| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 30 Jul 2008 15:25:28 -0700 From: "David Schwartz" <davids@...master.com> To: "Stefan Richter" <stefanr@...6.in-berlin.de> Cc: <alan@...rguk.ukuu.org.uk>, "Linux-Kernel@...r. Kernel. Org" <linux-kernel@...r.kernel.org> Subject: RE: 463 kernel developers missing! I'll try to make this my last response on the issue, if possible. Stefan Richter wrote: > David Schwartz wrote: > > I think it's terribly bad manners to submit something to a GPL > > project and > > then complain when someone else uses it the way they want to. > > ... > > Enforcing data protection laws to restrict rights granted under > > the GPL is > > no different from enforcing an EULA to do ths same thing. > It's not the same thing, by far. EULA = "end user license agreement"; > while "data protection law" is... law. Obviously, licenses (contracts) > must not be unlawful. An EULA itself is not law, but neither would someone's request to be removed from such a list be itself a law. EULA's operate under law, and so would a request for data confidentiality. This difference is no difference. Both are attempts to invoke a law other than copyright to restrict rights guaranteed by the GPL. You may not use any law or provision to restrict another person's GPL rights. That's what the GPL says, and it means it. If a law, any law, permits you to impose restrictions on something the GPL allows, then you give up the right to use that law in exchange for the license the GPL grants. This obviously applies to your copyright in derivative works. But it would also apply to any attempt to use any law to encumber GPL rights. As the GPL states, the license grants you permission to copy, distribute, and/or modify the covered work. This is against any rights the authors might have to prevent you from doing so. > PS: You may use a GPL'd program any way you want --- although not for > unlawful purposes. But that's not a matter between you and the > copyright holder, it's between you and the law. Precisely. And others who wish to exercise rights under the GPL forfeit any legal mechanism (whether copyright, DMCA, contract, data privacy laws, or whatever theory) to impose "further restrictions" on those who wish to similarly use GPL works. Copyright is the carrot the GPL uses to get you agree to the stick. The stick is no "further restrictions" of any kind, imposed by any law. Obviously, you aren't responsible for an operation of law over which you have no control. But you cannot invoke copyright -- or any other law -- to restrict someone else's exercise of rights granter by the GPL. You get copyright, but you give up it all. No "further restrictions", period. > PPS: SCM metadata are not part of the program. The DCoO states that > the personal data submitted along with the contribution may be > redistributed "consistent... with the open source license(s) involved", > but it isn't discussed whether other terms of the licenses, notably > those on modification and derivatives, apply to the data supplied for > the certificate of origin. When you submit a unit to a GPL project, you place that unit under the GPL. That is what the DCoO is trying to say. There cannot be some things that some parts of the GPL apply to and some don't. There is no "sort of GPL, sort of not" that applies to some parts of some submissions. If something is part of or all of a submission made under the GPL, then all of the GPL applies to it. DS -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists