[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#189164: libdbd-mysql-perl uses GPL lib, may be used by GPL-incompatible apps

On Wed, 2003-04-16 at 19:19, Steve Langasek wrote:

> My question is, how is a package that depends on DBD::mysql materially
> different from a compiled program that links dynamically against
> libmysqlclient?

    A ''derivative work'' is a work based upon one or more
    preexisting works, such as a translation, musical
    arrangement, dramatization, fictionalization, motion
    picture version, sound recording, art reproduction,
    abridgment, condensation, or any other form in which
    a work may be recast, transformed, or adapted. A work
    consisting of editorial revisions, annotations,
    elaborations, or other modifications which, as a whole,
    represent an original work of authorship, is a
    ''derivative work''. (Title 17 USC, Sec. 101)

I can see how it can be argued that dynamic linking is creating a
derivative work, because it actually involves copying _very small_
amounts of the library into the executable. I'm not sure if I agree with
that; but let's assume it true for a moment.

Now, we're talking about a perl script that contains _no_ part of the
other work. It's hard to see how it could --- by including no part of
the work whatsoever --- be a derivative work. Sure, it gets some
functionality from it, through a standardized API, which works with
several databases.

If you think that is a creation of a derivative work (and thus violates
the GPL), then I have a much bigger GPL violation for you to worry
about. It's with an interpreter known as "bash". Many "bash" scripts
rely on functionality provided by "bash" modules such as "grep", "gawk",
and even "tar". Why is this OK, if the DBI/DBD stuff isn't? "The
mechanisms are different; the effect is the same."

I've even heard rumors of a program which links against GPL libraries
and yet depends on functionality provided by modules with names like
"openssl.preinst" which are apparently under the OpenSSL license, which
is not GPL compatible. Oh, yeah, and there is even that apache-ssl
module for that relies on OpenSSL's x509 stuff. Once again, "the
mechanisms are different; the effect is the same."

[ Sorry for being so sarcastic in the last paragraph. But we really need
  to decide when program A benefiting from features of program B creates
  a derivative work, if ever. ]


Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: