lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1157219732.2473.51.camel@shinybook.infradead.org>
Date:	Sat, 02 Sep 2006 10:55:31 -0700
From:	David Woodhouse <dwmw2@...radead.org>
To:	davids@...master.com
Cc:	"Linux-Kernel@...r. Kernel. Org" <linux-kernel@...r.kernel.org>
Subject: RE: Possible gpl problem?

On Fri, 2006-09-01 at 22:54 -0700, David Schwartz wrote:
> 	So the purpose of the "any third party" requirement is to make sure that
> someone who receives a copy of the offer from a redistributor can acquire
> the source code. It's not so that someone who never received any
> distribution at all can acquire the source code.

I see. So your claim is that when it says "any third party" it doesn't
actually mean "any third party".

> > It doesn't say "any third party who is in possession of a copy of the
> > binary and has a verbatim copy of the original written offer of source".
> > It just says "any third party".
> 
> 	What would be the point of accompanying it with the information regarding
> the offer if that information served no purpose whatsoever? How could you
> enforce an offer when you had no knowledge of who was making the offer and
> what its terms were?

That seems like both question and answer to me; I think you're confusing
yourself.

The "information regarding the offer" is precisely that knowledge about
whom to contact to ask for the source. The point in accompanying
redistributed binaries with that information is so that the recipient of
the binaries knows how to obtain the source code.

That works because "any third party" has a right to approach the
original distributor and ask for the sources.

Of course, that third party does need to _know_ that the source is there
for the asking -- that's why the GPL specifies that the information has
to be passed on to subsequent recipients of the binaries. But that
doesn't mean that the original distributor is only required to provide
source to those who've received binaries -- the GPL says "any third
party".

It's entirely possible for a someone to be entitled to something without
actually being _aware_ of the fact. Your argument seems to be based on
the assumption that that is not possible, as well as a creative
misinterpretation of the fairly unambiguous phrase "any third party".

You keep talking about enforcement, strangely -- as if a right cannot
exist without the direct ability to enforce it. Many people seem to
believe that the only people who can _enforce_ the GPL are those who
hold copyright in the original source; whose work was used by the party
who is now refusing to provide their modified sources.

By your logic, if a right cannot exist without the ability to enforce
it, the only people who are entitled to receive source are the original
copyright-holders -- not even the direct recipients of the binaries,
since they are not in a position to _enforce_ the GPL.

That just doesn't make any sense.

-- 
dwmw2


-- 
VGER BF report: U 0.49756
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ