| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <8ef49ddf-e64f-d09b-9d31-9f64c89b6efb@leemhuis.info>
Date: Tue, 1 Dec 2020 21:45:39 +0100
From: Thorsten Leemhuis <linux@...mhuis.info>
To: Christoph Hellwig <hch@....de>, Jonathan Corbet <corbet@....net>
Cc: Matthew Wilcox <willy@...radead.org>,
Randy Dunlap <rdunlap@...radead.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org,
Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [PATCH v3 1/3] LICENSES: Add the CC-BY-4.0 license
Am 01.12.20 um 15:43 schrieb Christoph Hellwig:
> On Mon, Nov 30, 2020 at 07:51:37AM -0700, Jonathan Corbet wrote:
@Jonathan: thx for getting the ball rolling again!
>> We could also, if we saw fit, take the position that anything that has
>> been processed through the docs build is a derived product of the kernel
>> and must be GPL-licensed -
That position is totally fine for me (and in fact I think that's how
things are in that area anyway, but I'm no licensing expect).
>> any dual-licensing would be stripped by that
>> act. That, too, should address this concern, I think.
How to make this explicit? Right now the document I want to submit only
mentions the license in a comment near the top. From a quick test with
'make htmldocs' on f33 with sphinx-build 3.2.1 it seems comments are
stripped during processing, so the license won't be visible in the
processed document anyway. So I guess adding this as comment below the
SPDX tag should be enough:
```
Note: Only the contents of this rst file as found in the Linux kernel
sources are available under CC-BY-4.0, as processed versions might
contain content taken from files that use a more restrictive license.
```
Or should we add something like this to a top-level documentation file
to make it explicit for all of the documentation:
```
The processed Linux kernel documentation can be distributed under GPL
v2.0; some of the files used to build the documentation are available
under other licenses, check the Documentation/ directory in the Linux
sources for details.
```
>> In general I'd rather see fewer licenses in Documentation/ than more.
Fully agreed, but I checked the existing licenses first and none of them
afaics came even close to what I'd prefer to see (maybe MIT does, but
I'm not really sure).
>> But
>> Thorsten has put a lot of effort into this work; if he wants to
>> dual-license it in this way, my inclination is to accommodate him.
Thx for your support.
>> But
>> that requires getting CC-BY-4.0 accepted into the LICENSES directory.
>> (That said, I believe it should go into LICENSES/dual/ rather than
>> preferred/).
> I agree with everything said above.
Fine with me also, but I guess I need a little help here. The files that
currently resist in that directory all contain this near the top:
```
Do NOT use. The Apache-2.0 is not GPL2 compatible. It may only be used
for dual-licensed files where the other license is GPL2 compatible. If
you end up using this it MUST be used together with a GPL2 compatible
license using "OR".
```
CC-BY-4.0 is GPL2 compatible afaik, so what do I write instead?
Something like this?
```
Do NOT use for code, but it's acceptable for content like artwork or
documentation. When using it for the latter, it's best to use it
together with a GPL2 compatible license using "OR", as processed
CC-BY-4.0 document might include content taken from more restrictive
licenses.
```
Do we need more? Something like this maybe: "That's also why you might
want to point that risk out in a comment near the SPDX tag." Or is that
too much?
Ciao, Thorsten
Powered by blists - more mailing lists