In this section, we cover the highlights of Planet Fedora - an aggregation of blogs from Fedora contributors worldwide. This edition covers highlights from the past three weeks.
Contributing Writer: Adam Batkin
Daniel Berrange explained how libvirt deals with different CPU models and passing on their capabilities to guests. "Every hypervisor has its own policies for what a guest will see for its CPUs by default, Xen just passes through the host CPU, with QEMU/KVM the guest sees a generic model called "qemu32" or "qemu64". VMWare does something more advanced, classifying all physical CPUs into a handful of groups and has one baseline CPU model for each group that’s exposed to the guest...libvirt does not like to enforce policy itself, preferring just to provide the mechanism on which the higher layers define their own desired policy...In the 0.7.5 release that will be in Fedora 13, there is finally a comprehensive mechanism for controlling guest CPUs."
Stephen Smoogen looked at and its many different target audiences. "Looking through the long conversations, it is clear that some people are talking about Fedora the distribution, others are talking about Fedora the community, Fedora the websites, Fedora the desktop, or even Fedora the hat. Very few people go into what they are talking about and everyone seems to assume that the other person knows exactly what is going on in their heads."
Máirín Duffy revamped the authconfig-gtk/system-config-authentication dialog, described as "a box of chocolates GUI, meaning 'you never know what you’re going to get'" since, among other issues, it "allows you to check off as many and whatever identity and authentication methods you desire, even if the combinations make no sense."
Mark J Cox disclosed some interesting statistics for security flaws in Red Hat Enterprise Linux. "During the creation and review of the list we spent some time to see how closely last years list matched the types of flaws we deal with at Red Hat. We first looked at all the issues that Red Hat fixed across our entire product portfolio in the 2009 calendar year and filtered out those that had the highest severity. All our 2009 vulnerabilities have CVSS scores, so we filtered on those that have a CVSS base score of 7.0 or above."
Josh Bressers examined an MSDN Blogs post titled "Microsoft's Many Eyeballs and the Security Development Lifecycle". Josh concludes "The original article I'm mostly disagreeing with here concludes with the usual old data that Microsoft releases fewer security advisories than Open Source does. This is of course a red herring meant to distract the reader. They've been caught multiple times only releasing one advisory for multiple flaws. With closed source, there isn't a good way to tell what's all getting fixed. In Open Source, we can't hide anything, it's all there. This keeps us honest."
Although probably only a coincidence (Planet Fedora generally doesn't usually spend very much time being hostile to Microsoft), Richard W.M. Jones explained "Why the Windows Registry sucks ... technically".