[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Berkeley DB 6.0 license change to AGPLv3

On Wednesday, July 10, 2013 01:06:47 PM Stefano Zacchiroli wrote:
> On Sat, Jul 06, 2013 at 05:41:16PM +0200, Bernhard R. Link wrote:
> > No, there is a really important difference. With GPL you only have to be
> > careful when you give binaries to anyone, that you also give the source.
> > This is a bit of a hassle, but worst case means that you cannot help
> > others with the software changes you have done (bad enough but worth the
> > hassle to have the source) if you miss some of the sources. But if the
> > sources may contain any passwords or other internal data you cannot/do
> > not want to share, so will likely the binary so that is no difference.
> On this level, the analogy GPL/AGPL still seems correct to me.
> A software distributed under AGPL will likely come with mechanisms
> already in place to point to its source code --- that might not be the
> case today yet, due to the scarce popularity of AGPL, but that's a
> separate matter.  That means that you can easily run unmodified version
> of an AGPL'd program, for any purpose, without particular restrictions.
> If you modify the software you might get in trouble but, according to my
> personal ethics, that's the trouble you should have. However, please
> note that as long as you run the software only for yourself, you don't
> have any problem. You might encounter problems only in the case you've
> modified the software, you want *others* to use it over the net, and you
> don't provide the source code that include your modifications.
> That shift is coherent with the shift in the most common deployment
> pattern for software: handing software copies in the past, using remote
> services over the net nowadays.
> (Anyway, here we're getting quite off-topic...)

Sorry, I can't quite let this pass.  I just went and looked at the AGPL v3 
again and one implication of the license is that you can't locally fix a 
security issue without immediate disclosure.  This doesn't fit my personal 
ethics at all and at least IMO makes it pretty unsuitable as a license for any 
network facing service.

Scott K

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: