| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 06 Jan 2019 08:39:03 +0000 From: vnsndalce@...eware.net To: schwarze@...a.de, misc@...nbsd.org Cc: linux-kernel@...r.kernel.org, gentoo-user@...ts.gentoo.org Subject: Re: Yes: The linux devs can rescind their license grant. GPLv2 is a bare license and is revocable by That may be OpenBSD policy, but it is not the law. Your OpenBSD policy cannot bind the copyright holder of the works you distribute. It's also an incorrect statement of the law. If the copyright holder did not receive consideration/payment/etc from you: you have no interest to bind him with. He can rescind. If you read the BSD license(s) there is never a "no-revocation-by-grantor" clause, so you cannot even make an argument that you relied on a promise of his (he made no such promise). Furthermore you never paid for that non-existent promise to begin with: he just gratuitously gave you permission to use and modify his property. He end that permission. Why would you think that you can make promises for some other entity even? How does that even make sense to you? Additionally, the *BSD projects (as entities) cannot make promises about code they do not own the copyright to. So if you did not require copyright assignment from developer X, Y, Z, said developer still owns the copyright: not the project. So, maybe the project or entity E is making some promise: but that promise was not made with respect to code snippet FOO since the project or entity E does not actually OWN code snippet FOO but instead there has been granted a license to use and modify it. Permission that can be rescinded from the licensee E unless the licensee E secured an interest regarding that (paid the programmer, for instance, and he agreed to terms etc). The rule is that a license is revocable absent an attached interest. Gratuitous licenses are not worth the paper they are printed on. (usually they are never printed out tho :P, or even read). They do not bind the grantor. They bind YOU. Not the property owner. (If you want the property owner bound to the terms you purchase that right from him in some way.) Ingo Schwarze <schwarze () usta ! de> wrote: -------------- Hi, i'm not replying to the trolls (or their off-topic rants) in this thread, and i'm not spamming other project's lists. Instead, i'd merely like to clarify a point that is actually on topic on this list, to avoid that users get confused by FUD. One of the trolls wrote: > A gratuitous license, absent an attached interest, is revocable at > will. > This goes for GPLv2 as used by linux, just as it goes for the BSD > license(s). That is not what /usr/share/misc/license.template means, and i'm sure all OpenBSD developers are aware of that. The OpenBSD website makes the meaning very explicit: https://www.openbsd.org/policy.html [...] Finally, releases are generally binding on the material that they are distributed with. This means that if the originator of a work distributes that work with a release granting certain permissions, those permissions apply as stated, without discrimination, to all persons legitimately possessing a copy of the work. That means that having granted a permission, the copyright holder can not retroactively say that an individual or class of individuals are no longer granted those permissions. Likewise should the copyright holder decide to "go commercial" he can not revoke permissions already granted for the use of the work as distributed, though he may impose more restrictive permissions in his future distributions of that work. Yours, Ingo
Powered by blists - more mailing lists