lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LFD.1.10.0807300942450.3334@nehalem.linux-foundation.org>
Date:	Wed, 30 Jul 2008 09:56:07 -0700 (PDT)
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	Adrian Bunk <bunk@...nel.org>
cc:	Rene Herman <rene.herman@...access.nl>,
	Stefan Richter <stefanr@...6.in-berlin.de>,
	Jon Smirl <jonsmirl@...il.com>,
	Paul Mundt <lethal@...ux-sh.org>,
	James Morris <jmorris@...ei.org>,
	Randy Dunlap <randy.dunlap@...cle.com>,
	Dave Jones <davej@...hat.com>, Theodore Tso <tytso@....edu>,
	Simon Arlott <simon@...e.lp0.eu>,
	lkml <linux-kernel@...r.kernel.org>
Subject: Re: 463 kernel developers missing!



On Wed, 30 Jul 2008, Adrian Bunk wrote:
> 
> I've added Linus to the recipients since stuff like e.g. Tested-by or 
> Bisected-by tags actually undermine what the DCE 1.1 update should
> have accomplished. So if DCE 1.1 (d) is considered to be legally 
> required for public indefinite storage of name and email address
> we have a problem here.

Quite frankly, since the patches are public anyway, and the code is open 
source, I personally think that worry is just silly fear-mongering by 
people who take lawyers not just too seriously, but then think that judges 
and lawyers are too stupid to think for themselves.

We added the lines to the DCO-1.1 because we wanted to make it _obvious_ 
that the legal requirements for the sign-off would never clash with any 
possible insane reading of things, but it was a "dot the i's" kind of 
thing.

The fact is, people who are involved in Linux know it's public. People 
make public bug-reports, and they _expect_ to get attributed. I think any 
worries about indefinite storage should be the other way around: we should 
strive to make sure that the attributions are consistent and correct.

If somebody really doesn't want their name and email known, they can say 
that. We won't accept patches from them, but it's certainly no problem to 
suppress "tested-by" etc things on request. Not that I have ever seen such 
a request that I can remember, nor do I really expect to ever see one 
(unless it's as a perverse reaction to this email where people just want 
to be silly).

Anyway, normal people talking about obscure and insane readings of some 
random law is stupid. You should worry about "doing the right thing", not 
about trying to read law as if it was some mindless machine that acted 
like the computers you're used to.

Let's face it, _everybody_ breaks laws if you think about them as some 
inflexible and absolute rules. Probably every day.

You roll through a STOP-sign (in California, it was almost as if that's 
what the sign _meant_). Maybe you take a shortcut when crossing the street 
and you don't walk _exactly_ on the zebra-crossing (or against a red light 
just because there were obviously no cars within _miles_ of you). Maybe 
you drive 58mph in a 55 zone. Maybe you walk around and spit out the 
cherry-pits on the street rather than in a garbage can.

Only insane people with OCD cannot understand that things aren't ever that 
black-and-white. Use your good _judgement_ for chrissake!

			Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ