[UKUUG Logo] Copyright © 1995-2004 UKUUG Ltd


Previous Next


Qmail 1.03

(Reviewed by Lindsay Marshall)

This review follows a template for Software Reviews that we are trying out. If you would like to review a piece of software (and we would like you to), then please contact Andrew Macpherson for a copy of the template.

What the package does

A Sendmail substitute that is claimed to be faster and more secure.


Freeware. Copyright by author.


You need a UNIX system, a C compiler and make to install this package.


You need to compile the package from its source and then install it using the Makefile provided. You also need to add some new user ids to the system. These are used by various components of the package. When running there are several small daemon processes that communicate with each other.


The package defaults are fine for an installation that is not doing complex forwarding and name rewriting. They are ideal for replacing Sendmail on a leaf machine on a network. Doing something more complex requires some work but nothing too arduous.

> The one major difference between Sendmail and Qmail is that Qmail handles forwarding differently so if you have lots of .forward files you have to install an extra to deal with them. This is not hard but on a small machine it turns out to be easier to replace the .forward files with the appropriate Qmail file.

Package availability

The source can be obtained from various places, the best place to start being at http://www.qmail.org/. Packaged distributions (i.e. RPM, etc.) are not readily available. See http://www.star.co.uk/qmail/top.html.

Security Implications

The system has no known security holes at the moment. There is a $1000.00 prize offered to anyone who can find any security problems with the package.

Known Alternatives

Sendmail - much easier to use than Sendmail as it does not require an arcane configuration file. It is claimed that Qmail handles broken connections better than Sendmail and that it will not lose mail. Great claims are made for its performance under high load.

eXim - I have no experience of this package so I cannot compare it.


Pretty well any UNIX system - I have run it on Linux (Redhat 5.1) and Solaris 2.5.1.

Languages Supported



The documentation comes in the form of several READMEs and manual pages. It is relatively easy to find out what you need to know. There is a book about the system in the pipeline by John Levine and Russell Nelson to be published by O'Reilly.


I have made no measurements of performance. However the system appears to be significantly faster than Sendmail and to place a much lower load on the CPU. There is a discussion of performance on the web-site where great claims are made for the throughput that can be achieved.


Commercial support is available for the package and details can be found on the web pages.

Overall Comments

I found this package to be easy to install and have had absolutely no trouble in running it. I have even got hold of some of Qmail's author's other packages and am running them in conjunction with Qmail. The bottom line is that anything that allows you to get rid of Sendmail and its hideous configuration files has to be a good thing!

Netscape Communicator 4.5b1

Netscape Communications Corporation
Free to download

(Reviewed by David Hallowell)

This is the first public beta (preview) release of the 4.5 series of Netscape's popular suite of Internet applications. The 4.5 releases of Communicator are going to be the last ones that are being totally developed internally by Netscape - from version 5.0 onwards Netscape will also incorporate the efforts of the open source Mozilla coders.

Netscape has incorporated some new features into the 4.5 browser. The Messenger mail and news reader has been merged with the Message Center that allowed you to view the mail and news folders and subscribe to news groups. The result is a 3-pane mail and news reader which is easier to use than the original Communicator 2-pane approach. However if you preferred the old 2-pane mail and news reader you can get this look by just a click of the mouse.

Multiple mailboxes are supported but, unfortunately, only multiple IMAP accounts. Most people who have multiple mailboxes want to manage POP3 mailboxes through their local ISPs; unfortunately you can only manage one POP3 mailbox at a time and, if you want to access a POP3 mailbox, it won't let you access IMAP mail. Hopefully true multiple mailbox support will make it into the final release of 4.5, otherwise we'll have to wait until Mozilla 5.0. Fortunately, with the Linux and other UNIX versions, there's the movemail option that reads the mail from your UNIX mailbox on your machine. This means you can receive mail via SMTP or setup fetchmail to download mail from multiple POP3 mailboxes.

The Navigator web browser has been designed to integrate with their Netcenter web site and has features that are designed to help the Internet newcomer. The "Internet Keywords" feature has been improved; now if you type a phrase into the web browser, it'll first look to see if a site matching the description is in the database. If there is such a site it'll take you directly to that site, if there is no match, it'll put your phrase into the Netscape search engine. If you don't like that feature you can disable it easily in the preferences.

Another new feature is called "What's Related". There is a button to the right of the "Location" box and, when you click on it, a search is conducted to find similar sites to those you are viewing. Sometimes the results are quite good, but often they are appalling, but such a feature is really designed for a newbie and, although some of the results aren't that good, it will at least be some help to people who don't know where to go. I can imagine the What's Related database will be improved to produce more accurate results in the future.

Even though it is a beta release, Netscape Communicator 4.5b1 has proven to be fairly stable. I've extensively tested the Linux version without any major problems. The main annoyance is that the messages always keep defaulting back to variable width font when you restart Netscape, even after changing them to fixed width previously. No real major changes from version 4.0x but the changes that were made show Netscape's new commitment to raising revenue through their web site rather than through the browser sales. Performance is slightly faster than 4.0x and it certainly makes the Internet a bit easier for the beginner. Even though it isn't exactly a major upgrade, saying Netscape is free you've got nothing to lose by downloading it.

Netscape make their web browsers for many UNIX platforms including Linux, FreeBSD, Solaris, SunOS, IRIX and AIX. They also make browsers for Windows and the Macintosh. You can download the latest version of Netscape Communicator

StarOffice 4.0 for Linux

Free download for personal use only or approx £15 on CD.
Commercial Use: £75 from DGC-NMS

(Reviewed by David Hallowell)

Anyone is welcome to download StarOffice for free from StarDivision's web-site for their own personal non-commercial use. Caldera are the distributors for the Linux version of StarOffice and they won't allow anyone but themselves to produce CDs to distribute cheaply for personal use. I was able to get one of these CDs for £15, but it is important to remember that you can't use this CD legally for commercial use, and I'd have to pay the full retail price of StarOffice if I wanted to use it for commercial non-personal use. A single user commercial licence for StarOffice is around £75.

Star Office is ideal for people who are familiar with Microsoft Office 97, as StarOffice has a similar look and feel. For Office 97 users, the transition to StarOffice should be straightforward, but please note StarOffice cannot read native Office 97 files, but it can read Office 95 4.3 (i.e. Word 6) files, so if you are making the transition to StarOffice, make sure you convert all your office documents first. StarOffice can save the files in Office 95 format, HTML, RTF, as well as StarOffice's native format.

The install process for StarOffice is different to most other Linux applications and uses an installation program similar to the ones used in many popular Windows applications. This means that installation should work without problems on all Linux distributions as it is not dependent on a particular package management system.

The first difference you'll notice between StarOffice and other office software is that StarOffice is a single application, not a suite of applications. Your individual files are opened in one window with a Windows 95-style task bar to switch between them. On the left hand side of the screen is the "Explorer" which allows you to navigate the folders where your documents are kept. You can also use it to navigate the other directories on your computer. If you don't like the Explorer feature, you can disable it by using the view menu.

StarOffice includes word processing, spreadsheet and presentation capabilities which have an easy to use, intuitive interface. All the tool bar buttons have tool tips, so when you move your mouse over a button, a brief description of what the button does appears on the screen. You can also change the tool tips to give a longer, more detailed description to help users unfamiliar with the application. Another option that helps make the package user friendly is the option to have the tool bar buttons pictures-only (default), text-only or both pictures and text in the style used by many web browsers. Internet integration in StarOffice is excellent. You can send and receive email as well as browse the web and access newsgroups. Obviously the web browsing facilities are not as advanced as a dedicated web browser such as Netscape, but most sites display fine in StarOffice. You can include hyperlinks in StarOffice documents and create web pages, as it has the capability to save files as HTML.

I wouldn't advise that anyone should use StarOffice with less than 64MB of RAM. In my experience StarOffice runs fine on a machine with 64MB but, with only 32MB, it takes a long time to start up, and there is a lot of disk activity; although after the initial slowness in starting up, performance with 32MB is acceptable if you aren't running any other applications. The fact that it uses too much memory and it can't handle Office 97 files are my only two real complaints about this product.

So how does it compare to ApplixWare?

StarOffice is ideal for Office 97 users as it has a similar interface and they should feel like they are in familiar territory. One person I asked described StarOffice as "Office 97 without that irritating paper clip". On the other hand, ApplixWare has a user interface similar to the older versions of MS Office and is less resource-hungry; both packages are unable to handle Office 97 files but can handle Office 95/4.3 files.

Both ApplixWare and StarOffice are excellent office packages and will cost you a lot less than Microsoft Office, which one you choose can only really be decided on personal opinion. Personally I prefer the less gimmicky interface of ApplixWare and its lower memory requirements, but other people prefer StarOffice as they are used to working with Office 97.

Win32 Multi-threaded Programming

Aaron Cohen and Mike Woodring
O'Reilly Associates, January 1988

(Reviewed by Phil Docking)

This book suffers badly from a disease which I thought had died out in the mid-90's. The disease is the dreaded chapter-heading quotation, which firstly manages to be almost completely irrelevant because the context is usually widely divergent from the topic at hand, but also manages to divert the reader from the purpose of the chapter; so that you find yourself still thinking about the relevance of the quotation while your eyes have read well into the start of the actual text. This means that you have to start again, willing yourself to concentrate on the proper context of the chapter as you read on.

> During the first chapter I remember wondering whether there exists a department somewhere, who's sole aim in life is to find the most tenuous links between famous quotations (and, at least in the case of this book, extremely obscure quotations) and the content of the chapter that requires the quotation (did I say requires?... sorry...)

Dear Publishers,

Quotations are very annoying, totally pointless and pretty distracting - Please don't do it again!

Kind Regards

A Reader.

The second mistake made in this book is the usual one that O'Reilly authors seem to make constantly. They are more interested in showing what accomplished programmers and

or computer scientists they are, rather than getting on with the job and explaining with clarity and simple examples how to get the job done. In this book, this is evidenced by the fact that the authors have decided to write a series of C++ classes which wrap basic Win32 Multi-threading API functions, which firstly offer no significant functionality over the Win32 API, and then just serve to confuse the reader later on in the book, since once these C++ classes have been defined they are used throughout the book exclusively. If you are a reader who likes to "dip-into" books, you are going to be sorely disappointed with this one.

Now, I have to admit that the first five chapters are very good. Even chapter six, where the authors own class libraries are built, are interesting examples of how to wrap multi-threading API calls in C++ classes. Sadly, after this point, the book goes downhill since we are now asked to remember, or look back at, the original classes in order to find out what they do. Not everybody wants to do this - and not everybody wants to read a whole book in order to get going with the job at hand. Authors should remember that although doing this sort of thing makes their own job easier, it doesn't necessarily make it easier for the reader, who might just want to look up a particular method rather than reading the entire book.

On with the review...

The intended readership of this book is those who are already C++ Windows programmers, but maybe haven't developed multi-threaded code before. C++ is required because the examples are all based around C++. The book is supplied with a CD containing the C++ classes developed in the book.

The first chapter introduces multi-threaded programming. It explains when threads should be used and when not to use threads, explaining that multi-threaded programming can be a two-edged sword (or at least a double-edged paper-knife). Chapter two explains thread scheduling in the Win32 context, together with the method of time-slicing utilized in running threads, and the concepts of waiting and blocked threads. The latter part of the chapter deals with multi-threaded programming concepts, getting down to the nitty-gritty of the many reasons why multi-threaded programming contains different problems than simple single-threaded programming.

Chapter three explains the basics of multi-threading, and the standard API methods for using threads. This chapter starts with a discussion of kernel objects and how they relate to threads, showing the Win32 API for accessing kernel object information, and then the API for thread-related activities. We then move on to our first multi-threaded program, the standard "Hello World", put into a multi-threaded form.

Chapter four deals with synchronizing access to data between different threads, either within or between processes. The chapter explains methods of interlocking access to common data using the Win32 API, the use of critical sections in code, waiting for kernel events, and the use of Mutexes and Semaphores. Chapter five explains methods of communicating between threads, such as shared memory, pipes and messaging.

Chapter six is where the authors start to build their own C++ library of wrappers for Win32 API multi-threading functions. Their main reasons for doing this appear to be that the objects thus created, are automatically destroyed when they go out of scope. This is a large chapter, filled to the brim with code. Chapter seven extends the basic classes into inter-thread communication methods using synchronization primitives to build multi-thread safe shared memory, linked lists, mailboxes and monitors. A strange thing happens at the end of this chapter - a note is printed, correcting errors in the text relating to closing file mapping handles - surely if it is printed at the end of the chapter it could have been revised within the text itself?

Chapter eight introduces programmed examples of methods for thread synchronization. Examples include methods to manage mutual exclusion of resources, single thread admission gates and methods of managing producer and consumer thread variants.

Chapter nine deals with the manufacture of active objects in C++, as methods for producing thread self-management units which can be "plugged into" applications. The second part of the chapter introduces the Win32 Thread Local Storage mechanism for private and shared local storage.

Chapter ten introduces the concepts of producing new threads on the fly, as required by the demands of your application. It also explains the use of thread pools - threads created at the beginning of the applications' lifetime to cope with events later on in the execution of the application.

Chapter eleven is one of the most useful chapters in the book, as it deals with the creation and use of multi-thread-safe DLLs. Not only does it explain the use of DLLs in a multi-threaded environment, but also gives a good overview of basic Win32 DLL structure and function, for those of us who haven't had the time to get to grips with this topic yet.

Chapter twelve is the introduction to programming in the Microsoft Foundation Classes (MFC) in a multi-thread-safe way. The chapter first explains the use of independent message queues in Win32 operation, and the use of the Raw Input Thread, which owns the input devices. Later the authors massage their own synchronization classes into a form that can be used with MFC, and explain the differences between their own classes and those supplied in the MFC.

Chapter thirteen extends multi-threading to the Windows GUI, showing the reader how to design programs where each Window is controlled by its own thread. The chapter gives as examples an animation of the Dining Philosophers problem (from a discussion earlier in the book on use of resources) and an example of autonomous dialog boxes.

Chapter fourteen is a good explanation of the use of Structured Exception Handling in Windows programming. Explaining each concept in depth with many examples. The proof-reading in the early part of this chapter appears to have suffered, with a few mistakes slipping in here and there. However, this chapter does a good job of highlighting many of the problems that can occur in Win32 programming in general, and in multi-threaded programming specifically, showing many methods of avoiding these problems by good programming practice.

Chapter fifteen is a very short piece on how to go about debugging multi-threaded programs. All it can really do is to hint at strategies for methods of debugging, but also gives a guide to some mechanisms which are built into Microsoft Visual C++.

The afterword gives some good advice on compiling and linking for multi-threaded programming, using Visual C++.

Windows NT Backup and Restore

Jody Leber
O'Reilly Associates, Inc., 1998

(Reviewed by Phil Docking)

Backups might seem boring, (to paraphrase the preface of this book) but this book makes the topic seem much more interesting The author enthuses about backups and restores, and the process of installing a complete, fault-tolerant and future-proofed backup service.

The book leads the reader through the process of defining backup requirements, negotiating policy and politics with regard to the organizational impact of a backup structure, deciding on software and hardware, implementing and testing, final integration into a production environment, and day-to-day administration of the newly installed service.

Chapter one deals with the concepts of different methods of storing data on backup systems, from straight backups to hierarchical storage management. The chapter also introduces the basic concepts of what certain types of software and hardware will do, in terms of their place in the hierarchy of backup storage mechanisms. An introduction to the design of backup systems is also considered in this chapter along with a checklist of sequential stages to be followed in the design and implementation of a backup strategy.

Chapter two considers other aspects of a system which need to be "in place" for a resilient, fault-tolerant system, in addition to the backup strategy. Disaster recovery plans are covered here, along with UPS requirements, and the built-in data redundancy that RAID management offers.

Chapter three deals with special cases that are required to be considered within the Windows NT environment, explaining why the Registry and WINS databases require additional care in the backup framework.

Chapters four is the beginning of the structured approach taken in the design and implementation of a backup strategy during the rest of the book. From here to chapter six, the author details a series of questions, which should be asked during the design phase of a backup system. The questions are exhaustive and may sometimes appear hardly relevant until the supplied guidelines for answering the question are read.

Chapter four proposes that a site survey be taken, from which you will be able to "size" the backup system you need - all formulas are included, followed by tables detailing the type of hardware required to complete the backups in a time limited environment.

Chapter five deals with the politics of a backup system (probably something that can be easily ignored, until problems arise!). Emphasis is on producing a policy document, educating users and implementing "charge-back" for backup services in a large departmentalised company.

Chapter six considers the software features that will be required to satisfy the requirements of your backup policy. The emphasis here is on choosing the correct software for the job.

Chapter seven covers the Windows NT Tape Backup Utility in some depth, including some troubleshooting advice if things fail to work. The chapter also gives some examples of some types of jobs to run, including examples of job scheduling.

Chapter eight surveys eight commercial backup packages. Portions of the product descriptions appear to be taken from the product literature rather than being a considered opinion of the author, but, understandably, O'Reilly's legal department would probably not have published an opinion anyway. Tables of features are provided at the end of the chapter for "at-a-glance" product comparison.

Chapter nine looks into tape drive hardware, detailing recording methods and different tape formats before outlining the features required in tape library systems. A useful section on calculating the size of a tape library provides formulae. Finally the author offers some tips on choosing a particular tape library. A table of tape drive and library features follows the chapter.

Chapter ten emphasizes the importance of testing prior to placing the backup system in a production environment. The chapter covers functionality testing of the system, restore and recovery testing, hardware testing and performance testing.

Chapter eleven offers some hints on integrating the new backup system into an existing systems environment. The discussion centres around integrating the new system into an existing backup system, overlapping functionality for a while, and migrating old data to the new system.

Chapter twelve covers periodic administration duties, from the daily tasks to the yearly duties which must be scheduled and performed correctly to keep the backup system functioning at peak performance. These range from checking logs to performing fire-drills.

The Appendices give a sample backup policy and an interesting discussion of the development of the different versions of SCSI protocols.

This book is extremely thorough and exhaustive in its approach to all aspects of installing and operating a backup environment, and should be on anyone's list of books to read, if they are thinking of implementing or re-designing their backup infrastructure.

Learning the bash shell, 2nd edition

Cameron Newham Bill Rosenblatt
O'Reilly Associates, February 1998
318 pages, £21.95
ISBN 1-56592-347-2

(Reviewed by Chris Cook)

Perhaps this is the review during which Macintosh users should be invited to go and make themselves a quick cup of tea for this book is about bash, the command line interpreter, or shell as it's usually known as within Unix circles. Shell preference can be an area of strongly held beliefs - no, really! Put three of us propeller-heads in a room and start a discussion on which is the best shell and pretty soon there will be at least four opinions, probably more. Bash is the Free Software Foundation's alternative to the standard Bourne shell. This book aims to teach the reader how to make the most of its facilities. In addition, it acts as a pretty good tutorial on shell programming, though obviously tailored to bash's facilities.

The book is supposed to be aimed at the casual Unix

Linux user and not the complete novice. Nevertheless, they still include the briefest of primers introducing the basics. Throughout the book, they introduce features at a gradual but good pace. They attempt to find the middle ground where explanations enlighten relative novices, without lulling the more experienced programmer into a light sleep. They also take the trouble to point out features not available in versions of bash prior to the 2.0 highlighted here.

For the frantic system administrator, always in a hurry, perhaps the most useful single chapter is that on command-line editing. For those who already have a preference, the first half of the chapter is split evenly between vi-mode and emacs-mode command manipulation. As well as covering the many features, it warns the reader of potential clashes between command line editing sequences and terminal control keys. For those new to command-line editing, and with no prior experience of either vi or emacs, they finish the chapter with a handy summary of a minimal subset of keystrokes to get you up and running.

The bulk of the book is devoted to shell programming, with straightforward examples gradually refined and revisited as new features are introduced to the reader. One particularly useful chapter covers debugging using trace, verbose modes and most interestingly, "fake" signal traps. A sample debugger is included, itself written in shell code.

A lot of space is given over to customization and configuration, such as functions, aliases and the use of shell variables to influence the behavior of the shell. For the system administrator there are two chapters on obtaining the source code and configuring the shell for all the users on your system. I am always disappointed when a book fails to change US-centric details into those more locally specific, so I was pleasantly surprised to see our own "ftp.hensa.ac.uk" given a look-in. I wonder if this is in all copies or just those destined for the UK market?

Appendix A lists all the topics covered that don't appear in the Bourne shell. It also touches on the availability of other similar shells for Unix and DOS. Appendix B gives command options for v2.0 and pre-2.0, along with which chapters cover a command, reserved word or particular shell variable. It also contains useful reference sections such as a complete list of the operators to "test", all the variants of I

O redirection and a list of all the commands in both command-line editing modes. For those who would still like a few more bells and whistles, there is an appendix on how to write and compile custom-loadable modules.

I was disappointed to find myself disagreeing with too many of the authors' statements. Their declaration that the history mechanism has been antiquated by command-line editing is flawed. "!!", "!*" and "!$", once practiced, will always be far faster than editing keystrokes when, for example, performing a sequence of commands on the same filenames. Rather, these two facilities complement each other. I also disagreed with their assertion that Ctrl-S and Ctrl-Q are obsolete just because of the prevalence of high speed networking. Anyone who has ever kept watch over a continually extending log file will know how useful it is to freeze the display before a vital entry dashes off the top of the screen.

If like me, you are a committed [t]csh user, then you will benefit from reading this book, firstly for those times when you come to maintain someone else's Bourne shell scripts, secondly because it stimulates you to look for similar functionality in your own shell. Is it worth buying if you have the previous edition? Probably not. They cover the new features introduced at version 2.0 such as arrays and "((...))" arithmetic but if you have been through the original copy and use bash on a daily basis, you can most likely glean the details of the new features for yourself. There is a lot in the book, perhaps because there is a lot in the shell. Even if you only read this to arm yourself against those times when you find yourself forcibly using bash rather than your own beloved shell, you will still find many useful tips that, with a little translation, will benefit you.

Chris Cook was the Postmaster and a System Administrator at Cardiff University (at the time of writing). Anyone got a decent shell for the Palm Pilot III?

Be Developer's Guide

The Be Developer's Team
O'Reilly Associates, 1997
934 pages, £29.50 including CD-ROM
ISBN 1-56592-287-5

(Reviewed by Matt Willsher)

This paper-backed, 934-page book with CD-ROM is the first of two books covering the programming of the BeOS. The contents of this book cover the fundamentals of the BeOS, including conventions, application frameworks, user interface, storage and low level kernel programming. The second book, "Be Advanced Topics" - described by the authors as 'the "geek" book' - covers the remaining kits for real-time media, midi, gaming, OpenGL, networking and devices respectively.

"Be Developer's Guide" consists of a preface, six chapters and two appendices. The first of the five chapters is the introduction giving a gentle overview of organization of the BeOS and covers global aspects of the application interface (API) and conventions. The remaining five chapters describe the five kits covered in this volume, giving an overview of the kits and a complete class and method listing. The appendices give descriptions of the various message protocols used by the BeOS and information on reading keyboard events.

The CD-ROM contains a copy of BeOS PR2 (Preview Release 2) for Power PC which includes the Metrowerks IDE and compiler. The linker supplied has a 64k binary output limit. As the kits are dynamically linked and quite high level this should prove to be enough to build reasonably complex utilities and small applications with user interfaces.

The typeface and spacing used prove to be clear and easy on the eye. The writing style used is very relaxed and reads well - one may even go as far as to say that the book is quite entertaining for one of this nature. Generally, terminology is kept to a minimum and where used is explained well, although there is no glossary section.

The table of contents is well laid out, listing each chapter, its main sections and each class included in the given kit. One slight gripe is that it can be difficult to read the page numbers for a specific entry, as there is no line to trace across.

The preface gives a quick introduction (and sales pitch) to the BeOS and gives mention to what is contained in each book. Support information is provided, including URLs for Be's support pages, Frequently Asked Questions, updates, documentation and mailing lists. The e-mail addresses of its customer support teams both in the US and Europe are given along with a URL giving the phone number of their support lines, although it doesn't mention if there is a charge.

Chapter one, the introduction, begins with a quick overview of the key features of BeOS from a developer's viewpoint. Covering the three layers of the OS (micro-kernel, servers and software kits), a few paragraphs about the general functioning of the servers and a paragraph or two about each of the kits, including those not covered in detail by this book. It then mentions the dynamically linked libraries, giving a table of what each of them do. Following this is the conventions section, covering documentation conventions, API naming conventions and programming conventions - including the key issue of who is responsible for allocating and freeing memory.

The second through seventh chapter each begin with a table of contents. These are indexed by key areas (Messaging and Scripting in the case of the Application Kit) and by each class within the kit. There is also a reference to global variables, constants and defined types used by the kit. Each class has references to an overview and, where applicable, hook functions, constructor and destructor, static functions and member functions. A diagram of class inheritance is also provided, with indication of inter-kit inheritance.

Each chapter begins with an overview of the function of each kit and its main principles. In-depth discussion is given in its key areas - the Application Kit has large sections on Messaging and Scripting, the Interface Kit covers the principles of views the co-ordinate system. Code examples are, however, sparse. This is a little disappointing, as it would have help clarify many of the points made. Some of the examples given are a little esoteric and maybe could have been more related to a 'typical' program rather than, in the case of scripting, pockets, pants and wardrobes.

The class and method descriptions are excellent. Each class has its own overview detailing its principles and basic usage and points out potential pitfalls and appears to cover most eventualities. Scripting support and hook functions are given their own sections with, in the case of hooks, more detailed information in the Member Functions sections. Member functions are listed alphabetically, each with its own section headed by its name followed by the various parameters it accepts. Sometimes closely related functions are grouped together with a reference from the lesser function to the other, where both functions are given in the header.

There then follow a detailed description of the function with any notes and warnings clearly marked. Examples given are very good. Related functions are also listed and prove to be very helpful, especially when trying to learn about one particular area. The end of each chapter includes a list of global functions and constants. One gripe that could be made is that there is no page break between class sections making chapters divisions harder to see. All in all, though, the kits are described well and presented clearly.

The chapters are in a very logical order with the Application Kit first, followed by the Storage Kit, Interface Kit, Kernel Kit and the Support Kit, give flow to the learning process. Being an event-driven OS, once messaging is understood (a breathing knowledge is how the book describes it) the rest become much easier to understand.

It should be mentioned that Be provide a copy of the "Be Book" with the OS. This is a HTML document which contains much of the information in the "Be Developer's Guide", with the class and member descriptions being nearly identical. Another point is that this book covers BeOS PR2, which has since been replaced by R3 (Release 3) which adds extra functionality to some of the kits. As Be provide the "Be Book" this isn't a major problem, more a slight irritation. At present there is no version of the "Be Developers Guide" for R3, although the "Be Advanced Topics" book, released recently, should cover R3 features in the kits it documents.

Knowledge of C++ is needed. No 'hard-core' C++ is used in the API (some have described it as C++ lite) but an understanding of virtual functions and object-oriented methodology helps greatly. Multi-threading, semaphores and more scientific issues are given summaries that provide enough knowledge to be able to work with these concepts.

The cost of the book is a little steep at £29.50 and around £60 for both books, but all in all it provides an excellent resource for budding programming and geek gurus alike.

Matt Willsher works for REDNET, a networking and Internet company, as a Unix Systems Administrator and is a register BeOS developer and founder of the United Kingdom BeOS User Group http:


Intranet Security: Stories from the Trenches

Linda McCarthy
Prentice Hall, 1997
260 pages, £27.99
ISBN 0-13-894759-7

(Reviewed by Andrew Cormack)

A recent survey of corporate web servers reached the startling conclusion that more than half of them were insecure. After performing many security audits, Linda McCarthy feels that the problem is rarely technical - there is sufficient information available on how to secure a computer - but more often a lack of awareness of the problem. Her book therefore highlights the need for security and sets out the procedures and policies which are needed to make and keep a computer installation safe.

The best way to learn is through experience, but in the case of security it is less traumatic to use someone else's experience. Each chapter of the book therefore gives a case-study, an analysis of why the security problem arose, suggestions for avoiding the same situation and a checklist to assess your own level of risk. The examples cover a wide variety of types and sizes of organization so most readers should find something familiar; sadly for me there is nothing directly relevant to the education sector! The common conclusion is that an effective security policy must involve all members of the organization: persuading them of the importance of security and providing them with the knowledge and support to carry out their role.

There are also, of course, more specific recommendations, both organizational and technical. These are generally sound. Readers can be reassured if they already have, and apply, written security policies and perform regular audits but should be worried if staff are not on security mailing lists or connect unchecked machines to the network.

As a further illustration of the potential dangers, the final chapter considers the motivation and activities of hackers. One omission is the ubiquitous "script kid" who acquires hacking tools from the Internet and uses them blindly. Although these represent a fairly small risk to a well-maintained system they can waste a great deal of staff time and their often frenzied activities may obscure the signs of a more serious attack. A trace of an attack in progress shows how easily a hacker can move through a network but provides no information on how to collect such logs.

Those who have decided they now need help should turn to the appendices where they will find lists of everything from software to consultants. The programs include most of those I would expect to find at a security-conscious site, but there should perhaps be more warnings against running programs like SATAN without authority. There is a lengthy list of Computer Emergency Response Teams and similar agencies but no mention of the on-line archive of CERT advisories which should be mandatory reading for anyone installing networked computers. This may reflect the commercial world where expertise is more likely to be bought in than available in-house but the book's list of consultants is unlikely to be of much use outside North America. Unfortunately the same applies to the section on cryptography. Since the author makes clear elsewhere her views on the export ban it is surprising to find no mention of international alternatives to restricted programs. Lastly in a book which makes no claim to being comprehensive it seems very strange to have no suggestions at all for further reading.

"Intranet Security" can be recommended to anyone concerned about the security of computers in their organization. Its advice is applicable to any shared or networked computer, not just those on an Intranet. Even if the full two hundred pages are too much to read, the "Let's not go there" sections of the table of contents provide a useful summary of the important points. The book is aimed at those who make policy as well as those who implement it, so avoids technicalities whenever possible, making it an easy read though for some organizations it may not be a comfortable one.

Andrew Cormack (Cormack@cf.ac.uk) tries to promote secure computing at Cardiff University, and in his spare time dreams of appropriate punishments for hackers.

Java by Example

Jerry R Jackson Alan L McClellan
Prentice Hall, 1997
386 pages, £27.50 including CD-ROM
ISBN 0-13-272295-X

(Reviewed by Andrew Cormack)

SunSoft's Java series provides a number of routes into the language. "Java by Example" is aimed at existing programmers who can learn by comparing annotated Java programs with their previous knowledge. Concentrating on the differences between Java and other languages produces a much shorter book without reducing its scope. Unlike many introductory books, this one includes advanced subjects such as threads and native methods while covering both applications and applets. Even networking appears in the form of Database Connectivity (JDBC) and Remote Method Invocation (RMI), though socket programming is omitted.

To be successful, this approach needs to find the right audience. Although the cover suggests "programmers" this should really read "C or C++ programmers" since knowledge of those languages' statements and flow control is taken for granted. The discussion of how objects are instantiated will be most appreciated by those who have done memory management the hard way. Learning by example also requires that the examples be relevant and comprehensive and the authors have chosen well. A wide range of Java features are demonstrated in interesting programs without wasting space repeating simple points. A few of the less familiar examples suffer from insufficient explanation leaving the reader to work out what the code is doing, rather than how it is doing it. One thing which is not explained at all is the philosophy of object-oriented programming: as with the rest of the book this is demonstrated but not dictated. The benefits of properly structured classes and encapsulation are explained very early in the book, and there is a short appendix with an introduction to OO terminology.

The book is not all source code. Those aspects of Java which are likely to be new to readers are explained more fully. The section on the different types of IO streams makes more sense than many more verbose descriptions in other books; conversely the chapter on native methods is too compressed and should perhaps be left to a more specialized text. The chapter on Remote Method Invocation is a good introduction, but might be clearer with a few diagrams to show which methods were executing where! Sensibly the authors do not attempt to include complete coverage of GUIs but could perhaps have chosen a more useful selection. Event handling is included, and well done, but space that could have been used to introduce panels and simple layout managers is wasted on an unsatisfactory description of GridBagLayout.

"Java by Example" takes a novel approach to learning the language and, for the right reader, it could well be an attractive one. It is certainly successful in fitting a large proportion of the language into a relatively small book, though occasionally it is too ambitious. A good description of GUI construction probably requires more space and illustration than are available here. Whether reducing the size of a textbook also reduces the time to learn from it is another issue: information is densely packed into these pages and will need to be studied carefully. This second edition of the book describes JDK version 1.0; updated for the latest version and perhaps with a slightly revised content, the next edition should be just as effective.

Andrew Cormack (Cormack@cf.ac.uk) tries to promote secure computing at Cardiff University, and in his spare time dreams of appropriate punishments for hackers.

Java Networking Communications

Todd Courtois
Prentice Hall, 1997
317 pages, £27.99
ISBN 0-13-850454-7

(Reviewed by Andrew Cormack)

From the title, I had expected this to be a book about sockets, datagrams, TCP

IP and so forth. However Java makes those so easy that they can be described in less than a hundred pages leaving two thirds of the book for the rarer subject of serial communications. This includes chapters on streams and native methods to make an intriguing guide to some of Java's more obscure corners.

The first well-known Java program was the Hot Java web browser and some of its utility classes remain in the standard library. These make it very simple to retrieve the content of URLs but are too specific to be useful outside web client programs. For other applications the Java sockets interface will be familiar to many C programmers, though the book introduces it from scratch using a series of example programs.

These begin with the simplest possible TCP client. The daytime service returns a string whenever a connection is made. Finger is more complex as the client must send a string before receiving a response. A simple server could be implemented by waiting to read a request then sending an appropriate response (the reverse of a client). The problems with this approach are explained clearly - only a single client can be handled and no other process will run on the server - before developing a practical, multi-process web server.

The author uses the analogy of telephones and pagers to explain the difference between TCP and UDP. The Java UDP client uses a novel design to avoid the need to interrupt a read request. Writing and reading are done by separate processes: a structure which may need a moment's thought to understand. Code to perform simple DNS queries is added to the generic UDP client, but the reader is referred elsewhere for a full description of the protocol. This raises a problem common to many books on network programming: the reader is not properly prepared for the formal specifications which define most Internet protocols. This book recommends Stevens's classic series as further reading though for Java programmers, who are likely to be writing at the application level, Comer's volume on client-server programming may be more suitable.

The author's business is connecting computers to other electronic devices so the book begins by showing how streams can be used to read, write and parse serial messages. Unfortunately each operating system has its own way of representing serial ports and Java cannot offer a platform independent interface. Some specific code will be needed for each platform. The book describes in detail how to design an abstraction layer to minimize this native code, then illustrates the process of writing and compiling serial interface routines in C for Macintosh (using CommToolbox), Windows 95 or NT and Solaris. The final result is a terminal emulator which can run on a range of machines and communication media. This project uses the original Java native code interface; there is only a brief summary of the advantages and disadvantages of the Java Native Interface, introduced in version 1.1.

Sensitive readers need not be put off by chapter titles including "Datagrams a Go-Go" as the text itself is well written. There are occasional mistakes: after stating that services have port numbers less than 100, POP is an unfortunate choice as example. It is a good sign that Java books no longer need to cover the whole language but can concentrate on specific topics. If networking and, particularly, native methods are of interest then this book is worth considering.

Andrew Cormack (Cormack@cf.ac.uk) tries to promote secure computing at Cardiff University, and in his spare time dreams of appropriate punishments for hackers.

JavaScript: The Definitive Guide, 3rd Edition

David Flanagan
O'Reilly Associates, July 1998
776 pages, #29.50
ISBN 1-56592-392-8

(Reviewed by Ken Tucker)

"JavaScript: The Definitive Guide" is a bit of a misnomer for this book. It is in fact two books in one; the first half of the book is a comprehensive guide to JavaScript programming and the second half is a complete reference manual. The guide itself is further divided into core JavaScript (the fundamentals of the language) and client-side JavaScript (how to use it in dynamic web pages). Server-side JavaScript (an alternative to CGI scripts) has a passing mention but is not covered in the book because it is currently a proprietary vendor-specific technology and is used less frequently than client-side JavaScript.

The guide covers version 1.2 of JavaScript in 21 chapters. The first 11 deal with core JavaScript i.e. the fundamental structure of the language. It covers the lexical structure of the language, data types, variables, expressions, control statements, function definition and invocation, pattern matching, objects and arrays.

The rest of the chapters explain how JavaScript is used to produce dynamic web pages. It covers the use of windows and frames, the document object model, event handling, forms, cookies and security. It also covers the inter-operability of JavaScript and Java. Note that JavaScript is not a scripting language to control Java. They are independent and JavaScript is a programming language in its own right albeit in the context of a web browser. However JavaScript and Java do have close ties and JavaScript can interact with and control Java applets.

The difficulty of providing dynamic content in web pages i.e. pages with animation or content that is customizable according to a viewer's preferences, is highlighted throughout the book. Wherever possible the author explains the incompatibilities between the three current versions of JavaScript and the incompatible behavior of these versions with the different versions of the Netscape Navigator and Internet Explorer web browsers. A whole chapter is devoted to platform and browser compatibility and tips are given on defensive coding, error suppression and other workarounds.

The reference section of the book is arranged alphabetically and all properties, methods and event handlers are listed by their full name. This means you need to know what object the property, etc., belongs to. Thoughtfully the author provides a table of contents from which you can look up the required object; e.g. to find out how to use the valueOf() method, the table of contents lists two methods namely Date.valueOf() and Object.valueOf().

The individual entries in the reference section detail the entry's availability, where its properties are inherited from, its properties, methods, event handlers, its usage and a description of what it does.

The only quibble I had with the book was a portion of the pattern matching using regexps was a bit confusing. It talked about replacing straight quotes with curly quotes when what was meant was replacing double quotes with single quotes (the terminology that had previously been used). A close look at the example being discussed made the point clear though.

The book is described as 'The Definitive Guide' and in my opinion it certainly lives up to it. This is a comprehensive discourse on a constantly changing subject as evidenced by this being the third edition of this book. The incompatibility between the two most popular web browsers has led to a standardization effort, under the auspices of the World Wide Web Consortium, that aims to create a common document object model that both browsers can support. Look out for edition four soon!

Ken Tucker is the Postmaster, and a VMS and UNIX Administrator in Information Services at Cardiff University. His e-mail address is tucker@cf.ac.uk.

Java Virtual Machine

Jon Meyer and Troy Downing
O'Reilly Associates, March 1997
452 pages, £24.50 including diskette
ISBN 1-56592-194-1

(Reviewed by Graham Riley)

This is a book about how the Java virtual machine works and what Java assembler code looks like. It is quite a good introduction to the Java JVM instruction set and to the structure of byte-code, but the treatment isn't really complete enough to allow you to go off and program away doing all the exciting things you were promised on the cover: extending the Java syntax, controlling the performance of your application, dynamically creating and executing classes and methods and other advanced activities. This is a big subject, and in the pursuit of keeping to page limits, it occasionally reads like the Monty Python "Blue Peter" sketch: "...and in the next chapter you will learn how to build a box girder bridge and solve all the world's medical problems".

Having read the book you will, however, have a better appreciation of what is involved if the above is the sort of thing you wanted to do. On the other hand, if you just wanted an idea as to how the interpreter works, what byte-codes consist of, how things like Java access protocols get implemented at the assembler level, and generally were interested in "what goes on under the hood", as the editor puts it, this book will have been a good buy.

The book does tend to describe concepts rather than explore them though; in places, it has the style of a reference book. In fact, the second half of the book is a proper instruction reference. The first half starts well with six chapters presenting an overview of the virtual machine and the next five delving in some detail into various groups of instructions. In these chapters the words-to-syntax ratio is quite good, and after a brief overview of topics in chapter 1, there are several well developed examples in chapter 2 covering such questions as what really happens when the "Hello World!" program executes or when an applet gets invoked.

In order to let readers play with the Java machine, a Java assembler, Jasmin, is provided, and all examples are written in Jasmin syntax (did you know that there is no official Sun syntax for Java assembler, nor do they provide an assembler with the JDK?). Jasmin is provided on a diskette with the book and is usable. Further, there are links to web pages which provide updates and other examples which any serious programmer would want to access.

Chapter 3 talks you through how the Java types are implemented and supported, how the run-time system operates (memory management etc.), the operation of the execution engine (the thing that takes the compiled byte-codes - the result of assembling a Jasmin source file or compiling a normal Java program - and runs them on a particular machine). Chapter 4 deals with classes: the intricacies of class loaders and what has to happen to link, initialize and generally prepare a class once it has been loaded into the JVM. The class file format is dissected and there are lots of insights into the underlying mechanisms.

Chapter 5 deals with security mechanisms. Chapter 6, titled "Implementation notes" gives the reader a feel for some of the issues involved in implementing a Java runtime system (in 'C'). This chapter is definitely at a high level, but gives some insight into what an optimizing compiler for Java might do, for example. The next few chapters are a little more meaty and cover the instruction support in the JVM for data operations, arithmetic, flow control (including method invocation), exceptions and finally threads. These latter two chapters being very much in the "Blue Peter" style. But, in defence, it is a big subject!

In summary, you end up with a fair idea about how lots of things work, but only in isolation. A few larger examples, integrating some of the ideas, would have been nice. However, if you want to know what's "under the JVM hood", then I think this is as good a place to start as any.

Graham Riley is a research fellow in the Centre for Novel Computing in the Department of Computer Science at the University of Manchester, England. He's griley@cs.man.ac.uk.

Windows NT SNMP

James D Murray
O'Reilly Associates, January 1998
429 pages, £25.95 including CD-ROM
ISBN 1-56592-338-3

(Reviewed by Huw Gulliver)

SNMP (Simple Network Management Protocol) is much hyped by the media and full of interesting acronyms; SMI, MIB, ASN.1. James Murray's book sets out to provide practical information that he feels is often omitted from other books about the SNMP service included with Windows NT.

The book is split into three sections; SNMP Basics, SNMP details, plus Appendixes and Glossary. SNMP Basics is designed to bring the reader up to speed providing an introduction to TCP

IP networks which concentrates more on UDP as this is the transport service used by SNMP. It discusses the basic concepts of network management and history of SNMP including the versions and the RFCs that describe them. Then it gets to grips with SNMP the protocol; its messages, objects, data types, ASN.1 (Abstract Syntax Notation One) and MIBs (Management Information Bases). Only SNMPv1 is covered as this is what is supported by Windows NT 3.51, 4.0 and 95. Windows NT 5.0 is expected to support both SNMPv1 and SNMPv2c (SNMPv2 without v2 security features).

SNMP Details starts with a description of the SNMP service under Windows NT 4.0, its installation, operation and registry settings. Differences between Windows NT 4.0 and 3.51 are included where relevant and the SNMP agent service under Windows 95 is also covered. The rest of the section is an in-depth look at the SNMP Extension, Utility and Management APIs, how to go about writing an Extension Agent, implementing Traps and writing a simple management application. Whilst this is squarely aimed at the WIN32 programmer there is plenty of interesting information which will be of use to anyone trying to use SNMP in this environment.

The final part are the Appendixes and Glossary. There are four appendixes packed with a wealth of information. The first has references to various books and periodicals and a big section of Internet resources on the Web - FTP sites, mailing lists and FAQs - all relating to SNMP, TCP

IP or Windows. The next lists Microsoft Knowledge Base articles by product category relating to the SNMP service and APIs. Appendix C lists all the RFCs mentioned in the various parts of the book. The final appendix describes what is on the accompanying CD-ROM (see below). The Glossary describes all those interesting SNMP acronyms and completes the book.

And finally the CD-ROM. This contains the source code and pre-compiled example programs from which the code examples shown in the book are derived. Appendix A is provided in HTML format for easy browsing so there is no typing in of the URLs found in the book. Various MIBs for Microsoft and other vendors products along with RFCs relating to SNMP and the SNMP-FAQ from the comp.protocols.snmp news group are included. A number of trial or evaluation copies of third party software packages are also included to help with testing and development of SNMP and TCP

IP applications. The network analyzer NetXray by Cinco Networks has some nice monitoring, history and alarm features. Screen shots from this application are used in the book.

I've been using SNMP for a while but am no guru on the subject so am always interested to look at new resources in the search for enlightenment. Although the book's intended audience is WIN32 programmers it provides a comprehensive resource kit which I have found useful. I expect that others, be they system and

or network administrators, will too.

Huw Gulliver (Gulliver@cf.ac.uk) is a member of the Service Communications Group at Computing Centre University of Wales, Cardiff.

Windows NT Desktop Reference

AEleen Frisch
O'Reilly Associates, January 1998
60 pages, £5.50
ISBN 1-56592-437-1

(Reviewed by Mark Hale)

The main thing that sticks in my mind about this book is the picture on the front cover with zebras baring, or maybe gritting, their teeth. I can't help wonder if this is a subtle warning to would be NT users or the result of my over-active imagination. Whatever the case I found the book very informative.

Although short, it is a reasonably comprehensive alphabetical listing of the standard NT command mode, as well as covering the more useful commands from the Windows NT Resource Kit. There is a section on the Windows NT scripting language and a very short but useful section on GUI "Tips and Tricks". Finally there is good section at the back of the book listing various web-based sources.

The book is clearly aimed at those with a reasonable knowledge of NT and I would thoroughly recommend this as a worthwhile addition to the more bulkier NT reference books and for an NT user's back pocket.

Mark Hale works in the Computing Centre at the University of Wales, Cardiff. He's Halema@cardiff.ac.uk.

Oracle Built-in Packages

Steven Feuerstein, Charles Dye and John Beresniewicz
O'Reilly Associates, June 1998
931 pages, £34.50 including diskette
ISBN 1-56592-375-8

(Reviewed by Adrian Cummings)

The self-confessed author of large books on PL

SQL has done it again, this time with accomplices. Apparently he can't help it. His introduction alludes to the possibility of a quick reference... At least they don't claim to teach you the subject in some improbably short time scale which seems to be the current fashion.

For many years the Oracle relational database has shipped with an extensive collection of built-in packages for use with its procedural language (PL

SQL). As the years and versions roll by so the depth and versatility of these functions has increased. Much of the documentation for these is spread over the various Oracle manuals.

"Oracle Built-in Packages" describes in detail both the theory and practice of using these supplied functions in your own programs. Where appropriate, differences between the various releases of Oracle are discussed. As PL

SQL has developed with subsequent releases of Oracle, many of the facilities described in this book are only available in the later releases. So, if you needed an excuse, upgrade to Oracle8.

One of the advantages of a work like this is that you come across potentially useful functions that may otherwise have lain hidden. Despite the size of this book, "Oracle Built-in Packages" is not excessively verbose. The authors have also not included any superfluous tutorials on SQL or PL

SQL. Steven Feuerstein already has a work on PL/SQL (also from O'Reilly) and there is another similar book published by the Oracle Press.

On the diskette are many of the examples in the book. Sadly this floppy is for Windows only. The rest of us have to download the examples from a web-site. I don't wish to appear ungrateful but, if they really won't fit on a floppy, is a CD-ROM with Unix

VMS readable versions of the packages too much to ask? After all the packages are, with a few exceptions like UTL_FILE and DBMS_LOB, internal to the Oracle RDBMS and therefore operating system independent. Apart from that minor quibble this is another fine work from O'Reilly, just as one has come to expect.

Adrian Cummings tends a number of Oracle8 databases. He can be reached at acummings@cs.man.ac.uk.

Oracle Scripts

Brian Lomasky David C. Kreines
O'Reilly Associates, May 1998
185 pages, £21.50 including CD-ROM
ISBN 1-56592-438-X

(Reviewed by Adrian Cummings)

This is a book of SQL and shell scripts for Oracle DBAs and developers. The authors claim that where possible most of the scripts have been tested on Unix versions of Oracle back to 7.0.16, primarily on HP, IBM, Pyramid and Sun Solaris machines.

Often it is the case that the CD-ROM accompanying a technical book appears to be a device to inflate the purchase price. Happily, this one is the exception that will restore your faith in human nature, containing dozens of useful scripts for controlling the database, and monitoring performance, security and backups.

While many of the scripts are aimed at the DBA, there is also plenty in "Oracle Scripts" for the designers and developers. There are scripts to report on aspects of the design, for example, indexing strategy.

Curiously for a book with a heavy Unix bias the CD-ROM also holds copies of winzip95 and a trial version of the Q diagnostic and tuning program (also for Windows). You will need to call the US for a activation key for Q.

"Oracle Scripts" doesn't contain masses of unnecessary narrative - the functions of the scripts are described clearly and in sufficient detail. The actual scripts are also clearly written and annotated. A few of the scripts require C programs, the source for which is also present. There are useful cross-indexes of the tables created by the scripts.

I have found that quite a number of scripts in this book are ones that I've been intending to write for years but somehow have never quite had the time (although the delete entire database script, dbdelete, is unlikely to be heavily used by me). This is another one of those O'Reilly 'must have' books.

Adrian Cummings can be found subjecting an unsuspecting Oracle8 database to a whole book full of shell scripts. He can be reached at acummings@cs.man.ac.uk.

Outlook Annoyances

Woody Leonhard, Lee Hudspeth and T.J. Lee
O'Reilly Associates, June 1998
377 pages, £18.50
ISBN 1-56592-384-7

(Reviewed by Aidan Loyns)

This book is part of the series of 'Annoyances' books, published by O'Reilly, which address some of the problems which you may encounter when using the software which is the subject of the book. This particular volume covers Microsoft's Outlook PIM.

The book attempts to cover most of the variants of Outlook Microsoft have produced, but the style in which the authors have chosen to present the material leads to confusion: it is never clear on first sight which version is being referred to.

The chapter on solving e-mail problems is depressing: the authors build you up with a "don't worry, we know all the answers" style of writing, and then drop you down by telling you to re-install the software.

The authors include a chapter on VBScript, the scripting language used by Outlook and the Outlook Object model, which you need to understand in order to write useful scripts. However, a large proportion of the sections on VBScript is spent covering VBA "the language used in other Office applications" and lamenting the fact that VBScript is all Outlook has. Even the discussion on the Object model boils down to the URL at which it can be found; there is no discussion or no examples, as such, as to how you would use it.

There are some useful tips in the book: the sections an archiving and backup are clear and concise. However, I found the book to be more of an annoyance than the Outlook program itself.

Aidan Loyns is Computer Services Manager in the Department of Computer Science at the University of Manchester. He's aidan@cs.man.ac.uk.

Palm Pilot: The Ultimate Guide

David Pogue
O'Reilly Associates, June 1998
489 pages, £21.95 including CD-ROM
ISBN 1-56592-420-7

(Reviewed by Andrew Cormack)

PalmPilots can be connected to Unix computers, though this book does not mention the fact. Apart from that complaint, and in case anyone is still reading, this is an excellent introduction and guide to the world's cutest peripheral. Ideally the book should be consulted even before buying a PalmPilot, since it begins with a summary of the different models. Even existing users should review the introductory chapters since they contain many shortcuts and improvements to the standard configuration as well as alternative ways to write for the Pilot's character recognition software.

So what is a PalmPilot? Imagine a case about half the height, width and thickness of a typical O'Reilly book, with a touch screen on the front and, depending on model, between 500K and 2Mbytes of RAM inside. If those numbers remind you of the good old days then consider the program sizes: 28K for a graphical chess program and 55K for a web browser! Some of the most useful programs occupy no RAM at all as the notepad, diary, address book and to do list are all in ROM. The book dedicates a chapter to each of these including everything the user might need to know.

With all these programs built-in the PalmPilot might sound like a self-contained computer, but it becomes even more valuable when attached, at least intermittently, to a desktop computer. The connection is made electrically via a cradle connected to the serial port and logically through programs called conduits. These link the Pilot's diary, phone book and memos to equivalent files maintained by desktop applications. The book explains how to establish conduits to commercial programs such as Sidekick, Notes or Outlook and also to the Pilot's own Desktop software. This program has a chapter to itself with many screen shots though the instructions are mostly "as on the Pilot". Once conduits have been set up, files may be synchronized across a LAN or even the Internet. These processes are explained with the reasonable warning that they may involve more problems than a direct connection. There are also suggestions for synchronizing multiple Pilots with a single PC and how this can be used to duplicate Pilot configurations.

The same link is used to install extra programs on the Pilot. This process is now straightforward but there are detailed instructions for those with older systems. A huge quantity of software is available, from graphics and music utilities to e-mail and web clients. The book recommends and describes a selection of these and many more are included on the CD-ROM. Although this has no printed catalogue, its home web site at http:

/www.isoproductions.com/cd/pilot/contentspilot.html is a reasonable guide. The disk has its own menu program which gives program details, home pages and screen shots or may simply be browsed through its directory structure.

If these programs are insufficient you can write your own. The CD-ROM also includes CodeWarrior Lite, a C cross-compiler for the Pilot, and there is a brief introduction in the book. Anyone who has written Java or Windows GUI programs will find the programming style familiar and will probably find sufficient information in the Software Development Kit on the CD. For others a manual to Pilot programming has been rumoured on Usenet.

With the exceptions of programming and Unix connectivity the book justifies its subtitle, covering the PalmPilot and the software which runs on and around it. It should remain useful as a reference, since later chapters can act as self-contained tutorials when their subjects become relevant. These include preparing documents and images, sending faxes, and connecting to printers or the Internet. For anyone who already has a Pilot, or is thinking of buying one, this book makes an excellent, if less portable, supplement.

Andrew Cormack (Cormack@cf.ac.uk) is now part of a two-PalmPilot family.

Photoshop For The Web

Mikkel Aaland
O'Reilly and Associates, April 1998
197 pages, £21.95
ISBN 1-56592-350-2


Photoshop In A Nutshell

Donnie O'Quinn Matt LeClair
O'Reilly and Associates, October 1997
584 pages, £14.95
ISBN 1-56592-313-8

(Both reviewed by Gavin Inglis)

We live in a web world now. While the greatest hopes are for new forms of communication and cooperation, what we see most of are the pretty pictures. And to be honest, some of them are not that pretty.

Nobody who works with computer graphics can be unfamiliar with Adobe Photoshop. Its roots are in image preparation for print media, but it just happens to be an excellent tool for preparing graphics for the web. Photoshop provides a bewildering range of facilities, and web requirements are fairly specific, so there is great scope for making a terrible mess in front of a worldwide audience. Mikkel Aaland's book aims to stop you doing this.

The very first instructions it gives are to turn many features off to save on file size. Previews, thumb nails, compatibility with early versions - all are discarded to trim kilobytes. The web-friendly colour palette is introduced here and is a constant companion for much of the book. The tradeoff between image size and quality also appears regularly.

Each of the subsequent ten chapters focuses on particular areas of web graphic lore. Some take design topics such as improving photos for the web, graphical typesetting and creating navigational icons. Others favour the graphics geek with a technical look at GIFs and JPEGs, transparency and all manner of fiddly details which confer instant Photoshop mastery if understood. Seriously, the discussion can be quite intimidating to a Photoshop novice and many sections require two or three readings to absorb all the details. However such is this book's value that it is worth the perseverance. There is not much slack; pretty much everything will be useful to the average web artist. Why not cut type out of an image? Or use Photoshop to help you tile your background? But legibility and usefulness are still emphasized over flash and glamour.

The general approach of the text is thoughtful and appealing. Aaland names and draws on the experiences of many web designers from current high-profile sites. This is a rather nice way to include the "secrets of the experts" and also a broad range of styles and preferences. There are a few cookbook recipes for particular tasks, which should please the hurried reader. Eighty-eight colour plates are included in a central insert to illustrate fine details of image processing and how to handle colour. Expect to have to look hard sometimes to appreciate the point being made.

We can appreciate the small extra touches too. Every time a command is mentioned the full path to it through the menus is given - nice. Every now and then there is a sidebar with handy hints for various subjects, providing plenty of chances to learn by accident.

"Photoshop in a Nutshell" could have been designed as a companion volume for Aaland's book. This series is more familiar for its gritty volumes on Unix and Java, yet it rises to the challenge of Photoshop well, perhaps because of the package's undeniable complexity.

This book slices Photoshop into three parts: tools, menus and palettes, traditionally viewed from left to right on the screen. Everything you can imagine is covered, with space for a reasonable introduction to new concepts as required. For each tool or menu option there may be Common Uses, Common Errors and Special Notes. The format is quite flexible; a straightforward menu option may get half a page or less, whereas a more sophisticated tool will be allocated several pages together with relevant screen shots and examples of dialogue.

Each filter, a tool for special effects, has a typical result illustrated. This is great for anyone who has ever sat in the Filter-Undo-Filter-Undo loop. In these and other examples one misses the presence of colour pictures, but there has obviously been a tradeoff made in order to keep the price low and with nearly 600 pages it seems pretty reasonable. It's difficult to imagine any features of the package which might have been left out.

Appendix A makes the book more than simply a guided tour. It lists eighty pages worth of common techniques, from "Creating a Curved Line" to "Subtracting a Constrained Radiating Marquee from an Existing Selection". Another appendix deals with keyboard shortcuts.

Only the very determined beginner will find either or both of these books a good introduction to Photoshop. "... for the Web" assumes the reader is a competent Photoshop operator and addresses itself to that level. "... Nutshell" is a reference, albeit one with added value. For the basics try another book or preferably your local graphic expert who can point out just why those two images are not precisely the same. But once you're up to speed "Photoshop for the Web" is a good turbo, and "Photoshop in a Nutshell" a good road map.

Gavin Inglis works in the Unix support team at the University of Edinburgh where he provides help and advice to departments around the city. His favourite character in the Star Wars trilogy was the big fish general from the third one.

Samba: Integrating Unix and Windows

John D Blair
SSC, February 1998
298 pages, $29.95 including CD-ROM
ISBN 1-57831-006-7

(Reviewed by Chris Cook)

Want your Unix and PC clients to share files and printers without having to splash out on someone's expensive server operating system? Samba is probably the solution for you then. In case you haven't heard of it already, Samba offers Microsoft networking protocols, but for Unix boxes and for free. Born out of the lack of documentation when the author first started using Samba himself, he describes it as what he would like to have had to hand. I have to say that he really ought to have raised his expectations, although admittedly, only a little.

After introducing Samba and comparing Server Message Block networking with NFS, he lays out a quick road map of where Samba is now, and furthermore, where it is planning to go over the coming releases. This is comforting, particularly when contemplating persuading management to take advantage of this free software; many managers seem to display a phobia of free software, justifying their stance with the "free==worthless" and "free==amateur" arguments. This section alone displays more maturity on the part of the developers than many commercial developers.

Chapter 2 starts a little haphazardly but quickly settles down into a good summary of the evolution of Windows networking protocols. If all you want to do is set up a simple Unix - MS-windows share then skip the 40+ pages of this chapter but if you have time, and particularly if you want a little bit of background detail, then these make very interesting reading. Whilst giving a potted history of implementations of SMB by Microsoft, from the original Core to the more recent NT LAN Manager 0.12, the author cautions the reader that in dealing with Microsoft, their definition will more than likely differ from those more commonly held within the computing community.

The book could benefit from tighter editing and layout control. For instance, at the bottom of page 66 it discusses Pluggable Authentication Modules and refers to further reading... the top of page 67! Periodically, a small picture of some traffic cones appeared in the margin, along with one or two sentences cautioning the reader about something or other. Whilst useful, these were often, but not always, reproduced in the main text on the same page. I'll leave it up to you to decide whether or not this is a good thing but by the end I found it infuriating.

There were far too many typographical errors and inconsistencies throughout the text. Many of these were inconsequential but configuration file keywords need to be spelt correctly and flags ought to be in the right case. Some of the discrepancies may be the product of writing about a moving target; in several places the author mentions one version of the suite, whilst an accompanying example refers to another. Worryingly, in one section he warns against using any version prior to 1.9.17p2 due to a serious security bug and yet five pages later assumes a minimum requirement of version 1.9.16 without any further disclaimer. On the subject of security, he does give some useful warnings about not depending on certain configuration options that at first sight, appear to be a quick way to implement certain security features.

In general, the layout was annoying. Curiously, the main text is indented whilst examples begin to the left of the normal margin. This seems counter-intuitive, presumably resulting in a book some 20% thicker than it need have been. The sidebars seem to be all over the place, making it difficult to discern which portion to read next. Furthermore, in most cases these duplicated what had already been said in the body of text.

On a more positive note, there is lots of useful information on building and configuring Samba. The chapter on global configuration options begins with a mini index of where each of smb.conf's configuration parameters are covered. Useful if you're in a hurry. For those who need to build Samba from source, the salient make options for various operating systems are given. It makes a nice change to see the more esoteric flavours such as QNX and DGUX listed, in addition to the usual Solaris and Intel-only Linux.

There are lots of useful tips, especially for getting Windows NT and 95 working properly with Samba, although it's doubtful you would discover some of them without reading the book from cover to cover. In general, when touching on other topics, it does give a page number rather than the irritating "see chapter X", where chapter X is usually seven hundred pages long.

None of my criticisms are enough to destroy my enjoyment of what is essentially a good book. There is a lot of useful information here, although not always instantly findable. The book is not a tutorial on Unix administration, but Guru status is not a prerequisite. Not unreasonably, it does seem to assume good knowledge of Windows administration with "master browser" and "browse server" scattered throughout the text. Don't let that put you off.

Chris Cook is the Postmaster and a System Administrator at Cardiff University, though only until October 4th. He should still be contact-able via CookC@Cardiff.ac.uk, for a while at least.

Virtual Private Networks

Charlie Scott, Paul Wolfe Mike Erwin
O'Reilly Associates, March 1998
192 pages, £21.95
ISBN 1-56592-319-7

(Reviewed by Raza Rizvi)

This first edition book has a publication date of March 1998 but alas some of the product reviews date back a further 9 months, which in the fast feature changing world of VPN products is somewhat too long.

That aside, for the time being, the books covers the area of VPN technology from the knowledgeable background of an ISP with no tie to a particular vendor. This makes the information presented unbiased and clear as to the strengths or weaknesses of each approach. The authors start with a clear indication of why a VPN might or might not be appropriate for a company by presenting the evidence of why, and briefly how, your company might be the subject of an Internet-based attack.

The use of firewalls and proxy servers as inhibitors of inbound attacks is described with clear diagrams before readable documentation presents encryption and cryptography technology. An interesting table makes it clear that the best known algorithms have only 10 years to run on their patents, and that the RSA patent runs out in just 2 years. Whether this might bring down the price of technology that incorporates such cryptographic code is unclear...

Using a number of scenarios based on common types of connections, the authors describe how the pricing alters based on WAN, Remote Access or VPN technologies. Not only are company-company, and company-othercompany links covered but there is also consideration of the needs of staff-company connections enabling secure communications when the roving staff are permitted access via an ISP to the corporate network.

Based on the previous chapter, a somewhat convoluted company example is given. This example uses the three VPN products described in greater detail in the later half of the book. To my mind this makes the solution unnecessarily complex especially since in the light of present day technologies (and by this I mean over the last 9 months), it is possible to put forward more elegant solutions based largely on a single manufacturer thereby easing the role of the security or network administrator.

The first 'product' chosen is Microsoft's PPTP (Point to Point Tunneling Protocol). Two chapters cover both the background to the protocol and its implementation and configuration. It appears that every major screen is reproduced which makes duplicating the setup very easy. The authors also cover the PPTP implementation on the Ascend Max4000 and the USR Total Control Hub, although these dedicated remote access servers are probably a little on the large side for a corporate, they are in widespread use in ISP networks in the UK. Given the book publication date, the recent security loopholes and snooping utilities well documented on the web don't make it into print. As an aside, I urge sites using PPTP to visit the Microsoft site and others to obtain patches and advice on how to re-secure their own networks.

Secondly, the book covers the AltaVista Tunnel, from Digital (now a Compaq company). Again the two chapter layout is followed with background and then implementation. The AltaVista Tunnel user-based authentication allows connections from individuals from many different IP address sources. A series of well-documented examples makes the differences between LAN

LAN and User/LAN connections clear.

At the start of this review, I said that time from product review to publication was somewhat long. Nowhere is this made more clear than the description of the PIX from Cisco. Whilst it is clear in itself, it relates to v2.7, as opposed to the current 4.2 release. Some of the illustrated commands have changed format or even name and the functionality has dramatically increased with management now available over a Java based GUI as well as the command line (v3.0 introduced an HTML end which is also still currently supported).

Overall the book is a typical O'Reilly, clearly written, good diagrams, technicalities well explained and depth where required. I would have liked to have seen mention of inbound authentication using RADIUS, and it is a surprise that FireWall-1 from CheckPoint Technologies (also sold as Solstice Firewall by Sun) does not get a mention. In the time frame of the reviews in the book, this was the clear best seller (a position now held by the Cisco PIX). The O'Reilly web site indicates that the second edition should be out soon and will include Unix Secure Shell information.

If you are going to have a VPN for your company, then even if you end up selecting a different product from those covered in the text, you should think about reading the first half of this book. There are missing areas and the product details are old but it makes an acceptable first edition.

Raza Rizvi (raza.rizvi@red.net) is the technical support manager at REDNET. He is recruiting.

XML: Principles, Tools and Techniques

World Wide Web Journal Winter 1997, volume 2 issue 4
Dan Connolly (Ed.)
O'Reilly Associates, Winter 1997
248 pages, £21.95
ISBN 1-56592-349-9

(Reviewed by Andrew Cormack)

XML is the eXtensible Markup Language which develops HTML's use of tags to describe parts of a text document. While HTML has a fixed and limited set of tags, XML allows new sets of tags to be defined giving much greater descriptive power. For example a set of bibliographic tags would permit references to be searched by computer or reformatted into different styles. XML has two parts: a set of standard rules for how tags should be formatted and nested (known as the well-formed criteria), and a language for writing additional rules to further constrain their use. Rules may be used to specify the attributes for a tag and their default values, or to assert that there be only one <title> tag and that it be placed in the <head> section. The use of entities from HTML has been extended into a macro capability which would be very useful in maintaining common templates for web pages. This much of the language has been generally agreed and is on its way to becoming a standard. To link XML documents together a set of tags has been defined, known as XLL (eXtensible Linking Language), which provide all the link types familiar from HTML and many more. The draft XLL standard is largely complete though a few areas still need some work.

XML and XLL will allow structured documents to be written and linked together but, at present, it is much harder to display them using a generic program. A proposal exists for linking XML documents to the existing Cascading Style Sheets (CSS) but this can only describe visual presentation of new tags and not their behavior. CSS would not be sufficient to describe a new form tag for example. In future this extra functionality may be provided by a more powerful style-sheet language using the Document Object Model (DOM) to identify "active" sections of documents. Until this is done generic browsers will only be able to render static XML documents. Active XML documents will require programs dedicated to a particular tag set such as Peter Murray-Rust's Technical Markup Language, Microsoft's Channel Description Format or WebMethod's' Web Interface Description Language, all the subject of papers in the journal.

The journal contains the draft standards for XML and XLL as well as an early wish list for the DOM and a note on MathML, the long awaited Mathematical Markup Language. Gentle readers are warned that these are formal definitions of the languages, written in extended Backus-Naur Form (EBNF), and should turn first to section three and Norman Walsh's "Guide to XML" for an explanation in English! The standard is written as descriptive text with formal rules inserted at the point where they are described. This has become slightly confused in printing since the text is printed in two columns with the rules extending across both.

Several articles give a more general introduction to XML though the standard Web Journal organization makes them rather hard to find. Peter Murray-Rust's "Chemical Markup Language" is in fact a good explanation of the benefits of well structured documents while various papers by members of the development team give their views on how the language will be used ("The Evolution of Web Documents", "XML and the Future of the Web" and all of section 1). There are several examples of documents which meet the well-found criteria, but not many complete XML rules. For those learning the language, it might have been helpful to include some annotated examples of strict tag definitions.

XML is probably less familiar to the general web user than the subjects of previous journals, so this issue needed to include promotion as well as information. Although there are some excellent papers giving the background to the new language, neither the organization nor the content of the volume is suited to an introduction to the language. The main XML standard is virtually complete but the others are still liable to change and these printed copies may be a little premature. The amount of transient information in this issue makes it better suited to on-line publication than to long-lasting paper.

ANC (Cormack@cf.ac.uk) apologizes for the number of acronyms in this review.

The K Desktop Environment

(Reviewed by Andrew Lack)

"Is Unix ready for the Desktop?" asks the banner on the KDE web site (www.kde.org). I suspect it's been ready and waiting for this for some time.

KDE is a net-collaborative project to build and entire GUI system for Un*x-like systems, with Linux as the primary target. It's not just another window manager, but the Whole Damn Thing. Among the impressive array of applications is a file manager, help viewer, terminal emulator, e-mail client, text editor, desktop configuration tool and PostScript-previewer. Numerous additional applications are also under development, for example an entire "office" suite.


The KDE project is striving to do two things. Firstly, to integrate Internet access into the Unix desktop by including basic FTP and HTTP clients into the file manager and window manager. Secondly, to provide a GUI interface with a look-and-feel similar to another well-known Window system and to ensure uniformity of style throughout the applications.

KDE is built using the Qt toolkit which is available from Troll Tech. A lot of list-time has been spent over the past months on discussing the wisdom of using Qt, which has concentrated on the licence under which Qt can be used. Essentially, Unix programs which are free may use the toolkit without charge and the source code of Qt is available. However, the licence forbids any modification of the Qt code and as a result many GNU purists object to its use. RedHat, for example, refuses to distribute KDE for this reason. As well as Qt, KDE applications make use of a number of additional widgets which are part of the extensive KDE libraries. Collectively these give the applications a strong identity which is common throughout.


You will require more memory to run KDE than something like fvwm. I have 16MB of RAM plus a 20MB swap partition on my Linux box and if I run KDE and the gimp I can consume all of this.

KDE loves colours and running it on 8-bit displays isn't really practicable. Beta versions didn't work to well on 8-bits displays, but 1.0 seems to have overcome some of these problems.


KDE is available as either source or as pre-compiled binaries from ftp.kde.org, or better still, from the UK mirror ftp.net.lut.ac.uk/kde.

Installation is pretty straight forward. You can either start KDE by changing your .xinitrc file, or substitute your xdm for kdm, though I haven't tried this myself.

Version 1.0 of KDE was released in June 1998. This review was based on 1.0, plus experiences of both beta 2 and 3.

First Impressions

Wow! As soon as you see the desktop for the first time you cannot fail to be impressed. Window title bars are shaded and have five widgets which includes a push-pin which causes the window to appear in all your desktops.

KDE Screen Shot
The illustration shows the filemanager, KDE help, the calculator, a fractal generator, various desktop icons and the control panel.

KDE is similar to, but not identical, to the commercial Unix CDE package. The KDE panel has buttons to choose between (up to) eight desktops and you can add program or menu icons to give easy access to frequently used items. You can also "dock" some applications into the panel. This allows for animated icons and instant opening of windows. A large 3D "K" icon on the left of the panel is the starting point for a series of cascading menus which give access to all the installed applications.

A taskbar replaces the more traditional icons to represent running applications. It can hides itself off-screen when not in use, normally along the top of the desktop, but you can place it elsewhere. The application currently with focus is presented as a sunken button. Click-left on any of the task buttons to raise the window (if it's open) or restore to the desktop if it's `iconised'.

Files and Folders

The KDE filemanager, kfm, is launched when KDE is first started. It provides the basic file manipulation that you'd expect-- drag a file to another filemanager window and a pop-up asks if you wish to copy, move or make a symbolic link, drag a file to an application in the panel (or on the desktop) and the application executes and opens the file.

If you click-left on a file kfm attempts to execute a program which can open the selected file. The matching of file-type to program is done using MIME types.

The file manager understands tar archives (including compressed archives) and opens a standard file view when a tar file is selected.

You can drag files, folders (KDE-speak for directories) and programs out from the filemanager and leave them on the desktop. This gives you a quick way of working with files and folders without needing to have a filemanager window actually opened.

An Autostart folder is initially placed on the desktop. Any programs which are placed in the folder will launch when KDE is started. This is used to start non-KDE apps. KDE applications are restored to the same state when you next login by the session management feature.

A Trash-can is used to represent the `file delete' task. It is also a folder and clicking-left on it allows you to review the files you have `deleted'.


All KDE applications have a Help menu item which launches the help viewer, kdehelp. For this application alone it is worth using KDE. Not only is it a fully-fledged HTML browser, but it can also access Unix man-pages (understanding cross-references to other man-pages) and GNU info pages. It also has a built-in search feature, being able to search HTML and man-pages simultaneously (info-search is not yet available) giving you a single tool to three very different information sources.

Don't expect kdehelp to be fully compatible with Netscape Communicator, (and certainly not with IE4) but with the recent release of the Netscape Communicator source... In fact in early April Troll Tech announced the availability of a version of Communicator in which the Qt library replaced Motif.

Configuring KDE

One of the goals of the KDE project is to simplify customization through the use of GUI configuration panels. The KDE Control Centre (see illustration) allows you to set many features of KDE including the backdrop `wallpaper', the locale, mouse settings, sound effects (which are triggered by window events), screen saver, position of the panel and taskbar, the number (and names) of your desktops and the colours and fonts used by the windows.

KDE Control Centre screen shot

Accessing the Internet

The filemanager has a Location entry in which you can type the name of a directory to view. You can enter URLs in which case the tool accesses the object over the net. Access to local directories is indicated by the prefix file: (and it doesn't require the initial double slash). By changing file: to ftp: kfm will access a remote ftp server. Kfm understands the standard URL syntax for specifying remote user names, i.e. ftp:username@host/path/to/file Once connected to the remote FTP site you will see a view which looks just like a local directory, albeit somewhat slower. Drag a file to the desktop or onto an application's icon and the file is ftp'd over the network for you.

If you click-left on an icon displayed by the filemanager which happens to be an HTML document, kfm becomes a full web-browser. In fact the filemanager is an HTML browser, with the directory "view" being implemented as an HTML document.

The filemanager supports both an FTP and HTTP proxy.


The standard distribution comes with a number of utilities. It will not come as a great surprise to learn that all the utilities are named "k"-something. Here's a selection;

kedit is a point-click-edit style text editor,

kcalc is an excellent calculator--the best I've seen,

kview is an image viewer which still has a lot of work to be done and looks a lot less useful than xv at present

khexdit is a hex editor, allowing the content of any type of file to be viewed and changed,

kjots is a project time-tracker,

kfind is a simple-to-use "front-end" for the Unix find command

kdvi is a dvi previewer which has significant advantages over xdvi, though it lacks the magnifying glasses,

kghostview (see illustration) is a "K" version of ghostview, again much improved over the older version,

kghostview screen shot

kfax is a viewer for faxes, but you need to open a fax-file first, before you can get any help... so I don't know anything more about it,

kpaint is a bitmap paint program still a beta version,

As well as the more serious utilities, the standard distribution includes eleven games, these are the popular X games like patience and mahjongg, but "k-ised".

Adding your own Applications

You can add additional entries to the standard menus using a "super user" version of kfm. It's also possible to create personal menus under your ~/.kde directory. Activating the app finder cause KDE to search for a set of pre-configured binaries and adds these to the main menu.

Adding new menu items "by hand" involves creating (the somewhat clumsily named) kdelnk files. Menu items can be programs, URLs or devices.

Adding a device icon to the desktop to mount a CD-ROM or floppy disc is simple. Using the "user" mount-option with

etc/fstab allows an ordinary user to mount and un-mount devices.

Drag-and-drop support for non-KDE applications is partially supported in as much as the name of a file can be passed to an application when a file icon is dropped on a non-KDE app.

System Administration

Several utilities are included with 1.0 to help with system administration tasks. Included are;

kfontmanager allows you to make X11 fonts available for KDE applications,

ksysv is a System-V init-file editor,

kuser is a tool to manager users, though this only works if run by the super-user.

Unstable Applications

A considerable number of applications are available on the FTP site which are classified as "unstable" and so do not form part of the distribution. Included are "K" versions for apm, pgp, sendfax, pov, rubik, chess, crossword and goodstuff.

In September an early version of klp was released. This is a GUI "print-tool" providing a complete interface to the BSD printing. Having no print manager is an obvious omission from the 1.0 release of KDE, so this particular application is most welcome.


The KOffice project is by far the most ambitious contribution to the KDE system. Several large applications are under construction;

is a "K" version of the LyX word-processor for LaTeX2e (I reviewed the non-K version in an earlier UKUUG newsletter). Despite being a beta version, I've used it and found it very stable,
is a vector-based drawing application, modelled along the lines of Adobe's illustrator
presentation graphics
personal information manager

More information about the KOffice project can be found at www.kde.org/koffice

OK, So What's Wrong with KDE?

After several hours of exposure there are a number of rough edges, but the overwhelming impression is of a high-quality product. Nonetheless I do have some criticisms;

Despite the existence of a style guide, program authors are not producing consistent enough applications. An example here is the different ways programmers name the "exit" or "quit" option. Some apps have a keyboard accelerator, others don't. The frame menu calls it "close".

At present programming for KDE has to be done using C++

Qt. After years without a scripting language for X11 we now have Tcl/Tk, just when KDE comes along and provides a new look and feel. Bugger. So a scripting language for KDE is now required. There are versions of both Perl and Python which use Qt, but from what I've seen and read these are not nearly as simple and elegant as Tcl/Tk. In February I released Ktk which is a primitive, but usable, attempt at bridging the gap, but (significantly) it lacks drag-and-drop support.

The window manager, kwm, is not nearly so configurable as, say, fvwm and I find the lack of keyboard bindings for open and raise a real pain. ALT-Button2 does change a window's stack order, but on a notebook with only Buttons 1 and 3 this is not very convenient. When windows are re-sized there is no size feed-back like you get with fvwm.

So, What's the Bottom Line?

Use it.

Previous Next

Tel: 01763 273 475
Fax: 01763 273 255
Web: Webmaster
Queries: Ask Here
Join UKUUG Today!

UKUUG Secretariat