Today is an important day for my OSS portal AIXTOOLS because I am goig to start packaging some packages based on AIX 6.1 TL7 (SP6) - rather than "always" at level AIX 5.3 TL7.

The packages that will start everything off will be security related packages (such as sudo - so I can add RBAC features (pst: a test version of sudo-rbac here ),  python (to add, among other things libuuid support), and other networkbased tools.

As of this moment - nothing is switched yet - but most new things will be built on my new development partition - x066 - running, again AIX 6.1 TL7.

Security is HOT!

Yes, that is something "we" have been saying for years. Finally, it seems that high-level business management is noticing that not securing systems and applications really does cost profit. OMG! - Securing systems is not just a bunch of Hype!

What has been going on?

My quick crystal ball (that sees perfectly into the past ) tells me - while the rest of us were sleeping and having pleasant dreams - the "hacking as a business" group has done some serious study on application and platform weaknesses. And, "today" we wake from our dreams to find ourselves living a nightmare. We dreamed we were safe. Maybe better is the lesson of the fable: "The King's New Clothes"and we are at the point where the King (our business management) realizes the royal house is walking around - well, you know!

Something we all use, but don't really know - TLS security

IMHO - a lot of SSL discussions are almost understood. I feel I know enough to know when I need to worry versus when I do not need to worry. But, my SSL coffin is still how the major browsers are really the ones who dictate what, when, how re: what elements of SSL is permitted.

Ouch! and Bother!

The last two weeks I have been making time for a patch (cpython sees it as a new feature) for python. And maybe a few other things - such as the latest httpd and associated apr and apr-util.

I was having some surprising issues with libxml2 and libexpat - they just seemed to be off. I have not figured out where the libxml2 issues come from - but libexpat was a collision from 'old-style' apr-util (version 1.5.4) that has libexpat embedded, and the needs for python and libexpat - that needs to be coming 'from the system'.