[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Integrity of Source Code

I wanted to enquire if clause #4 of the DFSG would allow a warning splash
screen as follows:

The program by default pops up a splash saying 'This is the official version
of X obtainable in source and binary form from Y' - justs popups up for 3
seconds or something not to obnoxious.

If the source code (not build parameters) are changed you are required to
have the message popup with 'This is an UNOFFICIAL version of X. The
official version can be obtained from Y.' - again for ~3 seconds.

The makefile could even be doing a quick checksum of the source code (*.h
and *.cc) files and comparing it to the release checksum to make it easy for
people modifying the program - they don't have to hunt for where to change
the message.

So, adding a debian directory and changing build paths and parameters would
not be modifying the source and so the 'this is official splash' would still
be used. However, if the code had to be tweaked - something disabled, etc,
that would make the program no longer the official upstream version.

Obviously any changes to the source code that improve it's configurability
or quality would be merged upstream.

Further, we have no intention of inhibitting the free flow of modified
version of the source or binaries, we merely want the user of derived works
to be made aware that this is no longer a version approved by us although it
is based off of work by us.

So, supposed a third party distributing the program needed to modify some
hard-coded path. They could do so and redistribute it with the splash
automatically updated to warn that this was not the official version. They
could then submit a change upstream that made the hard-coded path
configurable, if the quality of the code is not degraded it's merged in and
now the third party can rebuild using a configuration directive to change the
path - and it's now an official version.

Is this process legal and does it fit within the DFSG?

We want this warning prominently visible b/c unless the user knows to look
they are not going to root through help files and documentation to see if
the program has been modified. And of course, if they know to look, they
probably know the program has been modified.

The reason for wanting this is because the company I work at does not want
our product to have the quality impared and redistributed without the user
knowing about it. 

Thanks in advance.

Wesley W. Terpstra <terpstra@javien.com>
Javien Canada Inc. - Linux Developer

Attachment: pgpiGfa6Y5s0Q.pgp
Description: PGP signature

Reply to: