[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde
Subject:    Re: Still lots of compilation and run troubles on Solaris2.5.1
From:       Matthias Ettrich <ettrich () kde ! org>
Date:       1998-06-30 20:34:34
[Download RAW message or body]


>I have now on three occasions found security loopholes where my password
>was publically readable. Three. I've also had KFM completely corrupt
>my entire filesystem (now fixed). Are you telling me that that is worthy
>of 1.0 ? Once it is 1.0 many more Solaris and "networked" users will
>feel encouraged to use KDE. And we are only just _beginning_ to gain
>experience with KDE under multi-user conditions through people like
>me. 

Yes, that's why it's called 1.0, not 2.6

>
>However robust KDE is on Linux, the fact is that it is bound to
>all systems on which its source compiles. 

You suggest we should make it harder to compile it under Solaris?
Actually, I use it from time to time on a solaris machine, same does Coolo and
some others as well. It is usable there, just like any other 1.0. Not perfect,
not its native plattform, but it works.

[snip]
>
>So what then are the advantages of moving to 1.0 status ? 

- it's pretty good 
- it works well for standalone machines, small private networks and dial-up
    networks 
- it's much better then Windows1.0, OS/2 1.0, RedHat1.0 etc.
    
But most important: we will do a lot of major changes in the future. If we did
that now, we will get a much less stable and almost unusable KDE for months.

There are hundreds of developers waiting for a stable API to do their
KDE applications. That's what we will provide with 1.0: Stable libraries for
developers. And --- important as well --- a stable developement branch to do
security fixes. So you can provide your solaris/multiuser security fixpack for
KDE-1.0 and you can be certain that people can apply these patches.

The internal structure of kfm, kwm and lots of other things will change
completely. There's really no need to make real users follow this tree hoping
to get something perfect in two years. Since there is always something exiting
to develop, this is an endless loop which will never lead to a stable release.

>
>Welcoming discussion,

No need to discuss, it's already decided. We will fix the (from our point of
view) critical bugs and ship 1.0 as soon as possible.

Again: this will not hinder you or anybody else to provide security fixes.
There will be a 1.0.1 a 1.0.2 and so on.

I hope I clearified our position. I will leave that thread now, since (a) we
have a vast majority on that release policy and (b) there's no chance that we
change mind. However, we will document the security things in the known-bugs
section, so that it can be fixed within the stable branch. 

Matthias
   .... looking forward to do some real development again, after all that
       boring bugfixing ...
-- 
Send posts to:  kde@lists.netcentral.net
 Send all commands to:  kde-request@lists.netcentral.net
  Put your command in the SUBJECT of the message:
   "subscribe", "unsubscribe", "set digest on", or "set digest off"
**********************************************************************
This list is from your pals at NetCentral <http://www.netcentral.net/>

[prev in list] [next in list] [prev in thread] [next in thread]