George, Many of the 'parts' that are closed source are either discontinued or 'closed-source' due to legal IPs from other IHVs or ISVs. If you look at certain 'high-end' Linux distributions, you'd run into the same situtation and you'd have to go to those vendors for further support (example: Nvidia or Marvell device drivers). So someone can provide SOME security support if it deals with FOSS and those legalities, but not anything considered "closed" by Oracle or their partners. You may squeeze water from a rock - but it won't give you lemonade too (i.e. not at least without some divine intervention or you bringing the lemons). ~ Ken Mays - On Thu, 3/25/10, George Koutras <[email protected]> wrote:
From: George Koutras <[email protected]> Subject: Re: [indiana-discuss] Reporting Security Issues (Was: Free /support, /security repository for 2010.x, wider OpenSolaris usage.) To: "Darren J Moffat" <[email protected]> Cc: [email protected], [email protected] Date: Thursday, March 25, 2010, 7:06 AM I know you were referring to zfs but I just took it one step forward and asked if there are closed parts, but Shawn has already covered this part. So, I think this list of no-open is quiet long and can be a stopper for a full blown security repo. ________________________________ From: Darren J Moffat <[email protected]> To: George Koutras <[email protected]> Cc: Giovanni Tirloni <[email protected]>; [email protected]; [email protected] Sent: Thu, March 25, 2010 11:23:39 AM Subject: Re: [indiana-discuss] Reporting Security Issues (Was: Free /support, /security repository for 2010.x, wider OpenSolaris usage.) On 24/03/2010 20:15, George Koutras wrote: > Thnx for the update Darren. You think there are no closed parts in > opensolaris? I was under the impression that some parts are closed. If That isn't what I said. I corrected your example that ZFS was not fully open; it has always been fully open. There are some parts of OpenSolaris that are closed. As Sun/Oracle employees we were/are not allowed to say why they are closed (there are various legal reasons). > this does not stand then I see no reason why a security repo shouldn't be > implemented. It won't be possible for anyone employed by Oracle (or its affiliates) to be involved in that effort in any way. -- Darren J Moffat _______________________________________________ indiana-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/indiana-discuss _______________________________________________ indiana-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/indiana-discuss
