lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <f73f7ab80905121852y42b200a4rfa25ed2b76dd3754@mail.gmail.com>
Date:	Tue, 12 May 2009 21:52:00 -0400
From:	Kyle Moffett <kyle@...fetthome.net>
To:	Joerg Schilling <Joerg.Schilling@...us.fraunhofer.de>
Cc:	adi@...apodia.org, linux-kernel@...r.kernel.org
Subject: Re: [2.6.30-rc2] CD-R: wodim intermittent failures: [sr0] Add. Sense: 
	Logical block address out of range, sector 0

On Thu, Apr 23, 2009 at 10:48 AM, Joerg Schilling
<Joerg.Schilling@...us.fraunhofer.de> wrote:
> I see two possible problems that should be first resolved.
>
> 1)      You are using "wodim" instead of cdrecord.
>        "wodim" is a very old version (4+ years) of cdrecord with
>        additional bugs. Due to Copyright & GPL violations, it cannot
>        even be legally distributed.

Not to get into a flamewar on this, but multiple sources disagree with
you on this point.  Just so it is clear... I do not expect a reply to
this message and I will not read one if it is sent.  I simply wish to
exercise my free speech rights and provide potentially useful
information.

Since you released cdrtools under the GPL, you cannot possibly expect
to claim that someone else distributing a copy under the same license
is violating your copyright.  You also cannot claim trademark
violations as the maintainers of "wodim" intentionally changed the
names of all of the programs.  Debian-based systems no longer even
install the "compatibility symlinks" that you claim to have a problem
with, and have not for some time.  Furthermore, you have certainly
never held a patent on the cdrecord design.

References:
http://lwn.net/Articles/195167/
http://en.wikipedia.org/wiki/Cdrkit
http://www.cdrkit.org/

If you would like to contest specifics of GPL compliance, please also
reference a rather extensive body of other GPL work (incl. the Linux
kernel) which does *NOT* require the following (this list partially
taken from your webpage at
http://cdrecord.berlios.de/new/private/linux-dist.html):

  *  Tracking the author and date for every individual change in every
file.  If this was true, the Linux kernel source (for example) would
be roughly 95% changelogs.

  *  Displaying the copyright messages exactly the same way the
original author does.  The GPL requires that you must preserve the
contents of the copyrights and attribution and make them easily
accessible to the user.

  *  Including source code beyond what was used to produce a specific
binary version.  If I delete code for specific kernel modules from a
kernel tarball and distribute the resulting kernel binary I am legally
*required* to distribute the modified sources (as opposed to the
original sources).

I cannot comment on German legal code as I am neither fluent in German
nor well-versed in that particular legal code.  On the other hand, I
can state that neither of the restrictions you specify apply to
distribution of GPLed binaries within the US.  This is especially true
as the GPL contains the statement that "this software comes without
any warranty whatsoever".

It would be very difficult for someone to prove tangible harm to
reputation from software distributed by a third party under the
original author's terms of "no warranty whatsoever, not even including
the implied warranties of merchantability or fitness for a particular
purpose".


And back to something vaguely resembling the original topic:
> As Linux requires root privileges for many SCSI commands, you need to
> install cdreord suid root which is automatically done via "make install"
> as root.

If you discover that you need root privileges to burn a CD or DVD,
that is a kernel bug and we would very much appreciate a bugreport.

Cheers,
Kyle Moffett
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ