lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 17 May 2017 14:36:03 +0100
From:   Alan Cox <alan@...ux.intel.com>
To:     "Luis R. Rodriguez" <mcgrof@...nel.org>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        AKASHI Takahiro <takahiro.akashi@...aro.org>,
        Greg KH <gregkh@...uxfoundation.org>, torvalds@...ux.intel.com,
        Rusty Russell <rusty@...tcorp.com.au>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        ciaran.farrell@...e.com, christopher.denicolo@...e.com,
        fontana@...rpeleven.org, copyleft-next@...ts.fedorahosted.org,
        One Thousand Gnomes <gnomes@...rguk.ukuu.org.uk>,
        Theodore Ts'o <tytso@....edu>, Paul Bolle <pebolle@...cali.nl>,
        Peter Anvin <hpa@...or.com>, Joe Perches <joe@...ches.com>
Subject: Re: Kernel modules under new copyleft licence : (was Re: [PATCH v2]
 module.h: add copyleft-next >= 0.3.1 as GPL compatible)

> At the very least 3 attorneys have reviewed this by now. 2 at SUSE
> and
> one at Red Hat. At least.

In the big picture that's irrelevant. An attorney's job is to protect
their client or employer.

> "we rather avoid any attorneys burning any ink and we prefer to just
> always
> require this 'dual or' language even for licenses which corporate
> attorneys
> have vetted as compatible"
> 

Generally no because "You may apply license X or license Y" type
statements are built upon hundreds of years of caselaw, dealt with
regularly already by companies dealing with open source and in general
don't need lawyers to peer at it because there is already clear policy.

The last thing the kernel needs is two, then three, then five then ten
different funky supposedly compatible with GPL licences where it relies
upon someone saying they are compatible.

That has lead to historic problems - long ago people naïvely assumed
BSD 4 clause was GPL compatible. Then the lawyers realised it wasn't
then you have a mess.

If you proposed a chunk of code that was a long term maintenance pain
in the butt Linus would tell you to take a hike. Why is it different
when you are doing the same by trying to introduce weird, un-necessary
licence complexity ?

Alan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ