You can’t please everyone

I’ve never met him personally, but I’ve had the pleasure of exchanging e-mails and Google+ conversation with Dietrich Schmitz, a Free/Open Source Software advocate in New York.

Until recently, Dietrich had been using CrunchBang and saying nice things about the distro online. But because he discovered that Waldorf is not supporting the Linux kernel 3.5 seccomp-bpf sandbox, he’s moving on to another distro.

Security is big with Dietrich, and I respect that. Apparently without seccomp-bpf, Waldorf for him is a non-starter. From his missive on G+, he says:

“In this situation, I petitioned the lead developer at CrunchBang to give seccomp-bpf his consideration for a ‘backport’. After a few weeks, the developer came back with a reply to the effect that he had his hands full with development centered around CrunchBang’s ‘OpenBox’ gui environment without adding the burden of this request. He offered that Debian, the upstream provider of his CrunchBang kernel, would address routinely any and all security issues.

“Of course Debian will, and, of course, as we all well know they are like ‘Vermonters’ who get around to it ‘when I wanter’ which translates in some cases to ‘when hell freezes over’. So, I was left with the distinct impression that +Philip Newborough was taking a ‘hands-off’ approach and was non-plused by the issue, deferring to Debian to handle.”

While it’s a valid opinion, I would strongly disagree with this assessment. To say not including seccomp-bpf is a shortcoming in CrunchBang is incredibly wide open to debate. I trust Philip Newborough on this one, and I think his position in deferring to Debian on this — waiting for Debian to make that call to include it — is the best way to handle this for CrunchBang, as well as the best way for any other Debian-based distro to handle this.

While I’m sorry it doesn’t fit Dietrich’s standards for security, I think it’s perfectly reasonable to wait for Debian’s lead on this, and I’d be willing to bet they’ll get to it well before hell freezes over.

Not only this, I know several Vermonters and I haven’t met one I didn’t like. In fact, Vermont has the nation’s best senator in Washington, Sen. Bernie Sanders, and the state makes the best mass-produced ice cream.

But back to the point: Dietrich took his proverbial ball and went to another playground, and he is right to go with a distro that suits his needs. That’s what Linux and FOSS are all about. It’s not CrunchBang, but as far as I’m concerned, it deserves nothing more than a shrug and a “c’est la vie.” Choice is good: It’s a good thing that there are about 320-plus distros out there, so we all can get what we want. Fortunately, the number of distros out there affords us the luxury to be this flexible with our choices.

You can’t please everyone, and that’s fine. For me, CrunchBang is still atop my list of recommended distros.

Larry Cafiero is one of the founders of the Lindependence Project and has just started developing software at Redwood Digital Research (RDR), a consultancy that provides FOSS solutions in the small business and home office environment. RDR is based in Felton, California, USA.

Crunchbang Add to Technorati Favorites EFF Binary Freedom Wordpress button dbEntrance button Scribus Conky LibreOffice PostgreSQL python scale 10x


3 responses to “You can’t please everyone

  1. Thank you for your support, Larry. To be honest, this whole discussion baffled me. For the past couple of weeks, Dietrich had publicly pinged me on numerous occasions about the patch and so I contacted him with my reply. He obviously was not happy with my decision and continued to argue the point. Now, it is not very often that I feel insulted, but his general lack of tactfulness was just plain rude.

  2. Off topic, I wish we had a lot more leaders cut from the cloth of Bernie Sanders. Alas, in my State of Alabama, I’m still wondering when our State Government will try to move out of the 19th century.
    Paul Sams

  3. If this is something in the kernel, can’t the guy just grab a kernel that includes this patch and install it in an existing #!?? As a longtime Debian user, situations arise when you can’t use the stock Debian Stable kernel, especially when you have new hardware. So you grab a kernel from either Liquorix, Debian Backports, or wherever you can get one.

    If the guy is that adamant about this one patch, can’t he just compile his own kernel? You can do that, you know …

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s