Announcement

Collapse
No announcement yet.

FreeBSD Continues Work On Ridding Its Base Of GPL-Licensed Software

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • FreeBSD Continues Work On Ridding Its Base Of GPL-Licensed Software

    Phoronix: FreeBSD Continues Work On Ridding Its Base Of GPL-Licensed Software

    The FreeBSD project today published its Q4-2020 status report concerning all the interesting happenings for this open-source BSD operating system...

    http://www.phoronix.com/scan.php?pag...Q4-2020-Update

  • #2
    I think the more interesting change is that FreeBSD is working on securing NFS with TLS and should have a working implementation of it in v. 13. NFS has long had issues with securing data transport as mentioned in the brief section. I find it technically interesting as a solution. Kerberos is a very heavy weight solution and not many sysadmins have the patience to deal with it. A BSD licensed implementation can be imported into other projects or products without much concern about licensing conflicts.

    Comment


    • #3
      > Ridding Its Base Of GPL-Licensed Software

      > moving from Subversion to Git

      LOL

      Comment


      • #4
        Originally posted by Cthulhux View Post
        > moving from Subversion to Git
        We are really just waiting for a BSD licensed alternative to be ready. Most people have their eyes on this one: http://gameoftrees.org/

        Though I personally really like this: https://github.com/oridb/git9 (at least when I remember it is git/add git/push rather than "git add", "git push"! Muscle memory really works against me)

        Comment


        • #5
          Originally posted by stormcrow View Post
          I think the more interesting change is that FreeBSD is working on securing NFS with TLS and should have a working implementation of it in v. 13. NFS has long had issues with securing data transport as mentioned in the brief section. I find it technically interesting as a solution. Kerberos is a very heavy weight solution and not many sysadmins have the patience to deal with it. A BSD licensed implementation can be imported into other projects or products without much concern about licensing conflicts.
          NFS (like most traditional Unix software) is a pile of garbage in terms of AuthN and AuthZ, regardless of the security of the transport channel. The octal permissions, sticky bit, "ACL" which is mostly just a gimmick and has no resemblence to actual ACLs, groups not being able to hold groups, and all the other ridiculous limitations dating back to the 80s or even 70s, it just blows my mind how the Unix world actually survived the 2000s Internet explosion until most AuthZ and AuthN stuff essentially moved from the OS to higher levels (in most of the cases, to webapps). Do you know how you can prevent a Docker user from gaining sudo rights? I tell you: no way. That's Docker AuthZ for ya.

          So no, NFS having or lacking TLS support is the least of my concerns.

          Comment


          • #6
            let kill GNU in the process while we are at it

            Comment


            • #7
              Originally posted by Cthulhux View Post
              > Ridding Its Base Of GPL-Licensed Software

              > moving from Subversion to Git

              LOL
              First, the VCS is not the base of an OS.
              And second, git is GPL v2 (and I think also LGPL) which is a little less "messy".

              Comment


              • #8
                Originally posted by Cthulhux View Post
                > Ridding Its Base Of GPL-Licensed Software

                > moving from Subversion to Git

                LOL
                If you and your fellow numbskulls had bothered to read the referenced news article you'd see they're using Game of Trees which is BSD licensed. Git is more than a just the reference program Linus began. It's more than Gitlab or Github. It's also a protocol and methodology utilized by other implementations. DOH!

                Comment


                • #9
                  Originally posted by anarki2 View Post

                  NFS (like most traditional Unix software) is a pile of garbage in terms of AuthN and AuthZ, regardless of the security of the transport channel. The octal permissions, sticky bit, "ACL" which is mostly just a gimmick and has no resemblence to actual ACLs, groups not being able to hold groups, and all the other ridiculous limitations dating back to the 80s or even 70s, it just blows my mind how the Unix world actually survived the 2000s Internet explosion until most AuthZ and AuthN stuff essentially moved from the OS to higher levels (in most of the cases, to webapps). Do you know how you can prevent a Docker user from gaining sudo rights? I tell you: no way. That's Docker AuthZ for ya.

                  So no, NFS having or lacking TLS support is the least of my concerns.
                  So don't use it.

                  Comment


                  • #10
                    Originally posted by Aryma View Post
                    let kill GNU in the process while we are at it
                    Sounds good to me.

                    Comment

                    Working...
                    X