lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 7 Nov 2017 21:26:48 +0100
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Christoph Hellwig <hch@...radead.org>
Cc:     Theodore Ts'o <tytso@....edu>,
        Alan Cox <gnomes@...rguk.ukuu.org.uk>,
        "Darrick J. Wong" <darrick.wong@...cle.com>,
        Eric Sandeen <sandeen@...hat.com>,
        xfs <linux-xfs@...r.kernel.org>, linux-kernel@...r.kernel.org
Subject: Re: WTF? Re: [PATCH] License cleanup: add SPDX GPL-2.0 license
 identifier to files with no license

On Tue, Nov 07, 2017 at 11:28:46AM -0800, Christoph Hellwig wrote:
> On Tue, Nov 07, 2017 at 02:15:26PM -0500, Theodore Ts'o wrote:
> > On Tue, Nov 07, 2017 at 06:46:58PM +0000, Alan Cox wrote:
> > > > Given that it had no license text on it at all, it "defaults" to GPLv2,
> > > > so the GPLv2 SPDX identifier was added to it.
> > > > 
> > > > No copyright was changed, nothing at all happened except we explicitly
> > > > list the license of the file, instead of it being "implicit" before.
> > > 
> > > Well if Christoph owns the copyright (if there is one) and he has stated
> > > he believes it is too trivial to copyright then it needs an SPDX tag that
> > > indicates the rightsholder has stated it's too trivial to copyright and
> > > (by estoppel) revoked any right they might have to pursue a claim.
> > 
> > If Cristoph has revoked any right to pursue a claim, then he's also
> > legally given up the right to complain if, say, Bradley Kuhn starting
> > distributing a version with a GPLv3 permission statement --- or if Greg
> > K-H adds a GPLv2 SPDX identifier.  :-)
> 
> 
> First Christoph really appreciateѕ spelling his name right.
> 
> Second Christoph really appreciates talking to him when trying to slap
> on licensing bits on his code.  I'm not evil, but I'd really like to
> understand what you are doing and why, and I might be fairly agreeable
> if that makes sense.

I already described it in the pull request, and in this patch itself,
and in this thread already, what is happening, why it was done, and how
it was done.  I don't know how everyone who was on the original email
thread got dropped and the xfs mailing list added, that's just odd...

> Doing batch annotations of code where you do not the know any of
> the history of is a receipt for a desaster if we want to use that
> information anywhere.

But we did research the history as well as we could when touching 11k
files at a single time.  It's been months of research and work, as
described in the patch.

If we got something wrong, very sorry, not a problem, please, let's put
the proper license on the file and all will be good.  What file are you
concerned about, and what license belongs on it?  This patch only
touched files without any license header, so again, by default that
implied it was GPLv2.  Again, no copyright was changed at all.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ