| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Jun 2007 18:39:32 -0300 From: Alexandre Oliva <aoliva@...hat.com> To: Florin Malita <fmalita@...il.com> Cc: Daniel Hazelton <dhazelton@...er.net>, Linus Torvalds <torvalds@...ux-foundation.org>, Adrian Bunk <bunk@...sta.de>, Alan Cox <alan@...rguk.ukuu.org.uk>, Greg KH <greg@...ah.com>, debian developer <debiandev@...il.com>, david@...g.hm, Tarkan Erimer <tarkan@...one.net.tr>, linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, mingo@...e.hu Subject: Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3 On Jun 14, 2007, Florin Malita <fmalita@...il.com> wrote: > On 06/14/2007 02:27 PM, Alexandre Oliva wrote: >>> No, by this twisted logic Tivo *cannot* modify that particular copy >>> any more than you can. They can modify *another* copy (just like you) >>> and they can *replace* the copy in your device with the new version >>> (unlike you). >> Again, replacing is one form of modification. > No, it's not: replacing does not create derivative > work. Modification does. Thanks. Good point. This convinces me that this doesn't work as a legal argument under copyright. I still stand by my understanding that this restriction violates the spirit of the license. And since the specific implementation involves creating a derived work of the GPLed kernel (the signature, or the signed image, or what have you) and refraining from providing the corresponding sources to that derived work (the key and the signature "build scripts"), I still think this specific case is a violation of the letter of the GPLv2, even if the FSF doesn't take this position. > It seems pretty obvious that the only right Tivo is withholding is the > right to install new versions on the device Actually, no. They withhold the right to run versions that they don't authorize themselves. Back when GPLv2 was written, the right to run was never considered an issue. It was taken for granted, because copyright didn't control that in the US (it does in Brazil), and nobody had thought of technical measures to stop people from running modified copies of software. At least nobody involved in GPLv2, AFAIK. The landscape has changed, and GPLv3 is meant to defend this freedom that was taken for granted. > they never do (and really never could) "modify" the physical copy on > your device (which is your main argument). Qualifying it as the main argument is a bit of an exaggeration. I have a number of different arguments. The one about incomplete sources is the most solid IMHO. >> What do you think you do when you save a modified source file in your >> editor? > Don't skip the part where the in-memory version started as an exact > copy of the original being replaced. Notice the difference? ;) Sorry, I really don't follow. Both versions of the kernel binary also started from a common source ancestor. Were you trying to make a distinction on these grounds? -- Alexandre Oliva http://www.lsd.ic.unicamp.br/~oliva/ FSF Latin America Board Member http://www.fsfla.org/ Red Hat Compiler Engineer aoliva@...dhat.com, gcc.gnu.org} Free Software Evangelist oliva@...d.ic.unicamp.br, gnu.org} - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists