[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: PINE Debian Package

On Thu, 23 Apr 1998, George Bonser wrote:

> On Thu, 23 Apr 1998, Rev. Joseph Carter wrote:
> 
> > Are you aware that among other things the patches to pine added since the
> > last binary package was released include things which are not merely
> > configuration but are purely bug fixes, feature enhancements (maildir
> > patch comes to mind) and other things along that line?  UoW was asked
> > about these things and they said they didn't want binaries of unapproved
> > patches.
> 
> If it was any other package, I would not have said anything and I waited
> for someone else to bring it up before venting my frustration. Pine/pico
> is the one package that you can not expect the user to build because
> chances are good that they can't.  I use pine over telnet and never use
> pico but it is on the system and always will be. This is a very special
> application, it is usually one's first mailer and editor. 

Yes, this is very unfortunate. But the upstream authors really do not want
to change the license, so Debian has no choise. And the user can be given
very specific intstructions or even a script that will make it very easy
to compile and install pine.

> > In this sort of situation, I think a -src .deb file is a good thing for
> > pristine source with which one can apply Debian patches.  Does anyone else
> > think so?  Currently the only things I know of in this category are qmail
> > and pine.  Netscape can be put in .deb now and I don't think you can
> > distribute rvplayer..
> 
> qmail is completely different.  The author specificly disallows binary
> distribution of any kind. University of Washington makes no such demands.

The non-patched pine binaries violate Debian Policy. It is illegal to
distribute patched pine binaries. These two combined leave distributing
patched source as the only legal way to distrubute a version of pine that
complies with Debian Policy.

> > Because someone asked and the UoW clarified that they didn't want patched
> > binaries if they didn't pre-approve the patches.  The maintainer didn't
> > like that idea.
> 
> Hmm. I can understand that from the maintainers ego standpoint but if I
> owned pine, I might want a look at those patches too in order to see if
> there is anything that should go into the mainstream distribution and to
> see if someone was hacking backdoors to reading other people's email into
> the program.  In any case, if UofW specificly said that they want to
> pre-approve patches to a program they own and Debian thinks that is not
> acceptable, there is no choice.  I can understand their concern
> considering privacy issues.  Now if someone's mail is hacked on a Debian
> system and it is found to be the fault of Debian's patches, it is Debian
> that gets hauled into court where under UofW's method, Debian would have
> had some protection since the patches would have been approved by UofW.
> 
> I guess the same exposure would apply to any patches to any email system
> supplied by Debian with patches to the source.

If someone's mail gets hacked, it is the fault of the hacker, not of
anyone in Debian. Suppose you could sue Microsoft every time a Windows
system is cracked. Or any commercial OS, for that matter. You can't. And
you can't sue Debian [1] if a Debian system is cracked.

Remco

[1] You can't sue Debian at all, actually, since Debian is not
incorporated in any way so legally Debian doesn't even exist. You'd have
to sue the indivudual maintainers.


--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: