On Thu, Mar 25, 2010 at 9:02 AM, ken mays <[email protected]> wrote:
> George, > > Many of the 'parts' that are closed source are either discontinued or > 'closed-source' due to legal IPs from other IHVs or ISVs. If you look at > certain 'high-end' Linux distributions, you'd run into the same situtation > and you'd have to go to those vendors for further support (example: Nvidia > or Marvell device drivers). > > So someone can provide SOME security support if it deals with FOSS and > those > legalities, but not anything considered "closed" by Oracle or their > partners. You may squeeze water from a rock - but it won't give you lemonade > too (i.e. not at least without some divine intervention or you bringing the > lemons). > After quite some reading, I think the closed binaries really haven't much to do with blocking the community from providing security support. They are mostly hardware drivers from what I can tell. I think the greatest obstacle to that is the lack of information and Oracle/Sun keeping the community at distance. It makes sense since Oracle/Sun view OpenSolaris just as a highly controlled testing platform for what will become Solaris. It's just too sad they aren't ready to reap the benefits of true open source development and let OpenSolaris be a platform for bleeding edge innovation from where they take the ideas that prove to be good for their commercial offering. Anyway, does anyone see any problem with the community following Oracle/Sun's security alerts, going through the code to look for related commits and providing updated packages for free ? -- Giovanni _______________________________________________ indiana-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/indiana-discuss
