(This discussion has pretty muched strayed from facts into fiction
and religion; it's also pretty much of the firewall track, I'll
try to correct some "facts" and perhaps we should leave it at that)
>BSD comes with a development environment (GCC, GDB, and utilities).
>You'll probably want to get GCC if you use Solaris, since most free
>utilities compile best under it. Sun's commercial C compiler is still K&R
>oriented, and lacks the GCC extensions that certain software (especially
>GNU) likes to use. Solaris doesn't come with any C compiler standard, so
>you'd have to either find a GCC binary (the route I took) or buy Sun's
>commercial compiler (which I didn't want to do, after reading reviews of
>it).
While a lot of free utilities compile fine udner gcc, they also compile
fine under SUn's C compiler. Sun's C compiler is *not* K&R oriented.
It's a full ANSI compiler. The older versions would, by default, run in
a "be forgiving towards old code" mode; the latest version runs in a
ANSI C mode, while allowing all non-ANSI (long long, POSIX, XPG4, etc)
extensions.
I will not get into an argument which compiler is better; but here's a few
facts:
- Sun now uses its compilers for SPEC (if gcc was faster, wouldn't
they have ...)
- Many people have trouble installing gcc correctly (w/o fixed includes
or with fixed includes from the wrong release, many gcc installations
on Solaris 2.x are broken). They get a free compiler, but lacking free
support they sometimes find themselves a long way from home.
A for money compiler could save them money in the long run.
As for Solaris 2.5 performance, it still isn't compiled w/ much optimization
and aimed add 386 processors, there are marked improvements to come.
The FreeBSD/Linux/Solaris 2.4 comparison correctly says that they only give
a snapshot. A snapshot in which Solaris 2.4 does badly w/ pipes; in a next
snapshot (of Solaris 2.5) Solaris would do 4-5 times better w/ pipes.
This has strayed too far from firewalls, I hope I kept the religious bits to
a minimum so we can cut this discussion short.
ObFirewalls: of course we want you to use Solaris 2.x for your bastion hosts;
if you find it lacking, we may adopt those features you want so you can run
your firewall better on Solaris 2.x. That's why I find this an interesting
discussion, despite the fact that religious arguments flare up almost
immediately.
And are ACLs really a departure from traditional Unix? Perhaps they
are, yet they are a proposed {POSIX,X/OPEN?} standard.
Immutable files are much more a departure: the ability to access the kernel
is taken away, the directory in which a file lives no longer dictates whether
it can be removed or renamed; if its immuatble it can't be removed or
renamed.
Immutable files are a hack, but I recognise that they are an extremely
useful hack.
Casper
Follow-Ups:
|
|
