Linux-Advocacy Digest #648, Volume #25 Thu, 16 Mar 00 01:13:04 EST
Contents:
Re: Bsd and Linux (Donn Miller)
C2 question (George Marengo)
Re: Open Software Reliability (Terry Murphy)
Re: C2 question (mlw)
Re: Open Software Reliability (Terry Murphy)
Re: C2 question (George Marengo)
Re: Open Software Reliability (Terry Murphy)
Re: C2 question (Christopher Browne)
Re: Virus Scanning a Linux CDrom ([EMAIL PROTECTED])
Re: Giving up on NT (Bob shows his lack of knowledge yet again) (David H. McCoy)
----------------------------------------------------------------------------
Crossposted-To: comp.os.linux.x,comp.os.linux.development.apps
Subject: Re: Bsd and Linux
From: Donn Miller <[EMAIL PROTECTED]>
Date: 15 Mar 2000 23:54:51 -0500
[EMAIL PROTECTED] (Donovan Rebbechi) writes:
> On Wed, 15 Mar 2000 16:43:37 GMT, Pjtg0707 wrote:
> >Alot of developers work in BSD partly because it is BSD code and
> >partly to get away from the Gnu licensing. Linux's network
> >code is also derived from BSD, but not as mature.
>
> Getting away from Gnu licensing, huh ? What compiler do the BSDs ship with ?
I just thought of something. Now that Linux is pretty popular, and
maybe BSD will also, it will be interesting to see if Borland will
want to develop products for these OS's. For example, will Borland
come out with a version of Borland C++ for Linux? Will we see a
version of OWL (Object Windows Library) for the X Window System? I
guess they could call it OWLX. It would be interesting. Of course,
then there's the problem that gcc and existing X toolkits such as Qt
and Gtk are open standard and non-proprietary, and that Borland would
be interested only in their own proprietary standards.
But then, I think it may be worth having Borland products of
developers want paid support. Plus, Borland compilers may or may not
be faster code than gcc. A benefit may also be that Borland can
contribute some stuff to gcc, but I don't think they'd be interested
in that.
--
- Donn
------------------------------
From: George Marengo <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: C2 question
Date: Thu, 16 Mar 2000 05:02:13 GMT
I've read recently that in its current form, Linux not only isn't C2
compliant, but that it cannot be C2 compliant because it doesn't
have Access Control Lists and auditing on ACL's -- it only has file
based permissions.
Further, C2 certified Unix implementations have been "Trusted"
versions; i.e., no standard off the shelf Unix OS's have been C2
certified, as is the case with NT (various versions)
I know that file permissions are the basis for the security model
in Linux, but I thought it also had ACL's.
------------------------------
From: [EMAIL PROTECTED] (Terry Murphy)
Subject: Re: Open Software Reliability
Date: Thu, 16 Mar 2000 05:11:26 GMT
On Wed, 15 Mar 2000 08:39:57 -0800, Edward <[EMAIL PROTECTED]> wrote:
>Uhhh... practically every high-tech project with any modicum of
>engineering involved uses UNIX. You don't really think high speed
>microprocessor design, ultrasonic airliner design, or any other
>high-tech endevour is accomplished on Windows or VMS, do you?
I have worked on the development of two different high speed
microprocessor projects for two different companies in the past three
years (one of which was Alpha, for DEC, which is the HIGHEST speed
microprocessor). In neither company was Unix the primary operating
system; at DEC all Alpha design is done in VMS, with some verification
work done on Unix, and most documentation work done on Windows, but all
circuit design and simulation was done on VMS. In the other company we
used Windows.
I would in fact point to the Alpha Microprocessor project as perhaps
VMS's greatest achievment: not only does every Alpha design engineer
have a VMS machine on his desk, and not only does every server in
the project run VMS, but even at the manufacturing level, VMS is used
to control the fabs. I know of no other major engineering project where
one single operating system controls the process from the desktop
CAD level all the way to the manufacturing level.
Alpha is the fastest microprocessor in the world and is designed on
VMS. Most of the other microprocessors are designed using Unix and are
slower. Coincidence? Since VMS is a better, more reliable system, it
not doubt is more productive to the engineers who use Unix, which is
constantly crashing and has case sensitivity issues.
Regards,
Terry Murphy
------------------------------
From: mlw <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: C2 question
Date: Thu, 16 Mar 2000 00:17:02 -0500
George Marengo wrote:
>
> I've read recently that in its current form, Linux not only isn't C2
> compliant, but that it cannot be C2 compliant because it doesn't
> have Access Control Lists and auditing on ACL's -- it only has file
> based permissions.
>
> Further, C2 certified Unix implementations have been "Trusted"
> versions; i.e., no standard off the shelf Unix OS's have been C2
> certified, as is the case with NT (various versions)
>
> I know that file permissions are the basis for the security model
> in Linux, but I thought it also had ACL's.
AFAIK, there is no such thing as "of the shelf" C2 compliance. An
install, as built, may be evaluated to be C2 compliant, a precise
specification of an install may result in a C2 compliant system, but a
software package, in a box is not. So, no, Windows NT is not C2
compliant "off the shelf." A particular installation of NT may have been
evaluated to be C2 compliant, but NT as a whole can not be.
As for whether or not Linux can be C2 compliant, I don't know. It is
unclear to me whether or not NT can be C2 compliant while still offering
networked services.
--
Mohawk Software
Windows 95, Windows NT, UNIX, Linux. Applications, drivers, support.
Visit http://www.mohawksoft.com
------------------------------
From: [EMAIL PROTECTED] (Terry Murphy)
Subject: Re: Open Software Reliability
Date: Thu, 16 Mar 2000 05:20:55 GMT
On Wed, 15 Mar 2000 09:51:34 -0600, mr_organic <[EMAIL PROTECTED]> wrote:
>You're full of s**t, buddy. And if the WSJ said that, so are they.
>It might be true that _VAX_ computers are in all these places, but I'd
>bet my watch and chain that a significant proportion of them run UNIX,
>not VMS.
Ken Olsen himself in his most famous anti-Unix quote stated that only
10% of VAX'es are going for Unix. I have never even seen a VAX running
Unix, except for one of the ones I have at home, where I installed it
(i.e., in its productive years, it was running VMS).
>Most if not all large telcos use UNIX in their infrastructure, and that's
>probably the biggest market in the world. As far as IC production goes,
>all the large fabs I'm aware of (Intel, AMD, Motorola, TI, and IBM) use
>Unix or Mainframe based simulation and production tools. None I know of
>are based on VMS. If you're going to insist on this point, give some
>examples.
I have been in three different Intel fabs in the past twelve months,
and they most definitely use VMS in the fabs. There is a bit of Unix
and Windows also, but more VMS than anything. The primary application,
Workstream, which tracks each wafer as it goes through the fab, runs on
VMS. Some of the other applications are being migrated to Windows. They
do use VAX'es, but they are planning to move some of the high volume
fab's to Alpha soon. Note that they are sticking with VMS, even though
they are changing architectures.
BTW, it is VERY well documented that Intel uses VMS in the fabs. Compaq
gets a fair amount of marketing mileage over this fact.
I understand that AMD and Motorola use VMS also, but I have no proof.
IBM, for what I have heard, uses some mainframes. I have no idea about TI.
Regards,
Terry Murphy
------------------------------
From: George Marengo <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: C2 question
Date: Thu, 16 Mar 2000 05:34:43 GMT
On Thu, 16 Mar 2000 00:17:02 -0500, mlw <[EMAIL PROTECTED]> wrote:
>George Marengo wrote:
>>
>> I've read recently that in its current form, Linux not only isn't C2
>> compliant, but that it cannot be C2 compliant because it doesn't
>> have Access Control Lists and auditing on ACL's -- it only has file
>> based permissions.
>>
>> Further, C2 certified Unix implementations have been "Trusted"
>> versions; i.e., no standard off the shelf Unix OS's have been C2
>> certified, as is the case with NT (various versions)
>>
>> I know that file permissions are the basis for the security model
>> in Linux, but I thought it also had ACL's.
>
>AFAIK, there is no such thing as "of the shelf" C2 compliance. An
>install, as built, may be evaluated to be C2 compliant, a precise
>specification of an install may result in a C2 compliant system, but a
>software package, in a box is not. So, no, Windows NT is not C2
>compliant "off the shelf." A particular installation of NT may have been
>evaluated to be C2 compliant, but NT as a whole can not be.
I know that, but it doesn't matter anyway... I was looking at the
wrong section of the http://www.radium.ncsc.mil class ratings.
The trusted versions of Unix are used for _B2 & B1_ ratings...
a rating which no version of NT has achieved.
>As for whether or not Linux can be C2 compliant, I don't know. It is
>unclear to me whether or not NT can be C2 compliant while still offering
>networked services.
From
http://www.radium.ncsc.mil/tpep/epl/entries/TTAP-CSC-EPL-99-001.html
A networked configuration was evaluated for interconnecting
the various hardware with Windows NT workstations and
servers.
From
http://www.radium.ncsc.mil/tpep/library/fers/TTAP-CSC-FER-99-001.pdf
The evaluated configuration for Windows NT 4.0 Service Pack 6a
with the C2 Update includes any number of the Windows NT
Server and/or the Windows NT Workstation products, acting in
any one of the following roles, either stand-alone or
connected via a physically protected network consisting of
zero or more Windows NT domains:
------------------------------
From: [EMAIL PROTECTED] (Terry Murphy)
Subject: Re: Open Software Reliability
Date: Thu, 16 Mar 2000 05:35:52 GMT
On Wed, 15 Mar 2000 22:59:47 GMT, R.E.Ballard ( Rex Ballard )
<[EMAIL PROTECTED]> wrote:
>Quantify this unreliability please?
I will look into it. I have no proof currently, however.
>> eBay has lost _b_illions in market capitalization due to bugs in Unix.
>
>Do you have details? I know that a number of sites have failed a number
>of times. Many of these sites fail due to integration issues. Often
>the problems result from 20%/month traffic growth. This has always
>been one of the big issues for UNIX.
Last summer eBay had a major outage for almost a whole day, and as
a direct results, the market capitalization dropped by around $2 billion.
The reason was due to a bug in Solaris. There were Sun engineers on site
to fix the bug. This was one of the two or three most expensive industrial
disasters in history - all to blame on Sun.
>> AT&T culture, and open source culture, aren't engineering entities,
>
>Let me see, you are saying that AT&T - during the 1980s and 1990s
>was a research company and wasn't interested in providing commercial
>services? Did they donate all of that long distance time? Perhaps
>they shouldn't have been divested? :-)
Of course I am referring to Bell Labs, not AT&T proper. Two totally
different entities, one research-oriented and one concerned with
products.
>> The products are not engineered to
>> be bulletproof or reliable.
>
>Actually, they aren't engineered to be "pretty". By the time
>UNIX had a common graphical X11 interface, there were thousands
>of command line components (programs) that used STDIO. It wasn't
>until Linux that there was any serious attempt to create pretty
>interfaces and GUI access to the controls. Even today, tools like
>Linuxconf and KDE Config tools are essentially glorified editors.
>> 90% of worldwide microprocessor production
>> Runs 17 of the world's 20 largest stock
>> exchanges (and over 100 worldwide)
>
>VMS or MVS? Most of the largest stock exchanges negotiate
>the trades on UNIX systems and the confirmed trade is sent
>to MVS in batch mode. In the U.S. ADP uses MVS systems to
>actualize the transactions. Until ADP sends the confirmations
>to the clearing houses, the trade is merely a promise, not
>an actual movement of cash.
According to Compaq, VMS. Now in most large IT shops there are
all sorts of different machines, so perhaps both.
>Again, with day-trading and other forms of speculation becoming
>more and more common, we are seeing more pressure to have real-time
>clearing systems. In many cases, the clearing houses are fronting
>the interface to the ADP systems with UNIX.
eTrade does use VMS for performing their transactions. I do not
know about the others.
>> Handles 60% of electronic bank-to-bank transacations
>
>This would definately be MVS. MVS is still the leader in bank-to-bank
>transactions. AS/400 is a close second. UNIX is generally not used
>because most of the bank-to-bank transaction clearing network was based
>on APPC instead of TCP/IP.
According to Compaq, VMS. This statistic is widely quoted.
>UNIX has been a very effective competitor in nearly every niche
>it has entered. Today, 90% of all minicomputers run UNIX (the
>remainder run VMS),
>80% of all supercomputers run UNIX (the remainder run MVS or OS/390)
Apparently you are combining mainframes and supercomputers. I do not
know about supercomputers (and I wouldn't be too surprised to hear
they are 100% Unix), but mainframes are 0% Unix, by definitin.
>70% of all microcomputer servers run variants of UNIX (the remainder
>run a combination of NetWare and NT).
I don't want to waste my precious free time participating in advocacy
groups and chasing down a URL to support every last claim I make, but I
do recall a Slashdot article just a few weeks ago which claimed that
Windows NT was still the number one server OS with something like 40%
market share.
>About 70% of all engineering workstations run UNIX.
I don't doubt it. Five years ago, they were probably 95% Unix.
>How much demand do you see for ADA programmers?
>
>How much demand do you see for VMS programmers?
>
>It's possible that the ADA/VMS programmers are like the FORTH
>programmers. There are a few thousand left in the country and
>they do all the work. Last I heard DEC/COMPAQ had laid off most
>of their VMS people, and most of the VMS people were frantically
>trying to learn UNIX.
This sounds like FUD to me. VMS is under extremely active development.
Galaxy was recently released which is probably the biggest innovation
in OS'es in the past ten years (and is a VMS-only technology).
------------------------------
From: [EMAIL PROTECTED] (Christopher Browne)
Subject: Re: C2 question
Reply-To: [EMAIL PROTECTED]
Date: Thu, 16 Mar 2000 05:52:30 GMT
Centuries ago, Nostradamus foresaw a time when George Marengo would say:
>I've read recently that in its current form, Linux not only isn't C2
>compliant, but that it cannot be C2 compliant because it doesn't
>have Access Control Lists and auditing on ACL's -- it only has file
>based permissions.
>
>Further, C2 certified Unix implementations have been "Trusted"
>versions; i.e., no standard off the shelf Unix OS's have been C2
>certified, as is the case with NT (various versions)
>
>I know that file permissions are the basis for the security model
>in Linux, but I thought it also had ACL's.
All of the above statements are incorrect.
a) Harris has a version of UNIX that is certified at higher than C2
(I believe B1; feel free to verify with the TPEP web site...) which
*does not offer ACLs.*
Conclusion: The common claim that ACLs are mandatory in order to
attain C2 certification is FALSE.
b) Digital OSF/1 could be configured in a C2-compliant configuration
using the "off-the-shelf" software. That was true five years ago.
I don't think it was commonly *used* in this manner, but the standard
documentation set provided information on how to do this.
c) No, Linux does not have ACLs.
There's a project or three that intend to support them, and filesystems
have some cursory support for fields that could be used for the purpose,
but It's Not There Yet. But, as previously mentioned, Harris has shown
that while it may be *convenient* to use ACLs to provide mandatory access
controls, it is not *mandatory.*
--
Is the surface of a planet the right place for an expanding
technological civilization?
[EMAIL PROTECTED] - - <http://www.ntlug.org/~cbbrowne/lsf.html>
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Virus Scanning a Linux CDrom
Date: Thu, 16 Mar 2000 05:52:15 GMT
> On Thu, 16 Mar 2000 03:58:41 GMT, Mark Robinson <[EMAIL PROTECTED]>
> wrote:
> >Pretty much everything on the CD is either compressed or Linux ELF
> >format. I doubt there are any anti-virus programs that can understand
> >either. There won't be any viruses on it if it is from a trusted
> >source.
> >
> >Mark
As far as CheapBytes being a trusted source, I think I originally heard
about them (as a source for cheap distro cd's) from looking back at old
postings in this group. Whether that qualifies as a good character
reference, well.... :)
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED],net wrote:
> Some CD readers (SigmaData, used in many ThinkPads) get sick trying to
> run Linux CD's. This is the fault of the PLAYER not Linux.
> BTW if you happen to have one of these garbage CD readers call the
> toll free number on it and get a new one for free, unless of course it
> is working for you (highly unlikely though).
Not exactly an option. If anyone catches me taking this thing apart
even to look for a number, my butt would be canned soooo fast! But if
Sprint can afford to buy us a 400 or 500Mhz Dell, surely they would
also invest in a decent CDrom.
> As far as virus sigs are concerned, I wouldn't worry about Linux
> having a virus..
My thinking was that if Windows software happened to be involved in
copying the files or burning the cd's, something could perhaps be
slipped into the boot record of the cd (if a cd even has a boot record)
that would trigger when I tried to install. Not that I'm paranoid or
anthing, but I've had my share of troubles with virii. (I used to use
the computers at the local public libraries. On the day that I found
*3* different viruses on the same disk, I decided it was time to get my
own computer.)
Of course, if the cd was created by the company that is sending out the
distribution, then one could assume that Linux was the operating system
that did the work, or one would have to wonder about the company.
> Most folks wouldn't know if it did anyway :(
> Duck for cover :)
> Steve
Ah well, I'm probably one of them.
Thank you, gentlemen. I guess I can kind of relax now.... at least
until it's time to install this stuff. ;)
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: David H. McCoy <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.ms-windows.nt.advocacy,comp.os.os2.advocacy,comp.sys.mac.advocacy
Subject: Re: Giving up on NT (Bob shows his lack of knowledge yet again)
Date: Thu, 16 Mar 2000 06:03:09 GMT
In article <38cf141b$1$yrgbherq$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
> David H. McCoy <[EMAIL PROTECTED]> said:
>
>
>
> HEY EVERYONE --- Standby for McCoy to tell us how the sex was with someones
> mother. Its his standard MO.
>
>
Weenie.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.advocacy) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Advocacy Digest
******************************
