[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: System libraries and the GPLv2

Lars Wirzenius <liw@liw.fi> writes:

> Instead, I'll repeat that licenses shouldn't be violated. One way of
> achieving that is to ask copyright holders for additional permissions
> that are needed to avoid a violation.

The problem with this approach, though, is that many of us have tried this
with GPL software that links against OpenSSL and have been told that we're
being pedantic, wasting the maintainer's time, and they aren't going to
include any such specific license grant because they're not lawyers,
aren't going to mess with licenses, no one else has this problem, and
Debian needs to pull the stick out of its ass.

Now one can just say "well, we don't want to package software from
maintainers like that anyway," but often those people are perfectly
reasonable on many other topics and quite good upstreams.  We are widely
viewed as out of step with the community on this specific point, whether
reasonably or unreasonably.

I'm not saying we're wrong, necessarily, but the way that Debian interacts
with software licenses is truly not the way that nearly everyone else
interacts with software licenses.  We have non-lawyers with no legal
training read them carefully and attempt to apply their rules as if they
were written in normal English, very precisely.  (In other words, we treat
them like they're computer programs.)  Very, very few people outside of
Debian do this.  Elsewhere, people largely divide into two camps: a quick
skim looking for obvious issues followed by "meh, good enough," or review
by an actual lawyer who is making a legal decision based on legal
interpretation, case law, and a risk analysis.

I think we normally arrive at reasonable conclusions, but sometimes we do
arrive at conclusions that neither of those other two camps reach, and
then we can look oddly out of touch.

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: