Suse 10.2 won't provide it. Why not? Who knows.
I'm curious what applications or programs you are having issues with. I've had just one application (X-Plane) take issue with the way mount points are handled in SUSE, and that is because the installer is poorly (or badly?) programed. The workaround in this case it to sym link /mnt/dvd to /media/XPLANE and it works fine... not the most elegant solution, but the fault (in my opinion) is the X-Plane installer not HAL or anything related to how SUSE implements mount points.
Otherwise all applications I have that need to access the DVD writer or DVD reader I have in my PC work perfectly.
That's because you are working in a smaller universe.
No, it's because he is realistic!
Never assume that just because something works there that it works everywhere. Dvdshrink is one app that I can think of right now. It runs under wine and expects a mounted device, not a damned media label. It worked just fine under Suse 9.1 and it should work fine now but it doesn't.
Honestly, you don't try to insert VHS tapes in your CD recorder eh? So what makes OS's any different from that? Do you realise how many steps/versions there are between 9.1 and 10.2 (or whatever you decided to install)?
No, I do not think that I should create a simlink each and every time that I want to use one of these programs that require a device mount point. Yes, I know what the problem is and I would like for the design team to realize that it is a problem that needs to be fixed.
No, your choice of software needs to be fixed. Launch that thing called firefox and enter 'www.google.com', then do a search for a Linux program that does what you want it to do if your current choice of software doesn't work for you. Cheers, Magnus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
That's because you are working in a smaller universe.
Smaller? Naaah... just different. I work in Linux and Unix... work with it every day at home and on the job (no MS in my world). Just never run into problems with mount points and HAL.
Dvdshrink is one app that I can think of right now. It runs under wine and expects a mounted device, not a damned media label.
I use Linux native tools to rip and burn DVDs (there are some nice ones in the repositories=). It's simply too much hassle to futz around with Windows based applications in Wine. Heck, you could even use... XDVDShrink http://dvdshrink.sourceforge.net/index.html
No, I do not think that I should create a simlink each and every time that
Never suggested that. Just used the one and only case I have encountered where the way mountpoints for devices are handled created a problem... and that was due to bad programming on the application side. I'm not suggesting a solution here.. just trying to see where the problem is. Trying to understand what is breaking so catastrophically that if it's not fixed it'll drive SUSE into Betamax obscurity. C. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 10:08, pelibali wrote:
On Tue, 13 Mar 2007 23:06:54 -0500
Stevens <.> wrote:
I am 2 months into Suse 10.2 and I still do not have a polished system running as well as my old Suse 9.1 that I ran for over 2 years.
No wonder that some people got stuck with "old" releases! I also kept SUSE 9.1, which I consider best even if unsupported. During the beta tests I ran into several newer releases, but they just became more robust. It also could be, that I simply don't use features others nee- ding edge-stuff are interested in, therefore all the 10.x-s got repla- ced on the spare partition I have and now have an extra SUSE 9.1 there;)
It's a shame, that on the opensuse list several of the oldie-related threads ended up with the answer "do update" :(
Pelibali
I agree. My hda drive is a bootable Suse 9.1. Problem is that I was having problem finding "new and improved" software that would run on it so I started looking at the new distros. I saw Suse 10.0 go up in flames, followed by horror stories about 10.1, then glowing reports about how much greater 10.2 was. Well, maybe in comparison to 10.0. Look, it generally is a good distro but maybe I can sum up my problems with it like this: The Suse development philosophy is very similar to the guy that won't put the toilet seat down after taking a leak. He figures that everyone should know to test first before flopping. What he doesn't take into account is human nature and he isn't showing consideration for anyone other than himself. Maybe that's a bit harsh, but you get my drift. I use graphical desktops a lot. After 20 years of systems work with various _nixes I detest more and more the inconvenience of CLI. By now the GUIs should have been perfected, but they have not. I copy dvd's and require programs like dvdshrink which has not been ported to linux so I have to run it in wine. It won't work with 10.2. Simple multimedia streams at Yahoo won't play. The default software updater is horrible. In short, I cannot hold Suse 10.2 up to the uninitiated and say, This is a great system when they all look at it and say, This sucks! Fred -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Functionality IS lost when I have programs that cannot access the CD/DVD drive because they are looking for a /dev/cdrom or /dev/hdc mount point and wonderful Suse 10.2 won't provide it. Why not? Who knows.
I'm curious what applications or programs you are having issues with. I've had just one application (X-Plane) take issue with the way mount points are handled in SUSE, and that is because the installer is poorly (or badly?) programed. The workaround in this case it to sym link /mnt/dvd to /media/XPLANE and it works fine... not the most elegant solution, but the fault (in my opinion) is the X-Plane installer not HAL or anything related to how SUSE implements mount points.
Otherwise all applications I have that need to access the DVD writer or DVD reader I have in my PC work perfectly.
C. Well, not exactly CD/DVD, but: -anytime I connect my external disk for backup, the two partitions on it are named differently, which does not really simply my rsync scripts
Clayton wrote: that I use for backup. -anytime I connect my usb-Stick, it is named differently and I need to access it under a different name. Not a big issue, nothing I cannot handle but, please forgive me, seems to come from a hmmm... sick brain. If this is the way it is supposed to work, I REALLY prefer the classic unix way of mounting something manually, without any polish and bells and whistles. At least this worked how it was meant to be. just my 0.02 cents and regards and I apologize, but I could not resist. Eberhard -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hi, On Wednesday 14 March 2007 16:08, pelibali wrote:
On Tue, 13 Mar 2007 23:06:54 -0500
Stevens <.> wrote:
I am 2 months into Suse 10.2 and I still do not have a polished system running as well as my old Suse 9.1 that I ran for over 2 years.
No wonder that some people got stuck with "old" releases! I also kept SUSE 9.1, which I consider best even if unsupported.
[...]
It's a shame, that on the opensuse list several of the oldie-related threads ended up with the answer "do update" :(
There are hardly any scenarios where one could give any other advise but to upgrade from an old/unsupported version to a newer/supported version. 9.1 might be "better" for you, but unless your system is not connected to any network (including internet dialup) staying on an unsupported system simply isn't a good idea. Greetings from Stuhr hartmut -- Hartmut Meyer, EMEA NTS Business Development Project Manager SUSE LINUX GmbH, GF: Volker Smid, HRB 21284 (AG Nürnberg) Maxfeldstr. 5, D-90409 Nuernberg T: +49 421 3064385 - M: +49 179 2279480 F: +49 421 3064387 - hartmut.meyer@novell.com ---------------------------------------------------- SUSE® Linux Enterprise 10 - Your Linux is ready http://www.novell.com/linux
On Wednesday 14 March 2007 04:35, Stevens wrote:
Look, Mac, when a non-guru like my daughter or son-in-law runs into roadblocks like these, they don't have (and should not need) the expertise it takes to hammer out a command line workaround. The system should just work. No muss, no fuss, just work. And there are really important (to lots of folks) parts of Suse 10.2 that don't. At least they don't here.
What's wrong with that? All the above says is that some of the edges need to be smoothed. But it seems that the development team has not addressed that and apparently there is an attitude about it on this list and perhaps on some on the developers. Yet a simple indicator is the number of threads with similar content:update issues, usb, smb, menu, etc. If these issues were addressed the same way the new kde menu was, there would be a lot more happiness. examples? there are quite a few, and really it is not a matter of proper app choice. Sometimes there is only one choice. My wife should have no problem sending the fresh digicam pics to her xp machine from my 10.2, it is very frustrating that linux saiz she needs a login and a password when she can just walk to the next desk and pull the same pics, from the same shared linux directory, thru her xp, WITHOUT so much as a hint of a requirement for a pword or login!!! Yes, I have fixed that, BUT, that's not how the *default* install was!!! On the other hand I have not been able to fix the mplayer/flash/java roll of the dice with on line video. While this might also fall under the simple click and work category, I do not think that would be as easily fixable as Fred would like. But it should be considered a sin if the easy "fixes" are not imlemented. d. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Look, Mac, when a non-guru like my daughter or son-in-law runs into roadblocks like these, they don't have (and should not need) the expertise it takes to hammer out a command line workaround. The system should just work. No muss, no fuss, just work. And there are really important (to lots of folks) parts of Suse 10.2 that don't. At least they don't here What's wrong with that? All the above says is that some of the edges need to be smoothed. But it seems that the development team has not addressed that and apparently there is an attitude about it on this list and perhaps on some on the developers. Yet a simple indicator is the number of threads with similar content:update issues, usb, smb, menu, etc. If these issues were addressed the same way the new kde menu was, there would be a lot more happiness.
I don't know; if only the "squeeky wheels" post to the list maybe there are LOTS of people out there for whom it "just works". For me video/flash/java works perfectly, on both my laptop and my workstation. Of course, it SHOULD work for everyone, but because it doesn't work for some people doesn't mean it doesn't work for anyone, or even most people.
just walk to the next desk and pull the same pics, from the same shared linux directory, thru her xp, WITHOUT so much as a hint of a requirement for a pword or login!!! Yes, I have fixed that, BUT, that's not how the *default* install was!!!
Did you file a bug report? --- Adam Tauno Williams Consultant - http://www.whitemiceconsulting.com Developer - http://www.opengroupware.org/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 10:35, Stevens wrote:
On Wednesday 14 March 2007 05:19, Duncan Mac-Vicar Prett
wrote: On Wednesday 14 March 2007 05:06:54 Stevens wrote:
Media devices mount by the volume info which renders any software invalid that expects to see a fixed mount point. Yes, someone here posted a link to a workaround but my question is: why in Hell did Suse allow this bastardized code to make it into production in the first place? It shouldn't take a rocket scientist to figure out that the system should provide static mount points for a device, not the &%$#@ volume info of the media in it.
If you add the device to fstab, the media system will ignore the device and not try to mount it. Now, for that you need a device name, and you can get one using /dev/dsk/by-id I guess.
I don't think there is any functonality lost here.
You are certainly entitled to your opinion which, in this case, is wrong. Functionality IS lost when I have programs that cannot access the CD/DVD drive because they are looking for a /dev/cdrom or /dev/hdc mount point and wonderful Suse 10.2 won't provide it. Why not? Who knows. As one writer said here recently, Solaris has been providing both volume label mounts and links to device mount for years.
Look, Mac, when a non-guru like my daughter or son-in-law runs into roadblocks like these, they don't have (and should not need) the expertise it takes to hammer out a command line workaround. The system should just work. No muss, no fuss, just work. And there are really important (to lots of folks) parts of Suse 10.2 that don't. At least they don't here. Just remember that Betamax was a superior video tape recording system but it lost out to VHS and became a historical footnote. I don't want Suse to do the same because the system development teams can't see the big picture.
Fred
I really don't have anything useful to the list to add, but perhaps useful to Novell and the developers: I agree 100% with the previous writer. If Linux is ever to have a significant proportion of the market, it must be at least as big as the Mac market to survive, and it _must be user-friendly_ or it will be as dead as CPM and DOS. --doug -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 14:56, Doug McGarrett wrote:
...
I really don't have anything useful to the list to add, but perhaps useful to Novell and the developers: I agree 100% with the previous writer. If Linux is ever to have a significant proportion of the market, it must be at least as big as the Mac market to survive, and it _must be user-friendly_ or it will be as dead as CPM and DOS.
I hear this again and again, but it's absurd. There is far more to computing that home and office desktops. CPM and DOS were never used to run large e-commerce and other Internet services. There was nothing compelling enough about them to keep them going and they had too many deficits to continue in the face of rapidly advancing technology and requirements. That is not true of Linux and will not be true for the foreseeable future. Linux will not die for the simple reason that it is absolutely essential to the likes of Google, Amazon and many, many others. I don't really have any idea (nor do I care) what it would take to make Linux displace Windows or give it a comparable share of users to Mac OS X. I don't need anything from Linux that it does not already have in order to make it invaluable to me in my day-to-day work. Nor does the continued existence of Windows really harm me. It sometimes makes my work a little harder, but it's just one among many sources of such challenges. We probably should not want any one operating system, be it proprietary, open-source or a hybrid, to displace all others. Monopolies and monocultures have bad consequences by their inherent nature. You claim that Linux's continued existence is contingent upon it satisfying the needs of non-technical users of computers. That's not true, nor will Windows disappear any time soon, and that's true regardless of how brilliantly Linux advances. Because Windows will continue to be a predominant OS for a very long time, I think computing professionals should pressure Windows to get its technological act together (especially regarding security). And institutional and government users, not to mention law-enforcement agencies, should be pressuring (or litigating) Microsoft to do business in a more honorable fashion. Were it not for all those easily compromised Windows boxes out there, the security and privacy landscape today would be a lot more benign. Then we could all just choose the platform that suits us and / or our customers best and let legitimate market forces play their role in driving the advancement of information technology. (And by the way, by "getting Windows' security act together" I do _not_ mean their so-called "Trusted Computing Initiative.")
--doug
Randall Schulz -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Eberhard Roloff wrote:
Well, not exactly CD/DVD, but: -anytime I connect my external disk for backup, the two partitions on it are named differently, which does not really simply my rsync scripts that I use for backup.
What I did for that is first umount via /dev/<node>, then I went ahead and then added code to fsck if needed, then remount to a fixed mount point. It is working great. -- Joe Morris Registered Linux user 231871 running openSUSE 10.2 x86_64 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 16:56, Doug McGarrett wrote:
If Linux is ever to have a significant proportion of the market, it must be at least as big as the Mac market to survive, and it _must be user-friendly_ or it will be as dead as CPM and DOS. Hog wash ...
... MAC gave up "being" MAC and became MAC OSX (built on FreeBSD) because [in part] Linux market share (on the desktop) had exceeded MAC. MAC shifted to a unix-like format. The point is that MAC is a unix-like OS just as Linux is ... and they are both gaining significant market share threatening M$. Comparing a full multiuser true preemptive multitasking OS (like the Linux or FreeBSD Kernel) to CPM or DOS is like comparing a Ferrari to soap-box racer. Give me a break. -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 04:03:33 pm Randall R Schulz wrote:
On Wednesday 14 March 2007 14:56, Doug McGarrett wrote:
...
I really don't have anything useful to the list to add, but perhaps useful to Novell and the developers: I agree 100% with the previous writer. If Linux is ever to have a significant proportion of the market, it must be at least as big as the Mac market to survive, and it _must be user-friendly_ or it will be as dead as CPM and DOS.
I hear this again and again, but it's absurd. There is far more to computing that home and office desktops.
CPM and DOS were never used to run large e-commerce and other Internet services.
That's because Al Gore hadn't invented e-commerce yet.
Linux will not die for the simple reason that it is absolutely essential to the likes of Google, Amazon and many, many others.
Exactly. Even if it were to stumble and "fail" on the desktop, it will continue to thrive in the server room. Keep in mind - even the many Windows weenies I know have a linux server or two (or a hundred) in their cold rooms.
I don't really have any idea (nor do I care) what it would take to make Linux displace Windows or give it a comparable share of users to Mac OS X.
Aren't Linux and Macintosh about equivalent in market share? I seem to remember reading that somewhere.
I don't need anything from Linux that it does not already have in order to make it invaluable to me in my day-to-day work. Nor does the continued existence of Windows really harm me. It sometimes makes my work a little harder, but it's just one among many sources of such challenges.
We probably should not want any one operating system, be it proprietary, open-source or a hybrid, to displace all others. Monopolies and monocultures have bad consequences by their inherent nature.
Bingo! Yeah, it makes things a little easier for lazy programmers, but the end result is lack of innovation and being force-fed something we may not want.
You claim that Linux's continued existence is contingent upon it satisfying the needs of non-technical users of computers. That's not true, nor will Windows disappear any time soon, and that's true regardless of how brilliantly Linux advances.
Because Windows will continue to be a predominant OS for a very long time, I think computing professionals should pressure Windows to get its technological act together (especially regarding security). And institutional and government users, not to mention law-enforcement agencies, should be pressuring (or litigating) Microsoft to do business in a more honorable fashion.
Were it not for all those easily compromised Windows boxes out there, the security and privacy landscape today would be a lot more benign. Then we could all just choose the platform that suits us and / or our customers best and let legitimate market forces play their role in driving the advancement of information technology.
Heh - I had to laugh today. While dealing with various comprimises to our Windows 2003 workstations in the cold room, I went to login. I was told the password (currently: p14yp0k3r) to one workstation but it turns out - at least they changed the administrator name from "Administrator" to "supremebeing". Those server guys have one odd sense of humor. -- kai Free Compean and Ramos http://www.grassfire.org/142/petition.asp http://www.perfectreign.com/?q=node/46 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 18:03, Randall R Schulz wrote:
CPM and DOS were never used to run large e-commerce and other Internet services. There was nothing compelling enough about them to keep them going and they had too many deficits to continue in the face of rapidly advancing technology and requirements. That is not true of Linux and will not be true for the foreseeable future. Well, actually, Windows 3.1 kept DOS very much alive for several years and long enough to be used in plenty of e-commerce applications... (I was there) of course before they were called e-commerce... :-))) In fact, DOS was still very much evident in Windows 95, 98, and even... yes even W2000.
Linux will not die for the simple reason that it is absolutely essential to the likes of Google, Amazon and many, many others. Correct... and because (if you will) the genie (or cat, as you like) is out of the bag for the desk market as well... and growing strong.
We probably should not want any one operating system, be it proprietary, open-source or a hybrid, to displace all others. Monopolies and monocultures have bad consequences by their inherent nature. Also correct. No one really wants Coke or Pepsi to die... what we want is choice, freedom, and honest competition.
You claim that Linux's continued existence is contingent upon it satisfying the needs of non-technical users of computers. That's not true, nor will Windows disappear any time soon, and that's true regardless of how brilliantly Linux advances. Partially true... Windoze will die... and the first real nails in the coffin lid are M$ Fixta... this is definitely one of those times where giving them enough rope will eventually hang them... the competition will be among the unix-like OSs, and M$ will become unix-like or it will die. (My prediction)
Because Windows will continue to be a predominant OS for a very long time, I think computing professionals should pressure Windows to get its technological act together (especially regarding security). And institutional and government users, not to mention law-enforcement agencies, should be pressuring (or litigating) Microsoft to do business in a more honorable fashion. Hog wash... I read every day about one or two more corporations or governments dropping windoze for linux desktop... every day. Folks are just fed up, period. Fixta took five years, millions of people, and billions of dollars--- and its crappy eye candy with all the same old problems that have always plagued it... except that it required MORE memory, MORE CPU, and MORE money... folks are sick and tired of the M$ tax... or should I say FUD money.
-- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 22:32, Stevens wrote:
I didn't but it is an interesting point. What satisfying their needs would do is allow Linux to make inroads into a massively M$ world. As it stands now, it ain't ready for prime time. Close, but still no cigar. Hog wash...
... Its in prime time now bubba... wake up and smell the coffee dude! Dell is in the process as we speak of deciding which flavors to serve up in their next wave of prime-time preloads... its here now and its looking like beauty babe.... ... have a cigar~ -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 20:51, M Harris wrote:
Also correct. No one really wants Coke or Pepsi to die... what we want is choice, freedom, and honest competition. Or Mountain Dew!
Partially true... Windoze will die... and the first real nails in the coffin lid are M$ Fixta... this is definitely one of those times where giving them enough rope will eventually hang them... the competition will be among the unix-like OSs, and M$ will become unix-like or it will die. (My prediction) Good call, the next version of Windows, Longhorn, will come with Windows optional. Not only headless, which 2003 can do, but also gui-less. This only applies for core server configurations; if the server will do more, it will need a gui. However, this definitely sounds like a shift in philosophy for M$.
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 18:03, Randall R Schulz wrote:
I don't really have any idea (nor do I care) what it would take to make Linux displace Windows or give it a comparable share of users to Mac OS X. I don't need anything from Linux that it does not already have in order to make it invaluable to me in my day-to-day work.
This is the essence of the attitude of which I wrote earlier. I could not have expressed it better.
We probably should not want any one operating system, be it proprietary, open-source or a hybrid, to displace all others. Monopolies and monocultures have bad consequences by their inherent nature.
Very true. Just as tool boxes are full of both metric and SAE sockets here, as well as phillips and slotted head screwdrivers.
You claim that Linux's continued existence is contingent upon it satisfying the needs of non-technical users of computers.
I didn't but it is an interesting point. What satisfying their needs would do is allow Linux to make inroads into a massively M$ world. As it stands now, it ain't ready for prime time. Close, but still no cigar. ===== By the way, I just spent 4 more hours trying to get the mplayer, mplayerplug-in and Firefox to work together and it still does not. This weekend I will flush 10.2 out of my daughter's puter and install FC-6/KDE and see what that does. If everything starts working after that. it is a good indication that there is something fundamentally wrong in Suse/KDE. I'll report back with the results, probably the first part of next week. Fred -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 23:25, Randall R Schulz wrote:
Then if MS is competing fairly in the marketplace of ideas within the constraints of limited hardware and software purchasing resources (money, i.e.), then the better player will win.
But if MS exerts unjust force, outside proper market mechanisms, then they can continue to (appear to) succeed with an inferior and / or overpriced offering.
That's why they must, if necessary, be forced legally to abide by proper competitive practices and not use their existing monopoly to strong-arm hardware vendors and large, institutional purchasers into choosing MS products when those purchasers would be better served by choosing an alternative. Yes indeed...
... my point was (I clarify) more to your point that M$ "will be the predominate OS for quite some time" is way over-stated. Whatever legal pressure is brought forward IS NOT because M$ will be the *predominate* OS for quite some time... they should be forced to compete *fairly* because it is the right thing to do. Frankly though, I think they met their Waterloo with Fixta... time will tell. -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
I was just trying to kill some processes on a Win2003 system today and had to wait for the kernel to finish some tasks before it would die.
That can happen on Linux, too. Try to kill a process in a 'D' wait state. It's not possible. Extended duration of a D wait does imply a bug (usually in a disk or file system driver), but it happens. Whether a user at root level can kill a process is not necessarily a test of how well preemptive multitasking has been implimented. However, if the kernel (or other ring zero processes) receive more time slice than other processes on the system then there may be a problem... and the M$ kernel (and other ring zero processes) are notorious for not playing well in the preemptive sandbox.... which means, well, it ain't truly preemptive--- I will admit
On Wednesday 14 March 2007 23:29, Randall R Schulz wrote: that they have made huge strides from the early windoze days... but they are no match for the linux kernel... no way. -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 06:39:36 pm M Harris wrote:
On Wednesday 14 March 2007 16:56, Doug McGarrett wrote:
If Linux is ever to have a significant proportion of the market, it must be at least as big as the Mac market to survive, and it _must be user-friendly_ or it will be as dead as CPM and DOS.
Hog wash ...
... MAC gave up "being" MAC and became MAC OSX (built on FreeBSD) because [in part] Linux market share (on the desktop) had exceeded MAC. MAC shifted to a unix-like format. The point is that MAC is a unix-like OS just as Linux is ... and they are both gaining significant market share threatening M$. Comparing a full multiuser true preemptive multitasking OS (like the Linux or FreeBSD Kernel) to CPM or DOS is like comparing a Ferrari to soap-box racer.
...and don't forget that WinNT (XP/Vista/2003) is not preemptive multitasking either. At least not at the kernel level like Linux 2.6+ is. I was just trying to kill some processes on a Win2003 system today and had to wait for the kernel to finish some tasks before it would die. -- kai Free Compean and Ramos http://www.grassfire.org/142/petition.asp http://www.perfectreign.com/?q=node/46 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 10:44, Hartmut Meyer wrote:
9.1 might be "better" for you, but unless your system is not connected to any network (including internet dialup) staying on an unsupported system simply isn't a good idea. Hog wash...
... you see, one of the reasons *we* run linux is that it is safe to connect to the internet for extended periods of time ( 24x7 ) without any problem what-so-ever because it can actually be *controlled* at the kernel level (ipchains in the old days, and iptables today) unlike windoze which remains completely vulnerable with even the best third party security hack installed over it...!! My primary firewall | router | dialer is a highly stable back-level kernel locked tight--- ship shape Bristol Fashion. The NSA might be able to hack into it, but you won't... and neither will the kid next door. In fact, our local LUG plays these kind of games where we expose our "machines" to the net by telling the user group its address and by giving them the root password--- then we give a prize to the first one to hack into it... yes, we have lots of machines that have not had to pay out the prize money. ( a note: the participants are fun loving geeks who don't do any damage... ) The idea is to practice locking down a machine which is impervious to the script kiddies... and has the known over-run vulnerabilities patched. The thing that will absolutely astound the corporate world is when they finally realize that the virus|worm|cracker days will pretty much end with the demise of windoze. There will still be vulnerabilities exposed ---- but not like today... and in the future (as today) those vulnerabilities will be fixed promptly--- ! -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 18:51, M Harris wrote:
On Wednesday 14 March 2007 18:03, Randall R Schulz wrote: ...
Because Windows will continue to be a predominant OS for a very long time, I think computing professionals should pressure Windows to get its technological act together (especially regarding security). And institutional and government users, not to mention law-enforcement agencies, should be pressuring (or litigating) Microsoft to do business in a more honorable fashion.
Hog wash... I read every day about one or two more corporations or governments dropping windoze for linux desktop... every day. Folks are just fed up, period. Fixta took five years, millions of people, and billions of dollars--- and its crappy eye candy with all the same old problems that have always plagued it... except that it required MORE memory, MORE CPU, and MORE money... folks are sick and tired of the M$ tax... or should I say FUD money.
Then if MS is competing fairly in the marketplace of ideas within the constraints of limited hardware and software purchasing resources (money, i.e.), then the better player will win. But if MS exerts unjust force, outside proper market mechanisms, then they can continue to (appear to) succeed with an inferior and / or overpriced offering. That's why they must, if necessary, be forced legally to abide by proper competitive practices and not use their existing monopoly to strong-arm hardware vendors and large, institutional purchasers into choosing MS products when those purchasers would be better served by choosing an alternative.
M Harris <><
Randall Schulz -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 20:56, Kai Ponte wrote:
...
...and don't forget that WinNT (XP/Vista/2003) is not preemptive multitasking either. At least not at the kernel level like Linux 2.6+ is.
You really ought to check your facts. You'll give software managers a bad name...
I was just trying to kill some processes on a Win2003 system today and had to wait for the kernel to finish some tasks before it would die.
That can happen on Linux, too. Try to kill a process in a 'D' wait state. It's not possible. Extended duration of a D wait does imply a bug (usually in a disk or file system driver), but it happens.
-- kai
Randall Schulz -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007, Hartmut Meyer wrote:
There are hardly any scenarios where one could give any other advise but to upgrade from an old/unsupported version to a newer/supported version.
9.1 might be "better" for you, but unless your system is not connected to any network (including internet dialup) staying on an unsupported system simply isn't a good idea.
Says who? Linux isn't exactly Windows which can be hacked by 12 year olds riding bikes thru your neighborhood. Even if you are connected to the net 24/7, with no ports or services open you are not any more at risk than with a current distro. With an Iptables firewall you can even open essential services that you need and be quite safe on line. Maybe the CIA can hack their way into a machine with no ports open. But the script kiddies can't. And the CIA is not even vaguely interested in me. I think you are spreading FUD. -- _____________________________________ John Andersen
On Wednesday 14 March 2007, M Harris wrote:
My primary firewall | router | dialer is a highly stable back-level kernel locked tight--- ship shape Bristol Fashion. The NSA might be able to hack into it, but you won't... and neither will the kid next door. In fact, our local LUG plays these kind of games where we expose
Exactly So. See my similar post on this very same topic. Oddly enough, some people fear a 2 year old kernel, but at the same time run 5 year hardware routers that might NEVER GET A NEW SOFTWARE UPDATE for their entire lifetime. Many of these are running old cut down versions of linux with ipchains. -- _____________________________________ John Andersen
On Wednesday 14 March 2007 20:53, M Harris wrote:
On Wednesday 14 March 2007 23:29, Randall R Schulz wrote:
I was just trying to kill some processes on a Win2003 system today and had to wait for the kernel to finish some tasks before it would die.
That can happen on Linux, too. Try to kill a process in a 'D' wait state. It's not possible. Extended duration of a D wait does imply a bug (usually in a disk or file system driver), but it happens.
Whether a user at root level can kill a process is not necessarily a test of how well preemptive multitasking has been implimented.
The problem I'm referring to is unrelated to access control privileges. The kernel simply will not allow a signal to interrupt a process that is waiting at or below priority 0 (not to be confused with nice level 0). This is because the integrity of the kernel's shared data structures depends on such waits being uninterruptable. They're used only for things like disk I/O (hence the signifier 'D' in ps output), but bugs or dropped interrupts can cause them to persist indefinitely. When that happens, the user-level process cannot be terminated no matter what you do (short of poking kernel memory in some extremely well-crafted manner, I suppose).
However, if the kernel (or other ring zero processes) receive more time slice than other processes on the system then there may be a problem... and the M$ kernel (and other ring zero processes) are notorious for not playing well in the preemptive sandbox.... which means, well, it ain't truly preemptive--- I will admit that they have made huge strides from the early windoze days... but they are no match for the linux kernel... no way.
In both cases we're talking about bugs interfering with normal process scheduling, not the design of the operating system kernels, both of which (Linux and Windows at least from NT onward) are genuinely preemptive, time-sliced, interrupt-driven and _non-_cooperatively scheduled.
M Harris <><
Randall Schulz -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thu 15 Mar 2007 01:44, Kai Ponte wrote:
While dealing with various comprimises to our Windows 2003 workstations in the cold room, I went to login
Security of Passwords _________ as mass-market brings price down . . . RSA key-ring Number-Generators start to make sense for academia & business RSA key-ring Number-Generators that produce a fresh password every 30 seconds . . . looks good. friendly greetings -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thu 15 Mar 2007 01:51, M Harris wrote:
In fact, DOS was still very much evident in Windows 95, 98, and even... yes even W2000.
DOSEMU & Freedos are handy to have installed :) Every day use of DOS . . . yes, some old DOS programs have not been bettered friendly greetings -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hi, On Thursday 15 March 2007 05:43, John Andersen wrote:
On Wednesday 14 March 2007, Hartmut Meyer wrote:
There are hardly any scenarios where one could give any other advise but to upgrade from an old/unsupported version to a newer/supported version.
9.1 might be "better" for you, but unless your system is not connected to any network (including internet dialup) staying on an unsupported system simply isn't a good idea.
Says who?
Common sense?
Linux isn't exactly Windows which can be hacked by 12 year olds riding bikes thru your neighborhood.
Even if you are connected to the net 24/7, with no ports or services open you are not any more at risk than with a current distro.
With an Iptables firewall you can even open essential services that you need and be quite safe on line.
Maybe the CIA can hack their way into a machine with no ports open. But the script kiddies can't. And the CIA is not even vaguely interested in me.
I think you are spreading FUD.
Really? And what about running application (such as web browsers) or services (such as an MTA or ssh) on an old/unsupported version. Your firewall might be as good as it can get. But if you have a need for say the MTA (old/unsupported MTA that is) being reachable from outside or use a web browser (again: old/unsupported) to browse the net (just two examples) what good will the firewall do you? The kernel isn't the only potential problem and a root exploit not the only potential risk. Is that FUD? Greetings from Stuhr hartmut -- Hartmut Meyer, EMEA NTS Business Development Project Manager SUSE LINUX GmbH, GF: Volker Smid, HRB 21284 (AG Nürnberg) Maxfeldstr. 5, D-90409 Nuernberg T: +49 421 3064385 - M: +49 179 2279480 F: +49 421 3064387 - hartmut.meyer@novell.com ---------------------------------------------------- SUSE® Linux Enterprise 10 - Your Linux is ready http://www.novell.com/linux
On Thursday 15 March 2007, Hartmut Meyer wrote:
Hi,
On Thursday 15 March 2007 05:43, John Andersen wrote:
On Wednesday 14 March 2007, Hartmut Meyer wrote:
There are hardly any scenarios where one could give any other advise but to upgrade from an old/unsupported version to a newer/supported version.
9.1 might be "better" for you, but unless your system is not connected to any network (including internet dialup) staying on an unsupported system simply isn't a good idea.
Says who?
Common sense?
Linux isn't exactly Windows which can be hacked by 12 year olds riding bikes thru your neighborhood.
Even if you are connected to the net 24/7, with no ports or services open you are not any more at risk than with a current distro.
With an Iptables firewall you can even open essential services that you need and be quite safe on line.
Maybe the CIA can hack their way into a machine with no ports open. But the script kiddies can't. And the CIA is not even vaguely interested in me.
I think you are spreading FUD.
Really?
And what about running application (such as web browsers) or services (such as an MTA or ssh) on an old/unsupported version. Your firewall might be as good as it can get. But if you have a need for say the MTA (old/unsupported MTA that is) being reachable from outside or use a web browser (again: old/unsupported) to browse the net (just two examples) what good will the firewall do you?
The kernel isn't the only potential problem and a root exploit not the only potential risk.
Is that FUD?
Greetings from Stuhr hartmut
Has it occurred to you you haven't been able to point out a single flaw related to an older version of Suse linux but are forced instead to trot out fictional flaws in applications as a surrogate for your FUD? -- _____________________________________ John Andersen
Joe Morris (NTM) wrote:
Eberhard Roloff wrote:
Well, not exactly CD/DVD, but: -anytime I connect my external disk for backup, the two partitions on it are named differently, which does not really simply my rsync scripts that I use for backup.
What I did for that is first umount via /dev/<node>, then I went ahead and then added code to fsck if needed, then remount to a fixed mount point. It is working great.
Thanks Joe, I do it just like this and indeed it works. This is the "plain great unix style" that works anytime. Now, one question: What do you mean by "adding code to fsck"? And what do you achieve doing this? Thanks much for clarification Eberhard -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hi, On Thursday 15 March 2007 10:28, John Andersen wrote:
On Thursday 15 March 2007, Hartmut Meyer wrote:
On Thursday 15 March 2007 05:43, John Andersen wrote:
On Wednesday 14 March 2007, Hartmut Meyer wrote:
Linux isn't exactly Windows which can be hacked by 12 year olds riding bikes thru your neighborhood.
Even if you are connected to the net 24/7, with no ports or services open you are not any more at risk than with a current distro.
With an Iptables firewall you can even open essential services that you need and be quite safe on line.
Maybe the CIA can hack their way into a machine with no ports open. But the script kiddies can't. And the CIA is not even vaguely interested in me.
I think you are spreading FUD.
Really?
And what about running application (such as web browsers) or services (such as an MTA or ssh) on an old/unsupported version. Your firewall might be as good as it can get. But if you have a need for say the MTA (old/unsupported MTA that is) being reachable from outside or use a web browser (again: old/unsupported) to browse the net (just two examples) what good will the firewall do you?
The kernel isn't the only potential problem and a root exploit not the only potential risk.
Is that FUD?
Has it occurred to you you haven't been able to point out a single flaw related to an older version of Suse linux but are forced instead to trot out fictional flaws in applications as a surrogate for your FUD?
You're right: I didn't point out "a single flaw". But that's not because they don't exist. Rather it's because I don't pay attention and/or memorise such instances. It's not my field of expertise. Are you on the other hand saying that such security relevant problems (in both new and old versions) don't exist? I don't imagine so ... Just for the sake of it, let's have a look at the most recent recommended update as announced on the suse-security-announce mailing list on the 6th of March: --- snip ----- SUSE Security Announcement Package: MozillaFirefox,seamonkey Announcement ID: SUSE-SA:2007:019 Date: Tue, 06 Mar 2007 18:00:00 +0000 Affected Products: SUSE LINUX 9.3 SUSE LINUX 10.0 SUSE LINUX 10.1 openSUSE 10.2 Novell Linux Desktop 9 SUSE SLED 10 SUSE SLES 10 Vulnerability Type: remote code execution Severity (1-10): 6 SUSE Default Package: yes Cross-References: CVE-2006-6077, CVE-2007-0008, CVE-2007-0009 CVE-2007-0775, CVE-2007-0776, CVE-2007-0777 CVE-2007-0778, CVE-2007-0779, CVE-2007-0780 CVE-2007-0800, CVE-2007-0981, CVE-2007-0994 CVE-2007-0995, CVE-2007-0996, CVE-2007-1092 MFSA 2006-72, MFSA 2007-01, MFSA 2007-02 MFSA 2007-03, MFSA 2007-04, MFSA 2007-05 MFSA 2007-06, MFSA 2007-08, MFSA 2007-09 Content of This Advisory: 1) Security Vulnerability Resolved: Mozilla Firefox security release 1.5.0.10 / 2.0.0.2 Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The Mozilla Firefox web browser was updated to security update version 1.5.0.10 on older products and Mozilla Firefox to version 2.0.0.2 on openSUSE 10.2 to fix various security issues. Updates for the Mozilla seamonkey suite before 10.2, Mozilla Suite and Mozilla Thunderbird are still pending. Full details can be found on: http://www.mozilla.org/projects/security/known-vulnerabilities.html - MFSA 2007-01: As part of the Firefox 2.0.0.2 and 1.5.0.10 update releases several bugs were fixed to improve the stability of the browser. Some of these were crashes that showed evidence of memory corruption and we presume that with enough effort at least some of these could be exploited to run arbitrary code. These fixes affected the layout engine (CVE-2007-0775), SVG renderer (CVE-2007-0776) and javascript engine (CVE-2007-0777). - MFSA 2007-02: Various enhancements were done to make XSS exploits against websites less effective. These included fixes for invalid trailing characters (CVE-2007-0995), child frame character set inheritance (CVE-2007-0996), password form injection (CVE-2006-6077), and the Adobe Reader universal XSS problem. - MFSA 2007-03/CVE-2007-0778: AAd reported a potential disk cache collision that could be exploited by remote attackers to steal confidential data or execute code. - MFSA 2007-04/CVE-2007-0779: David Eckel reported that browser UI elements--such as the host name and security indicators--could be spoofed by using a large, mostly transparent, custom cursor and adjusting the CSS3 hot-spot property so that the visible part of the cursor floated outside the browser content area. - MFSA 2007-05: Manually opening blocked popups could be exploited by remote attackers to allow XSS attacks (CVE-2007-0780) or to execute code in local files (CVE-2007-0800). - MFSA 2007-06: Two buffer overflows were found in the NSS handling of Mozilla. CVE-2007-0008: SSL clients such as Firefox and Thunderbird can suffer a buffer overflow if a malicious server presents a certificate with a public key that is too small to encrypt the entire "Master Secret". Exploiting this overflow appears to be unreliable but possible if the SSLv2 protocol is enabled. CVE-2007-0009: Servers that use NSS for the SSLv2 protocol can be exploited by a client that presents a "Client Master Key" with invalid length values in any of several fields that are used without adequate error checking. This can lead to a buffer overflow that presumably could be exploitable. - MFSA 2007-06/CVE-2007-0981: Michal Zalewski demonstrated that setting location.hostname to a value with embedded null characters can confuse the browsers domain checks. Setting the value triggers a load, but the networking software reads the hostname only up to the null character while other checks for "parent domain" start at the right and so can have a completely different idea of what the current host is. - MFSA 2007-08/CVE-2007-1092: Michal Zalewski reported a memory corruption vulnerability in Firefox 2.0.0.1 involving mixing the onUnload event handler and self-modifying document.write() calls. This flaw was introduced in Firefox 2.0.0.1 and 1.5.0.9 and does not affect earlier versions; it is fixed in Firefox 2.0.0.2 and 1.5.0.10. - MFSA 2007-09/CVE-2007-0994: moz_bug_r_a4 reports that the fix for MFSA 2006-72 in Firefox 1.5.0.9 and Firefox 2.0.0.1 introduced a regression that allows scripts from web content to execute arbitrary code by setting the src attribute of an IMG tag to a specially crafted javascript: URI. The same regression also caused javascript: URIs in IMG tags to be executed even if JavaScript execution was disabled in the global preferences. This facet was noted by moz_bug_r_a4 and reported independently by Anbo Motohiko. 2) Solution or Work-Around There is no known workaround, please install the update packages. --- snap ----- Still FUD? Greetings from Stuhr hartmut -- Hartmut Meyer, EMEA NTS Business Development Project Manager SUSE LINUX GmbH, GF: Volker Smid, HRB 21284 (AG Nürnberg) Maxfeldstr. 5, D-90409 Nuernberg T: +49 421 3064385 - M: +49 179 2279480 F: +49 421 3064387 - hartmut.meyer@novell.com ---------------------------------------------------- SUSE® Linux Enterprise 10 - Your Linux is ready http://www.novell.com/linux
Eberhard Roloff wrote:
Thanks Joe, I do it just like this and indeed it works. This is the "plain great unix style" that works anytime.
Glad it also worked for you.
Now, one question: What do you mean by "adding code to fsck"? And what do you achieve doing this?
I decided it would be good to make sure the filesystem was always consistent. So, not being a programmer, I shamelessly copied the relevant part of the script in /etc/init.d/boot.localfs to check the status of the filesystem and fsck it if needed. I actually put my backup script together back during 8.2, so I used the code for then. When 9.3 started automounting, I changed to always umount first, then fsck, then mount and backup. With 10.2, I needed to tweak it some to umount by the dev rather than mountpoint, but other than that it has worked very well.
Thanks much for clarification
No problem. No use in struggling to solved what has already been solved. :-) -- Joe Morris Registered Linux user 231871 running openSUSE 10.2 x86_64 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Stevens
We probably should not want any one operating system, be it proprietary,
open-source or a hybrid, to displace all others. Monopolies and monocultures have bad consequences by their inherent nature.
Very true. Just as tool boxes are full of both metric and SAE sockets here, as well as phillips and slotted head screwdrivers.
I think you have this analogy slightly wrong. Metric and SAE are standards, as are slotted/crosshead/Phillips, the former at least defined by international standards bodies and agreed between manufacturers. The equivalent would be all screwdrivers being designed and made by Philips and marketed in such a way that people are led to say "You can't undo that screw? Of course not, that's not a real Phillips screwdriver." Or all sizes of plywood being given public random numbers by a manufacturer with a set of additional secret numbers per type describing slight variations such that you have to tell the manufacturer what you're doing or they have to anticipate it otherwise the parts won't quite fit properly. I've probably overcomplicated it: the difference between agreed standards and de facto standards is what I'm getting at. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Joe Morris (NTM) wrote:
Eberhard Roloff wrote:
Thanks Joe, I do it just like this and indeed it works. This is the "plain great unix style" that works anytime.
Glad it also worked for you.
Now, one question: What do you mean by "adding code to fsck"? And what do you achieve doing this?
I decided it would be good to make sure the filesystem was always consistent. So, not being a programmer, I shamelessly copied the relevant part of the script in /etc/init.d/boot.localfs to check the status of the filesystem and fsck it if needed. I actually put my backup script together back during 8.2, so I used the code for then. When 9.3 started automounting, I changed to always umount first, then fsck, then mount and backup. With 10.2, I needed to tweak it some to umount by the dev rather than mountpoint, but other than that it has worked very well.
Thanks much for clarification
No problem. No use in struggling to solved what has already been solved. :-)
Brilliant! Thanks again Eberhard -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
John Andersen wrote:
On Wednesday 14 March 2007, Hartmut Meyer wrote:
There are hardly any scenarios where one could give any other advise but to upgrade from an old/unsupported version to a newer/supported version.
9.1 might be "better" for you, but unless your system is not connected to any network (including internet dialup) staying on an unsupported system simply isn't a good idea.
Says who?
Linux isn't exactly Windows which can be hacked by 12 year olds riding bikes thru your neighborhood.
Even if you are connected to the net 24/7, with no ports or services open you are not any more at risk than with a current distro.
With an Iptables firewall you can even open essential services that you need and be quite safe on line.
Maybe the CIA can hack their way into a machine with no ports open. But the script kiddies can't. And the CIA is not even vaguely interested in me.
I think you are spreading FUD.
FWIW, my firewall is SUSE 10.0. It's up continuously and always on the "net". No problems so far. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
James Knott wrote:
John Andersen wrote:
On Wednesday 14 March 2007, Hartmut Meyer wrote:
There are hardly any scenarios where one could give any other advise but to upgrade from an old/unsupported version to a newer/supported version.
9.1 might be "better" for you, but unless your system is not connected to any network (including internet dialup) staying on an unsupported system simply isn't a good idea.
Says who?
Linux isn't exactly Windows which can be hacked by 12 year olds riding bikes thru your neighborhood.
Even if you are connected to the net 24/7, with no ports or services open you are not any more at risk than with a current distro.
With an Iptables firewall you can even open essential services that you need and be quite safe on line.
Maybe the CIA can hack their way into a machine with no ports open. But the script kiddies can't. And the CIA is not even vaguely interested in me.
I think you are spreading FUD.
FWIW, my firewall is SUSE 10.0. It's up continuously and always on the "net". No problems so far.
Hi List Excuse me if this appears twice - it shouldn't I hope! I have always upgraded within two versions max at home while in work I immediately upgrade. At my last employer I would upgrade all the workstations from SuSE Retail distro and the upgrade option worked a treat but not always certain apps/software would cause dependencies issues But there was a choice to remove the packages it was referring too. But nonetheless I would be able to upgrade So YMMV springs to mind and everyone's environment is a vortex in one shape or form. Cheers -- Chuck Amadi ROK Corporation Limited Ty ROK, Dyffryn Business Park, Llantwit Major Road, Llandow, Vale Of Glamorgan. CF71 7PY Tel: 01446 795 839 Fax: 01446 794 994 International Tel: +44 1446 795 839 email: chuck.amadi@rokcorp.com This email is confidential to the addressee only. If you do not believe that you are the intended recipient, do not pass it on or copy it in any way. Please delete it immediately. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Chuck Amadi wrote:
James Knott wrote:
John Andersen wrote:
On Wednesday 14 March 2007, Hartmut Meyer wrote:
There are hardly any scenarios where one could give any other advise but to upgrade from an old/unsupported version to a newer/supported version.
9.1 might be "better" for you, but unless your system is not connected to any network (including internet dialup) staying on an unsupported system simply isn't a good idea.
Says who?
Linux isn't exactly Windows which can be hacked by 12 year olds riding bikes thru your neighborhood.
Even if you are connected to the net 24/7, with no ports or services open you are not any more at risk than with a current distro. With an Iptables firewall you can even open essential services that you need and be quite safe on line.
Maybe the CIA can hack their way into a machine with no ports open. But the script kiddies can't. And the CIA is not even vaguely interested in me.
I think you are spreading FUD.
FWIW, my firewall is SUSE 10.0. It's up continuously and always on the "net". No problems so far.
Hi List
Excuse me if this appears twice - it shouldn't I hope!
I have always upgraded within two versions max at home while in work I immediately upgrade. At my last employer I would upgrade all the workstations from SuSE Retail distro and the upgrade option worked a treat but not always certain apps/software would cause dependencies issues But there was a choice to remove the packages it was referring too.
But nonetheless I would be able to upgrade So YMMV springs to mind and everyone's environment is a vortex in one shape or form.
Cheers
Hi again forgot to mention upgrade when "I want too " not when I am told by " the others ". Choice too upgrade is great and empowering to the end users. Cheers Chuck -- Chuck Amadi ROK Corporation Limited Ty ROK, Dyffryn Business Park, Llantwit Major Road, Llandow, Vale Of Glamorgan. CF71 7PY Tel: 01446 795 839 Fax: 01446 794 994 International Tel: +44 1446 795 839 email: chuck.amadi@rokcorp.com This email is confidential to the addressee only. If you do not believe that you are the intended recipient, do not pass it on or copy it in any way. Please delete it immediately. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 15 March 2007 04:36, James Knott wrote:
Kai Ponte wrote:
Those server guys have one odd sense of humor.
I have often referred to users as "mere mortals". ;-)
Or the classic: "Lusers." RRS -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wednesday 14 March 2007 09:29:34 pm Randall R Schulz wrote:
On Wednesday 14 March 2007 20:56, Kai Ponte wrote:
...
...and don't forget that WinNT (XP/Vista/2003) is not preemptive multitasking either. At least not at the kernel level like Linux 2.6+ is.
You really ought to check your facts. You'll give software managers a bad name...
Huh? Kernel 2.6+ has preemptive multitasking at the kernel level - a.k.a. a preemptable kernel. WinNT does not. It does do user-level preemptive multitasking but not kernel level. Never had it, supposedly will sometime soon. Of course, since the linux and windows kernels are fairly similar in design I'm sure Windows will borrow whatever was learned from Linux's implementation and then sue Novell for patent violations. (And you thought i was a pointy-haired guy who reboots his laptop by holding it upside down and shaking.)
I was just trying to kill some processes on a Win2003 system today and had to wait for the kernel to finish some tasks before it would die.
That can happen on Linux, too. Try to kill a process in a 'D' wait state. It's not possible. Extended duration of a D wait does imply a bug (usually in a disk or file system driver), but it happens.
Ooh, that's just nasty. -- kai Free Compean and Ramos http://www.grassfire.org/142/petition.asp http://www.perfectreign.com/?q=node/46 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Kai, On Thursday 15 March 2007 09:03, Kai Ponte wrote:
On Wednesday 14 March 2007 09:29:34 pm Randall R Schulz wrote:
On Wednesday 14 March 2007 20:56, Kai Ponte wrote:
...
...and don't forget that WinNT (XP/Vista/2003) is not preemptive multitasking either. At least not at the kernel level like Linux 2.6+ is.
You really ought to check your facts. You'll give software managers a bad name...
Huh?
Kernel 2.6+ has preemptive multitasking at the kernel level - a.k.a. a preemptable kernel.
WinNT does not.
I don't know where you got this idea, but it's flatly false. If you have access to the IEEE digital library, you can retrieve and read this article: http://ieeexplore.ieee.org/iel4/2/15590/00722284.pdf?arnumber=722284. You will see that process and thread control is located in kernel space and is interrupt-driven. To wit: "· The process and thread manager creates and terminates processes and threads. The underlying support for processes and threads is implemented in the Windows NT kernel; the executive adds additional semantics and functions to these lower-level objects. " ... "Kernel The kernel performs the most fundamental operations in Windows NT, determining how the OS uses the processor or processors and ensuring that they are used prudently. It is the lowest layer in NTOSKRNL.EXE. These are the primary functions the kernel provides · Thread scheduling and dispatching. · Trap handling and exception dispatching. · Interrupt handling and dispatching. · Multiprocessor synchronization."
It does do user-level preemptive multitasking but not kernel level.
Perhaps you're drawing some real distinction here, but I'm not sure what it is.
Never had it, supposedly will sometime soon. Of course, since the linux and windows kernels are fairly similar in design I'm sure Windows will borrow whatever was learned from Linux's implementation and then sue Novell for patent violations.
(And you thought i was a pointy-haired guy who reboots his laptop by holding it upside down and shaking.)
I was just trying to kill some processes on a Win2003 system today and had to wait for the kernel to finish some tasks before it would die.
That can happen on Linux, too. Try to kill a process in a 'D' wait state. It's not possible. Extended duration of a D wait does imply a bug (usually in a disk or file system driver), but it happens.
Ooh, that's just nasty.
And if the distinction you suggest betwen user-level and kernel multitasking is what I think it is, this shows that either both kernels have this form of multitasking or both do not.
-- kai
Randall Schulz -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 15 March 2007, Hartmut Meyer wrote:
Just for the sake of it, let's have a look at the most recent recommended update as announced on the suse-security-announce mailing list on the 6th of March:
--- snip ----- SUSE Security Announcement
Package: MozillaFirefox,seamonkey
Yet another User space application having NOTHING WHAT SO EVER to do with running Suse 9.0 or 10.2 or even 7.3 if you were so inclined. -- _____________________________________ John Andersen -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
It does do user-level preemptive multitasking but not kernel level.
Perhaps you're drawing some real distinction here, but I'm not sure what it is. The distinction (which I am now re-researching) is that there is a difference between preemptable and interruptable. Interrupt driven is not precisely the same thing as preemptive from a scheduler standpoint--- dispatching based on interrupts vs dispatching based on master scheduling and time-slice. Windoze (at least in my experience) does not seem to faithfully schedule kernel
On Thursday 15 March 2007 11:21, Randall R Schulz wrote: processes according to true preemptive scheduling... seems like the kernel gets preferential treatment and often the entire system resource is hogged by the kernel at the expense of user space. I have to go back now and restudy this... but I am thinking that Kai is correct... NT didn't have it right..... and it sure didn't match up with OS/2 or the 2.0.36 kernel (linux at the time). -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 15 March 2007 16:15, Hartmut Meyer wrote:
Are you saying that only kernel security issues are relevant?
The next security advisory (from today) was about PHP ...
I'm afraid I just don't get what your talking about :-( You are talking past each other...
... you are talking now about keeping apps in user space up-to-date (worthwhile endeavor) and he is talking about your original FUD that running a back-level version (linux kernel) was risky. That not only is FUD, its ridiculous. You can run Suse 9.3 all day long every day for the next ten years without a single problem... and that is not to say that you will not need to update Firefox. Firefox may have vulnerabilities that a sensible user will patch--- and that have absolutely nothing to do with your first claim about back-level Suse versions. You get it? -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
What you're saying is that you can run old versions of suse, as long as you keep the applications updated manually?
Well, of course you can. It's just a lot more work No, what I am saying is that running a back-level linux kernel is not a
On Thursday 15 March 2007 16:42, Anders Johansson wrote: problem. As far as updating user apps goes... that depends on the app. My Firefox updates automatically... and aside from the slightly annoying message telling me the update is available its pretty painless... it has always worked, and it has been completely automatic... wish I could say the same thing for the Suse updater... :-( No, the original thought was ridiculous--- running a back-level version of the linux kernel is not a problem... and as for that matter... running a patched version of apps (back-level as they may be) is not a problem either... in fact... some might argue that updating apps and kernels is how vulnerabilities are introduced into systems in the first place. -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hi, On Thursday 15 March 2007 19:39, John Andersen wrote:
On Thursday 15 March 2007, Hartmut Meyer wrote:
Just for the sake of it, let's have a look at the most recent recommended update as announced on the suse-security-announce mailing list on the 6th of March:
--- snip ----- SUSE Security Announcement
Package: MozillaFirefox,seamonkey
Yet another User space application having NOTHING WHAT SO EVER to do with running Suse 9.0 or 10.2 or even 7.3 if you were so inclined.
?? Are you saying that only kernel security issues are relevant? The next security advisory (from today) was about PHP ... I'm afraid I just don't get what your talking about :-( Greetings from Stuhr hartmut -- Hartmut Meyer, EMEA NTS Business Development Project Manager SUSE LINUX GmbH, GF: Volker Smid, HRB 21284 (AG Nürnberg) Maxfeldstr. 5, D-90409 Nuernberg T: +49 421 3064385 - M: +49 179 2279480 F: +49 421 3064387 - hartmut.meyer@novell.com ---------------------------------------------------- SUSE® Linux Enterprise 10 - Your Linux is ready http://www.novell.com/linux
On Thursday 15 March 2007 21:35, M Harris wrote:
You can run Suse 9.3 all day long every day for the next ten years without a single problem... and that is not to say that you will not need to update Firefox. Firefox may have vulnerabilities that a sensible user will patch--- and that have absolutely nothing to do with your first claim about back-level Suse versions. You get it?
What you're saying is that you can run old versions of suse, as long as you keep the applications updated manually? Well, of course you can. It's just a lot more work And incidentally, if you upgrade everything manually, how much of that original suse version is left? Does it make sense to say you're running suse 7.3 if you've upgraded the kernel to 2.4.21, apache to 2.2 and so on? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 15 March 2007 21:58, M Harris wrote:
No, what I am saying is that running a back-level linux kernel is not a problem. As far as updating user apps goes... that depends on the app.
It depends. There have been issues. I remember one issue about the TCP stack leaking kernel memory, which meant people could potentially see data they weren't supposed to see. And there have been some DoS problems But yes, by far the most kernel problems are local exploits. The problem is that when you run applications that have holes that allow attackers to run a local program, combined with a local exploit in the kernel, then you have a problem.
My Firefox updates automatically... and aside from the slightly annoying message telling me the update is available its pretty painless... it has always worked, and it has been completely automatic... wish I could say the same thing for the Suse updater... :-(
The firefox updater is a glorified wget. The suse updater needs to do a lot more. Not that I'm defending the current state of the updater, it still needs a lot of work - but comparing with the firefox updater is just silly
No, the original thought was ridiculous--- running a back-level version of the linux kernel is not a problem... and as for that matter... running a patched version of apps (back-level as they may be) is not a problem either...
The problem might be in getting the patches. There is a lot of work involved
in fact... some might argue that updating apps and kernels is how vulnerabilities are introduced into systems in the first place.
Really? Who? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
M Harris wrote:
On Thursday 15 March 2007 11:21, Randall R Schulz wrote:
It does do user-level preemptive multitasking but not kernel level.
Perhaps you're drawing some real distinction here, but I'm not sure what it is.
The distinction (which I am now re-researching) is that there is a difference between preemptable and interruptable. Interrupt driven is not precisely the same thing as preemptive from a scheduler standpoint--- dispatching based on interrupts vs dispatching based on master scheduling and time-slice. Windoze (at least in my experience) does not seem to faithfully schedule kernel processes according to true preemptive scheduling... seems like the kernel gets preferential treatment and often the entire system resource is hogged by the kernel at the expense of user space.
I have to go back now and restudy this... but I am thinking that Kai is correct... NT didn't have it right..... and it sure didn't match up with OS/2 or the 2.0.36 kernel (linux at the time).
Windows has never been able to multi-task as well as OS/2 or Linux. I recall demonstrating how with OS/2 you could actually do something else, while formatting a floppy! Even now, when copying a lot of files, Windows bogs down. One thing I currently show people with Linux is how you after logging in, you can click on something as soon as you see it and it will run. With Windows, you have to wait for the desktop to be responsive. Incidentally, when XP came out, MS claimed it booted faster. In reality, you get to see the desktop sooner, but you can't do anything with it. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 15 March 2007 18:53, Doug McGarrett wrote:
One of the other things that bothers me is the continual changes to or elimination of things that work, in favor of cutting-edge stuff that doesn't actually work. Are you running SLED or Opensuse?
... makes a difference ... sounds like you would benefit from running SLED--- definitely. Opensuse is for those of us who don't really need the max support and are willing to play with the system a bit in order to have some of the bleeding edge revisions. There is another alternative... and that is somewhere in the middle... use an opensuse version (based on history) that is for the most part as stable as you need it to be and wait... eventually there will be another "better" opensuse, or ubuntu, or you'll opt for the next stable release of SLED. Frankly Suse 9.3 Professional has been the best out-of-box distro so far from Novell. Actually, I have had really only minor annoyances from Suse 10.0. Yeah, my kmail speaks Chinese too sometimes... but the distro for the most part has been mostly fantastic... SLED isn't bleeding edge and is mostly as stable as the Rock of Gibralter... it doesn't bleed and it won't have the latest revisions... but it will work for ya..... -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 15 March 2007 17:07, Anders Johansson wrote:
in fact... some might argue that updating apps and kernels is how vulnerabilities are introduced into systems in the first place.
Really? Who? We all rest our case... ;-P
-- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 15 March 2007 17:15, Hartmut Meyer wrote:
Hi,
On Thursday 15 March 2007 19:39, John Andersen wrote:
On Thursday 15 March 2007, Hartmut Meyer wrote:
Just for the sake of it, let's have a look at the most recent recommended update as announced on the suse-security-announce mailing list on the 6th of March:
--- snip ----- SUSE Security Announcement
Package: MozillaFirefox,seamonkey
Yet another User space application having NOTHING WHAT SO EVER to do with running Suse 9.0 or 10.2 or even 7.3 if you were so inclined.
??
Are you saying that only kernel security issues are relevant?
The next security advisory (from today) was about PHP ...
I'm afraid I just don't get what your talking about :-(
Greetings from Stuhr hartmut
I have been following this thread from the beginning, and I am unhappy with something. I am using 9.3, and it works really nicely. As soon as 10.3 comes out, all my support will be gone. What if 10.3 is a mess? I found 10.0 to be a mess, when my KMail started outputting 5 or 10 percent of my incoming mail in Chinese characters. So I went back. There have certainly been a lot of issues in 10.1 and 10.2. And there still seem to be, according to the messages on this list. I think there should be some sort of support for those versions that most of us agree are pretty problem-free, until another version comes along that most of us agree is pretty problem-free. Yes many of us--not necessarily me-- will upgrade right away, and find out if there are serious problems, and report to the list and to the bug site. Frankly, I do not intend to upgrade for at least a couple of months, until I find out what the cutting-edge folks have discovered. And then I might not. I want a system that works, not one that I have to futz with all the time to make it work. I am not qualified to futz with the system all the time, to be perfectly honest. I didn't grow up with Unix. One of the other things that bothers me is the continual changes to or elimination of things that work, in favor of cutting-edge stuff that doesn't actually work. Like Ann Landers, I say, "If it ain't broke, don't fix it." From what I hear, Xen is broke, the latest automount is broke, smart is at least bent--why this stuff, why? --doug -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 15 March 2007 17:13, James Knott wrote:
Windows has never been able to multi-task as well as OS/2 or Linux. And this is why...
... notes from NT tutorial ... ------------------------------------------ start The major role of the kernel in Windows NT is to dispatch and schedule threads. A thread is a code segment belonging to a particular process. Each thread is assigned a priority number from 0 to 31. The kernel dispatches threads to run on available processors based on their priority numbers. The kernel then allows the threads to execute for a particular amount of time before preempting them and allowing another process to run. NOTE: Sometimes you see it written that the kernel schedules processes. While this is **not technically correct**, it is commonly stated this way for ease of explanation. The kernel **does not actually schedule processes**, it only schedules threads in the context of a process. For more on the distinction between processes and threads, see the section Process Manager, later in this chapter. It is this procedure that makes preemptive multitasking ?possible?. Because it is the kernel that schedules the execution of all code on the system, it [the kernel] **cannot be preempted**. It also cannot be paged to disk for any reason. ------------------------------------------ end So, WinNT did not truly implement preemption... and the WinNT kernel was never preemptable. For information on when the linux kernel received its preemptive code patch follow this link: http://www.linuxdevices.com/articles/AT4185744181.html -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 15 March 2007 03:13:01 pm James Knott wrote:
M Harris wrote:
On Thursday 15 March 2007 11:21, Randall R Schulz wrote:
It does do user-level preemptive multitasking but not kernel level.
Perhaps you're drawing some real distinction here, but I'm not sure what it is.
The distinction (which I am now re-researching) is that there is a difference between preemptable and interruptable. Interrupt driven is not precisely the same thing as preemptive from a scheduler standpoint--- dispatching based on interrupts vs dispatching based on master scheduling and time-slice. Windoze (at least in my experience) does not seem to faithfully schedule kernel processes according to true preemptive scheduling... seems like the kernel gets preferential treatment and often the entire system resource is hogged by the kernel at the expense of user space.
I have to go back now and restudy this... but I am thinking that Kai is correct... NT didn't have it right..... and it sure didn't match up with OS/2 or the 2.0.36 kernel (linux at the time).
Windows has never been able to multi-task as well as OS/2 or Linux. I recall demonstrating how with OS/2 you could actually do something else, while formatting a floppy!
I think I've written it on this list before. Back in my early career we ran a shop which sold a POS system based on DOS or OS/2 and Novell (there's the on topic portion) as the backend. I distinctly remember getting in the new copy of Windows 95 and wondering how much "better" it was than NT or OS/2. (We had been running 2.0 but recently had adopted Warp.) We setup side by side computers of identical configuration - IBM PS/2 systems running DX/40 chips with 16MB RAM each. We loaded one with Win95 and the other with Warp. We then setup some tasks - formatting a floppy, compiling our app (which ran under DataFlex), searching for files and something else. We set each machine to run at about the same time. The OS/2 machine finished all tasks in about two minutes. The Win95 machine finished in half an hour. It was amazing. -- k -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 15 March 2007, M Harris wrote:
So, WinNT did not truly implement preemption... and the WinNT kernel was never preemptable.
Jives with my experience. I've written loops so tight (with no IO) that you had to power off the machine to kill them. Any IO in the loop, whether something the program does directly or in-directly (causing paging for example) will allow windows to get in there and let something else run. -- _____________________________________ John Andersen
On Thursday 15 March 2007, Hartmut Meyer wrote:
Are you saying that only kernel security issues are relevant?
The next security advisory (from today) was about PHP ...
I'm afraid I just don't get what your talking about :-(
Yes, its becoming obvious. php and mozilla can be compiled and will run on a wide range of kernels. All of them are available in source code. You can easily run Suse 8.2, (out of maintenance for years now) which has a 2.4.something kernel, and have it connected to the net 24/7 as say a firewall router, mail server, database server, etc with only a very few ports open, and be as safe as running the most current kernel. Kernels do not become unsafe the minute suse walks away from them. Further, if you are not running Mozilla on the machine, or php, and just use it as a router, you might be safe for years and years. Even running a mail server on an old kernel you can be safe. You would do the due diligence of maintaining the software you were running, such as sendmail, or whatever, (compiling from source) to keep those portions up to date. What do you think is in those hardware routers everyone hides their Windows machines behind? Usually linux, or some slimmed down bsd. And those things usually NEVER get an upgrade. I am aware of government agencies running special purpose machines for data collection which run ancient old debian distros with one or two ports open for ssh and data transmission. They have never been hacked. -- _____________________________________ John Andersen
On Thursday 15 March 2007, Doug McGarrett wrote:
And there still seem to be, according to the messages on this list.
Don't come to a help list and then point to all the problems that show up there as evidence of a pandemic problem. That's like saying that all Fords are lemons, because that's all you see in for service at the Ford dealership. -- _____________________________________ John Andersen
Hi, On Friday 16 March 2007 08:21, John Andersen wrote:
On Thursday 15 March 2007, Hartmut Meyer wrote:
Are you saying that only kernel security issues are relevant?
The next security advisory (from today) was about PHP ...
I'm afraid I just don't get what your talking about :-(
Yes, its becoming obvious.
php and mozilla can be compiled and will run on a wide range of kernels. All of them are available in source code.
[...]
Even running a mail server on an old kernel you can be safe. You would do the due diligence of maintaining the software you were running, such as sendmail, or whatever, (compiling from source) to keep those portions up to date.
Ok. Now I get it. But then you're not really talking about old/unsupported versions anymore. Instead you're talking about something that started as - say - 8.1 but by now has hardly any resemblance to that version anymore. Simply because you kept updating all sensitive components for yourself (requiring more time and expertise than most users will have). And then I agree - of course you can have such a system running secure. Greetings from Stuhr hartmut -- Hartmut Meyer, EMEA NTS Business Development Project Manager SUSE LINUX GmbH, GF: Volker Smid, HRB 21284 (AG Nürnberg) Maxfeldstr. 5, D-90409 Nuernberg T: +49 421 3064385 - M: +49 179 2279480 F: +49 421 3064387 - hartmut.meyer@novell.com ---------------------------------------------------- SUSE® Linux Enterprise 10 - Your Linux is ready http://www.novell.com/linux
Kai Ponte wrote:
The OS/2 machine finished all tasks in about two minutes. The Win95 machine finished in half an hour.
It was amazing.
My morning routine at work, with a computer running XP. Turn on computer. Go get coffee Logon to XP Enjoy coffee and read newspaper, while waiting for Windows to be usable. After reading a couple of articles, see if computer is ready to open email app (Seamonkey). -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Friday 16 March 2007, Hartmut Meyer wrote:
But then you're not really talking about old/unsupported versions anymore. Instead you're talking about something that started as - say - 8.1 but by now has hardly any resemblance to that version anymore. Simply because you kept updating all sensitive components for yourself (requiring more time and expertise than most users will have).
Well, I don't see it that way. The vast overwhelming majority of the entire system can remain as it was on the day of the last update. You might have to update one or two packages over time span of several years. One or two. For a a linux box used as router, or a samba server, you would be highly unlikely to ever have to update anything for the life of the hardware. Last year, I replaced a server for a company. It was running Suse 7.3 as a samba server and was acting as a router for their local network. This was pretty much a single mission box, with raid drives and lived on a huge UPS its entire life. The only problem that machine ever had was when they finally filled up the hard drive and upgraded to get more space. Would I do this with a desktop machine? No. I would update the system. But more to obtain new functionality than out of fear of any compromise just because it was out of maintenance. The best server operations team is a Man and a German Shepard Dog. The man is there to feed the dog, and the dog is there to make sure the man never touches the machine. -- _____________________________________ John Andersen
John Andersen wrote:
On Friday 16 March 2007, Hartmut Meyer wrote:
But then you're not really talking about old/unsupported versions anymore. Instead you're talking about something that started as - say - 8.1 but by now has hardly any resemblance to that version anymore. Simply because you kept updating all sensitive components for yourself (requiring more time and expertise than most users will have).
Well, I don't see it that way.
The vast overwhelming majority of the entire system can remain as it was on the day of the last update. You might have to update one or two packages over time span of several years. One or two.
For a a linux box used as router, or a samba server, you would be highly unlikely to ever have to update anything for the life of the hardware.
Last year, I replaced a server for a company. It was running Suse 7.3 as a samba server and was acting as a router for their local network. This was pretty much a single mission box, with raid drives and lived on a huge UPS its entire life.
The only problem that machine ever had was when they finally filled up the hard drive and upgraded to get more space.
Would I do this with a desktop machine? No. I would update the system. But more to obtain new functionality than out of fear of any compromise just because it was out of maintenance.
The best server operations team is a Man and a German Shepard Dog. The man is there to feed the dog, and the dog is there to make sure the man never touches the machine.
Hi John Excellent I totally agree!. Chuck -- Chuck Amadi ROK Corporation Limited Ty ROK, Dyffryn Business Park, Llantwit Major Road, Llandow, Vale Of Glamorgan. CF71 7PY Tel: 01446 795 839 Fax: 01446 794 994 International Tel: +44 1446 795 839 email: chuck.amadi@rokcorp.com This email is confidential to the addressee only. If you do not believe that you are the intended recipient, do not pass it on or copy it in any way. Please delete it immediately. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Op vrijdag 16 maart 2007 05:29, schreef Kai Ponte:
The OS/2 machine finished all tasks in about two minutes. The Win95 machine finished in half an hour.
I like this comparison, which I did last week because openSUSE felt so much faster. Well see for your self: 1. System comparison Creating 350 files (1 file is create doc, and zip it) 1.1. System 1 2 GHz, 1 GB LiveCD regular desktop no 3D: 14" LiveCD desktop with 3D and running on batteries: 15" 1.2. System 2 3 GHz, 2 cpu, 512 MB 2 user sessions running: 30" 2 user sessions running, 1 with a compile going on: 45" - 60" 1.3. System 3 2 GHz, 1 GB 1 GUI nothing else: 4'15" 1 GUI (accessed via ssh) nothing else: 5'30" 1.4. System 4 450 HMz, 382 MB Without number crunching: 3'30" Number crunching job going only: 6'40" System 1: notebook running knoppix System 2: desktop PC running openSUSE System 3: notebook running MS XP System 4: desktop PC running openSUSE System 1 and 3 are the same system Ranking: 1: Knoppix on notebook 2: openSUSE on desktop 3: openSUSE on slow desktop 4: MS XP on notebook An 1 GHz MS XP is slower than a 450 MHz openSUSE system.... -- Richard Bos Without a home the journey is endless -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
The best server operations team is a Man and a German Shepard Dog. The man is there to feed the dog, and the dog is there to make sure the man never touches the machine.
I certainly agree, I have a myth backend running on opensuse 10.2. The only updates I allow are to mythtv, that is to gain additional functionality. Every time I have tried to update the underlying system I have ran into troubles. I installed it, configured it, and now just let it be. -- John Registered Linux User 263680, get counted at http://counter.li.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Thursday 15 March 2007 19:12, M Harris wrote:
On Thursday 15 March 2007 18:53, Doug McGarrett wrote:
One of the other things that bothers me is the continual changes to or elimination of things that work, in favor of cutting-edge stuff that doesn't actually work.
Are you running SLED or Opensuse?
I'm running 9.3 Professional, and as you say, it's nice, stable, and KDE. And about to become obsolete, in just about 4 months. I looked at SLED as you suggested, but it appears to be GNOME based, and I don't want to go down that road. When it actually becomes obsolete, I may look at another distro. --doug
... makes a difference ... sounds like you would benefit from running SLED--- definitely. Opensuse is for those of us who don't really need the max support and are willing to play with the system a bit in order to have some of the bleeding edge revisions. There is another alternative... and that is somewhere in the middle... use an opensuse version (based on history) that is for the most part as stable as you need it to be and wait... eventually there will be another "better" opensuse, or ubuntu, or you'll opt for the next stable release of SLED. Frankly Suse 9.3 Professional has been the best out-of-box distro so far from Novell. Actually, I have had really only minor annoyances from Suse 10.0. Yeah, my kmail speaks Chinese too sometimes... but the distro for the most part has been mostly fantastic...
SLED isn't bleeding edge and is mostly as stable as the Rock of Gibralter... it doesn't bleed and it won't have the latest revisions... but it will work for ya.....
-- Kind regards,
M Harris <><
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Friday 16 March 2007 12:36:45 pm Richard Bos wrote:
Op vrijdag 16 maart 2007 05:29, schreef Kai Ponte:
The OS/2 machine finished all tasks in about two minutes. The Win95 machine finished in half an hour.
I like this comparison, which I did last week because openSUSE felt so much faster. Well see for your self: Ranking: 1: Knoppix on notebook 2: openSUSE on desktop 3: openSUSE on slow desktop 4: MS XP on notebook
An 1 GHz MS XP is slower than a 450 MHz openSUSE system....
I'm honestly not surprised. I have always felt SUSE (with either KDE or Gnome or IceWM or...) is faster at most tasks than XP. I used to argue this point in the usenet forums, but eventually realized I was arguing with a brick wall and gave up. -- k -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Friday 16 March 2007, Doug McGarrett wrote:
looked at SLED as you suggested, but it appears to be GNOME based, and I don't want to go down that road. When it actually becomes obsolete, I may look at another distro
I don't blame you regarding the Gnome. It is so pathetically far behind kde its not worth investigating. I'd rather go to Xfce4. -- _____________________________________ John Andersen
Op vrijdag 16 maart 2007 23:54, schreef Kai Ponte:
An 1 GHz MS XP is slower than a 450 MHz openSUSE system....
Sorry the above line is not correct, it should be a 2 GHz, 1GB MS XP vs 450 MHz 382 MB openSUSE-10.2 system.
I'm honestly not surprised.
I have always felt SUSE (with either KDE or Gnome or IceWM or...) is faster at most tasks than XP.
I used to argue this point in the usenet forums, but eventually realized I was arguing with a brick wall and gave up.
-- Richard Bos We are borrowing the world of our children, It is not inherited from our parents. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Friday 16 March 2007 12:05, John Andersen wrote:
For a a linux box used as router, or a samba server, you would be highly unlikely to ever have to update anything for the life of the hardware. Correct.
... and this assumes of course that there does not exist some buffer overrun vulnerability (maybe undiscovered as yet) that will be uncovered some time in the future. On the other hand... an older kernel with an overrun vulnerability will be less likely to be attacked over time as that kernel level becomes used less... the bottom line is pretty much the same... for a given set of hardware a given linux firewall server can run for years and years without upgrade and be mostly safe. -- Kind regards, M Harris <>< -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hi, On Wed, 14 Mar 2007 16:44:50 +0100 Hartmut Meyer <.> wrote:
It's a shame, that on the opensuse list several of the oldie-related threads ended up with the answer "do update" :(
There are hardly any scenarios where one could give any other advise but to upgrade from an old/unsupported version to a newer/supported version.
9.1 might be "better" for you, but unless your system is not connected to any network (including internet dialup) staying on an unsupported system simply isn't a good idea.
I agree with you, but would add three extra points: while having few- several old systems even preparing updated/patched rpm packages for them is not so difficult and (e.g. for me) brings back the time invested. This could also happen without the help of SUSE/Novell; doesn't work in all situations, but valid alternative for most of the cases. That's like a homework ;) In the same time I think there is _noone_ having old SUSE releases and ha- ving no idea on the outdated nature of these systems! As extra addon, please consider people still using win95/98 or even newer systems with no updates as all, because sitting on dial-up or being lazy; kiddies will find THEM, and likely not the old Linux-es... Regards, Pelibali -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (25)
-
Adam Williams
-
Anders Johansson
-
Chuck Amadi
-
Clayton
-
David Brodbeck
-
Doug McGarrett
-
Duncan Mac-Vicar Prett
-
Eberhard Roloff
-
Hartmut Meyer
-
James Knott
-
Joe Morris (NTM)
-
John Andersen
-
John Pierce
-
Kai Ponte
-
kanenas
-
M Harris
-
Magnus Boman
-
pelibali
-
Randall R Schulz
-
riccardo35@gmail.com
-
Richard Bos
-
Russell Jones
-
Steve Jeppesen
-
Stevens
-
Wade Jones