lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 21 Sep 2018 20:24:35 -0400
From:   "jonsmirl@...il.com" <jonsmirl@...il.com>
To:     joeypabalinas@...il.com, Theodore Tso <tytso@....edu>,
        dreamingforward@...il.com, fche@...hat.com, riel@...riel.com,
        ec429@...tab.net, Olof Johansson <olof@...om.net>,
        Jonathan Corbet <corbet@....net>,
        lkml <linux-kernel@...r.kernel.org>
Subject: Re: Code of Conduct: Let's revamp it.

On Fri, Sep 21, 2018 at 8:05 PM Joey Pabalinas <joeypabalinas@...il.com> wrote:
>
> On Fri, Sep 21, 2018 at 07:31:05PM -0400, jonsmirl@...il.com wrote:
> > On Fri, Sep 21, 2018 at 7:17 PM Theodore Y. Ts'o <tytso@....edu> wrote:
> > >
> > > People can decide who they want to respond to, but I'm going to gently
> > > suggest that before people think about responding to a particular
> > > e-mail, that they do a quick check using "git log --author=xyzzy@...mple.com"
> > > then decide how much someone appears to be a member of the community
> > > before deciding how and whether their thoughts are relevant.
> >
> > How does this part apply to email addresses used to commit code?
> >
> > * Publishing others’ private information, such as a physical or electronic
> > address, without explicit permission
> >
> > It appears to me that this would conflict with the GPL since the GPL
> > granted the right to distribute (or even print it in a book) Linux and
> > Linux contains email addresses.  This also seems contradictory with
> > the Reply button I used to send this email.
>
> I don't really think email addresses used in patches which are sent,
> voluntarily, to a public mailing list are something you can sanely
> consider "private information".
>
> > How do you reconcile working on a public project while keeping email
> > address secret?
>
> This is a little more delicate, and I admit that I can't really
> think of any real solutions for this part...

I would propose adding a statement to clarify that Linux is a public
project and because of this things like names and email addresses of
people working on the project are public information. I don't see how
any other position is viable since it appears to be a GPL conflict.

But... it this bothers you, simply don't use your private, personal
email address when working on the kernel. Anyone with the skills to
work on the kernel should know enough to be able to create email
aliases. No rule says you have to use your real name either.

Aliases have been used in the past, search through the logs and you
will find a few commits from 'anonymous'. However, commits from
anonymous sources have to go through extra layers of review since the
identity of the contributor and their reputation is unknown.

If someone is using an email alias and has their hidden, true address
published then that would be a CoC violation. Although if you mess up
and submit a patch using your hidden identity, you just published it
and it is no longer hidden.


>
> --
> Cheers,
> Joey Pabalinas



-- 
Jon Smirl
jonsmirl@...il.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ