lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <5d5da06a-5c20-4031-9b71-9a6b6ef91cef@posteo.de>
Date:   Sat, 18 Nov 2017 00:43:46 +0100
From:   Martin Kepplinger <martink@...teo.de>
To:     Jonathan Corbet <corbet@....net>,
        Greg KH <gregkh@...uxfoundation.org>
Cc:     akpm@...ux-foundation.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] samples: replace outdated permission statement with SPDX
 identifiers

On 2017-11-17 23:53, Jonathan Corbet wrote:
> On Thu, 16 Nov 2017 12:41:10 +0100
> Greg KH <gregkh@...uxfoundation.org> wrote:
> 
>>> I'll fold this in, in the thread here. I guess this change is what Greg
>>> had in mind? Or would you prefer having including SPDX and removing
>>> permission statement seperately?  
>>
>> I have been doing them in 2 steps, but only because the files I modified
>> were in different "chunks" (i.e. add missing SPDX identifiers to a bunch
>> of files in a directory, and then the second patch would remove the
>> license identifiers for all files in that directory).  As that type of
>> patch flow doesn't make sense here, I think what you did was just fine.
> 
> So I'll confess to being a little worried about removing the boilerplate:
> 
> 	And it's important to notice that while adding a SPDX line should
> 	not really be controversial (as long as you get the license right,
> 	of course - Greg&co have the CSV files for everything, in case you
> 	want to check things you maintain), before removing the
> 	boiler-plate you really need to feel like you "own" the file.
> 	— Linus (https://lkml.org/lkml/2017/11/2/715)
> 
> Are we sure that we're not going to get in trouble with the people who do
> "own" those files if we rip out the boilerplate?  It would be good to have
> some clarity on when that can be done.
> 
> Thanks,
> 
> jon
> 

Greg,

I assume you are well aware that I initially simply wanted to correct an
actual mistake in the permission statements with my proposed changed.

I asked whether you know about any consesus met before doing something
like removing people's permission statements. That's because the FSF's
"reuse" project pushing SPDX, for example says "Don't remove any license
texts", see https://reuse.software/practices/ and "Don’t remove existing
headers, but only add to them."

It may well be that that's not the all there's to it and that there's
other ways.

But Greg, people are listening to you. Please don't give advice in
directions that are not clearly correct for Linux. You know you could
have simply ack'd the initial mistake-fix in that case. It wouldn't have
hurt anybody.

just saying because it'd be nice to rely on things you say :)

thanks

                               martin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ