Re: Hypothetical LaTeX security holes
> From: Jeff Licquia <licquia@debian.org>
> Date: 17 Jul 2002 15:26:25 -0500
>
> > Absolutely nothing in the currently used LPPL prevents you from
> > creating your version of LaTeX, call it latex-improved, and invoke it
> > by a command
> >
> > latex-improved file.foo
>
> Absolutely nothing in any version of the LPPL I've seen allows it,
> either, at least not that I've seen. Thus, the LPPL doesn't have to
> prevent you; copyright law does the preventing.
>
I think it should be spelled out better in LPPL-3. I hope Frank and
David will take note.
The wording of the current licnese is this:
-----------------------------------------------
The distribution of changed versions of certain files included in the
The Program, and the reuse of code from The Program, are allowed
under the following restrictions:
* It is allowed only if the legal notice in the file does not
expressly forbid it. See note below, under "Conditions on
individual files".
* You rename the file before you make any changes to it, unless the
file explicitly says that renaming is not required. Any such
changed files must be distributed under a license that forbids
distribution of those files, and any files derived from them, under
the names used by the original files in the distribution of The
Program.
* You change any `identification string' in The Program to clearly
indicate that the file is not part of the standard system.
* If The Program includes an `error report address' so that errors
may be reported to The Copyright Holder, or other specified
addresses, this address must be changed in any modified versions of
The Program, so that reports for files not maintained by the
original program maintainers are directed to the maintainers of the
changed files.
* You acknowledge the source and authorship of the original version
in the modified file.
* You also distribute the unmodified version of the file or
alternatively provide sufficient information so that the user of
your modified file can be reasonably expected to be able to obtain
an original, unmodified copy of The Program. For example, you may
specify a URL to a site that you expect will freely provide the
user with a copy of The Program (either the version on which your
modification is based, or perhaps a later version).
* If The Program is intended to be used with, or is based on, LaTeX,
then files with the following file extensions which have special
meaning in LaTeX Software, have special modification rules under
the license:
- Files with extension `.ins' (installation files): these files
may not be modified at all because they contain the legal
notices that are placed in the generated files.
- Files with extension `.fd' (LaTeX font definitions files): these
files are allowed to be modified without changing the name, but
only to enable use of all available fonts and to prevent
attempts to access unavailable fonts. However, modified files
are not allowed to be distributed in place of original files.
- Files with extension `.cfg' (configuration files): these files
can be created or modified to enable easy configuration of the
system. The documentation in cfgguide.tex in the base LaTeX
distribution describes when it makes sense to modify or generate
such files.
------------------------------------------------------
I believe that these lines give me the right to create
"latex-improved.dtx". The license author, David Carlisle, agrees with
this. If you think this intention can be made more clear, then you are
more than welcome to suggest improvements.
--
Good luck
-Boris
A good marriage would be between a blind wife and deaf husband.
-- Michel de Montaigne
--
To UNSUBSCRIBE, email to debian-legal-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: