[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Combining proprietary code and GPL for in-house use

Scripsit tb@becket.net (Thomas Bushnell, BSG)
> Henning Makholm <henning@makholm.net> writes:

> > The goal "the entire world must use MY license" is not one I support.
> > The goal "the code I wrote shall stay free" is an admirable one which
> > I do support. The GPL reaches that goal excellently even though it
> > doesn't do everything the bad gyus may wish it to do.

> Why do you think a strong GPL implies "the entire world must use MY
> license"?

That's the entire point behind the difference between GPL and LGPL.

> I want a strong GPL, and I want "the code I wrote shall
> stay free", and I see a strong GPL as one way to achieve that goal.

LGPL achieves it too. The only extra thing GPL says is that
"if you reuse my code, I'm not satisfied that you keep MY
code free. The code YOU write by yourself must also have MY
license."

> > You seem to be advocating security by obscurity. That's not usually
> > the free-software way of doing things. The free-software way to fix
> > bugs is to be open about them.

> Unfortunately while that can work excellently with security software
> (though I would note that it is Debian practice to work out security
> problems in private), it works less well in many other cases.  

Blah. *IF* some kind of "loophole" is found in the GPL, and *if*
the FSF decides to fix it by releasning a new version of the GPL,
the fact that a new version of the GPL has been released will be
public knowledge within hours. At that point, every villain in the
world will be able to deduce the nature of the loophole by diffing
the old and the new version, and every villain in the world will have
every opportunity to abuse the software that *he has already got*
under the condition that he follows "GPL version 2.0, or (at your
option) any later version.

Secrecy fulfills no rational purpose at all here. You cannot fix
your hole without making its existense public, and - contrary
to software security - there is *no way* to retroactively fix the
compromised implementations already employed.

-- 
Henning Makholm                              "Lucy giver mig en smule af sin
                                 vandration. Hun siger, piger ikke bliver så
                          tørstige som drenge. Jeg har tit selv tænkt dette,
                  men det burde være noget søfolk blev bedre orienteret om."
Reply to: