[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Quitting debian-java

[Note: This is Cc'd to debian-devel and debian-security because of the
discussion regarding RMS' su diatribe; subscribers to these lists
might find it interesting, scroll down past the Java stuff if you are,
and feel free to ignore this message if you're not. Please don't flame
me. I'm thin-skinned. <grin>]

On Thu, 1 Mar 2001, Seth Arnold wrote:

> * Alexander Hvostov <vulture@aoi.dyndns.org> [010301 22:35]:
> > That's why you create classes under packages other than `java' or
> > `javax'. The Java API proper is in the `java' and `javax' packages, and
> > Sun is simply trying to keep Java consistent across implementations by
> > using their IP powers to make not implementing these packages to spec
> > illegal.
> > 
> > It's called standards. It's why they exist. Sun just happens to have the
> > IP power to enforce them.
> I'm not saying an attempt to have standards is bad; I'm saying that due
> to how Sun wishes to maintain standards, I don't think a free Java API
> implementation can succeed. It is why there isn't a standard Java
> package in Debian.

Why not? If a free Java implementation is done to spec, it is in
compliance with Sun's relatively lenient IP-enforced requirements, which
means that there _can_ be a default Java package in Debian. It's also why
projects like kaffe, japhar, gcj, and so forth exist without getting
sued. Besides considering that Sun is leveraging its IP, consider _why_
Sun is doing this, and _what_ they're leveraging their IP to do. You must
look deeper, my son. :)

I think they should mention that pre-release versions of Java
implementations are allowed to implement subsets of the spec, though,
since it would be pretty counterproductive to not release your
implementation at all until you've completely implemented the spec...

> > Considering Mozilla will stabilize and become fully usable soon enough, I
> > don't think this drastic a change is really necessary.
> Good; then you can delete Navigator at that point and not worry about it
> being non-free. :)
> > > > - figfonts
> > > Hehe. Do you *need* figlet? :)
> > Do I *need* reproductive organs?
> Nope. Care to donate yours to the needy? :)

Those who don't have reproductive organs presumably underwent one or more
traumatic experiences that resulted in their loss, which generally causes
them not to want replacement reproductive organs. This is the probable
reason for the lack of demand for such organs.

> > > > - filters-nonfree (for when fortune doesn't cut the mustard :)
> > > Hehe. Do you *need* to read something in Cockney English? :)
> > Do I *need* two functioning eyes, rather than just one?
> Many organisms don't even *have* eyes. Two is just wasteful. Care to
> donate yours to the needy? :)

These, on the other hand...

> > What `su' diatribe, exactly?
> info su; /Richard

Okay, now that's just rich. I'm tempted to email RMS and tell him to stop
trying to apply a technological solution to a sociological problem, as
it's the same damned thing that smut filter software (Cyber Patrol et
al) is designed to do, and it's no secret to any faithful Slashdot reader
that doing so is futile and counterproductive.

Of course, all of this is meaningless, since with PAM, `su' _can_
understand and honor the `wheel' group. Also, if RMS is so against
authority and power, why is there a GNU `su' at all?

In addition, where the rulers' (ie, sysadmins') power is not cemented,
there is no security (e.g., because someone unauthorized has the root
password). Where there is no security, there are 31337 H4X0RZ, who
generally completely subvert the machine, rendering the entire point moot
since now _nobody_ (except, of course, the aforementioned H4X0RZ) can use
the machine.

And anyway, what competent sysadmin is stupid enough to give a bunch of
lusers the power to change the root password?

Also, reading over this article, it seems as though everyone had
sufficient access to modify the OS kernel. Obviously, in Unix, this is
definitely not the case, nor is it altogether common anymore to have
anywhere near as many users as I'm under the impression were on the Twenex
system in the example. And of course one can always subvert the machine by
disconnecting the BIOS battery (if necessary) and booting off a floppy...

The bottom line is that the example given RMS is horribly out of date, and
most of it no longer applies, as modern Unix systems with that quantity of
users are run by some extremely cautious sysadmins, who are less than
altogether eager to give out the root password (or the power to change
it) to anyone other than God. Those who feel otherwise shouldn't have root
in the first place, as they are not competent sysadmins by any
stretch, especially on a system serving that many users. This was the era
of trivial security where nobody ever really exploited buffer overflows or
anything, and that simple intimidation (e.g., "Permission denied") was
enough to prevent users from doing things they weren't supposed to. Those
days are numbered, and ultra-secure systems that even the FBI is unlikely
to crack[0] are now an everyday sight.

> Cheers! :)



[0] Without physical access, at least.

P.S. For those of you too lazy (or unable) to look at the mentioned
article by RMS, it is copied below for your convenience:

Why GNU `su' does not support the `wheel' group

   (This section is by Richard Stallman.)

   Sometimes a few of the users try to hold total power over all the
rest.  For example, in 1984, a few users at the MIT AI lab decided to
seize power by changing the operator password on the Twenex system and
keeping it secret from everyone else.  (I was able to thwart this coup
and give power back to the users by patching the kernel, but I wouldn't
know how to do that in Unix.)

   However, occasionally the rulers do tell someone.  Under the usual
`su' mechanism, once someone learns the root password who sympathizes
with the ordinary users, he or she can tell the rest.  The "wheel
group" feature would make this impossible, and thus cement the power of
the rulers.

   I'm on the side of the masses, not that of the rulers.  If you are
used to supporting the bosses and sysadmins in whatever they do, you
might find this idea strange at first.

Reply to: