Last week, four separate Linux vendors announced their intent to work together to create a single distribution named UnitedLinux (http://www.unitedlinux.com). The companies, Caldera, Conectiva, SuSE, and Turbolinux, are all very popular within their distinct geographical areas, but don't generally compete with each other.
This new distribution will adhere to all the applicable Linux standards such as the Linux Standards Base (LSB), Linux Internationalization Initiative (GB18030), and Filesystem Hierarchy Standard (FHS). Many distributions currently implement part of these standards, but miss the mark in places either because of a difference of opinion or because of separate evolutionary paths. Red Hat's use of /etc/rc.d/init.d vs. /etc/init.d, for example, always bugged the heck out of me.
Linux, being open and free, has been a living breathing and evolving entity. You have the old standards like Slackware, Debian, and Red Hat. You have distributions forked from previous versions, like Mandrake (forked from Red Hat) and SuSE (forked from Slackware). You have new distributions created from the ether itself such as Owl (http://www.openwall.org/Owl), Gentoo (http://www.gentoo.org), and Linux From Scratch (http://www.linuxfromscratch.org). There are security-enhanced distros like Immunix (http://www.immunix.org), EnGarde (http://www.engardelinux.com), and SELinux (http://www.nsa.gov/selinux), or even distros for turning your machine into a piece of network hardware like Linux Router Project (http://www.linuxrouter.org)or the Floppy Firewall (http://zelow.no/floppyfw).
As should be familiar to anybody who has studied Darwin (and I mean the dead scientist, not Apple's new project), all these different offshoots of the same GNU/Linux creature will have different viabilities in the ecosystem -- in this case the hard drives across the globe. However, what cannot happen in natural evolutionary systems is the intelligent merging of different branches.
If you take a bunch of animals from slightly different species -- say a whole mess of grasshoppers with different characteristics -- and have them join together, you will end up with a mixing of all the character traits, but you will lack a 'superior' version of the grasshopper until a lot of time passes. Even then, the 'super eyesight' gene may be tied with the 'really tasty to birds' gene, and you wouldn't be able to separate them. Bye-bye eyesight gene.
Security a la Carte
A merging of Linux distributions has the opportunity to pick and choose the best features from each suite. The vendors will work together to create the final product, rather than letting all the variations spawn and die for eons until the right version survives. Hence, we'll see results much sooner than those fictitious uber-grasshoppers. Think of it as a form of intentional and directed punctuated equilibrium, if you will.
From a security point of view, we have a chance to see what will come from the merger of different mindsets. SuSE, for example, impressed me early on with the security scripts and tools they shipped before other distributions were even worrying about proactive security measures.
The UnitedLinux white paper stresses their security systems more than I expected, given that the distro itself seems geared toward ISVs (Independent Software Vendors) and IHVs (Independent Hardware Vendors) who, traditionally, have taken the 'security only slows things down' approach. However, all of our favorite tools will be available: netfilter (a.k.a., iptables), for firewalls and much more; Snort and ACID for IDS (intrusion detection) and analysis; SSL for all available protocols (pop/imap/smtp/ldap/http/etc); various encrypted filesystems; IPSec for creating secure VPNs or host-to-host transmissions; and, naturally, all the PAM authentication methods you could shake a stick at.
One Remaining Question
How easily can UnitedLinux provide these features to the end user and administrators? The trick will be to create software that is easy enough for an idiot to administer, without making it easy enough for an idiot to mis-administer.
As with any big project, more parties becoming involved increases the risk of gaining less ground due to internal busywork, more meetings, and less sense of direction. I think, in this case, there will be a strong incentive to get this distribution out the door on schedule (version 1.0 release is scheduled for Q4, 2002). Regardless of how the literature may be written, UnitedLinux's real goal is to rival Red Hat's current position in the marketplace. If they can do it by creating a better Linux distribution, then I'm all in favor of it. After all, it's just evolution in action.