[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Hypothetical LaTeX security holes

On Wed, 17 Jul 2002, Joe Moore wrote:

> According to the LPPL (as I read it), Debian does not have the right to
> change latex.ltx without renaming it (latex.ltx? or the whole program?), and
> the LaTeX maintainers may have little interest in fixing an "obscure bug"
> that only affects a small set of users.

Doesn't matter.

The ability to fix bugs is not sufficient for software to be free, so
whether there could be bugs that need fixing is a bit irrelevant.  Maybe I
want to add or remove a feature, or otherwise make it fit my needs.

In order to be free, it must allow exactly what LPPL seems designed to
prevent.  A Debian user can take LaTeX, make it behave differently than
the original, (including producing different output), and distribute the

If I can't call it latex, fine.  I'll call it latex-improved and set up
the scripts that invoke it to use that by default.  If I can't do that,
then it's not free.

If the latex folk are looking for sections of DFSG to comply with,
DFSG 3 is the one.  It must allow modifications.  Not "bugfixes", not 
"modifications that the author approves", not even "modifications that 
pass a test suite".  

If I want to distribute a system based on latex that prints a tiny nude
picture of Ernest Borgnine instead of a period, this must be allowed by a
free license.

DFSG 4 does not override this, it's a suggestion of a way to allow such
modifications while enforcing the ability of a recipient to reconstruct
the original if she doesn't like the modifications.  It's not necessary 
IMO because she can ALREADY just get the original package from the source 
in almost all cases.

I'm all for discouraging modification to a work, especially one like latex
which is already extensible and stable.  But it cannot be disallowed, and
where possible the recommendation should be seperate from the license.
Mark Rafn    dagon@dagon.net    <http://www.dagon.net/>  

To UNSUBSCRIBE, email to debian-legal-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: