[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Plugins, libraries, licenses and Debian



bts@alum.mit.edu (Brian T. Sniffen) writes:

>> When I run Konqueror to visit secure sites, both QT (which I obtained
>> under the GPL) and OpenSSL are loaded in the same address space, which
>> is enough to create a derived work, according to the FSF.  You said
>> yourself that even writing code capable of doing this was illegal.
>
> I certainly did not. 

OK, you said "Writing the combined work of the framework, the
OpenSSL-using-plugin, and the Readline-using-plugin is not allowed by
the GPL.".

> "emacs ~/src/qt/* ~/src/openssl/*" loads all that code in the same
> address space, but is not illegal.

Editing source code doesn't make the code derived from the editor.
That's stated in more obscure terms in copyright law.

> I said that creating a single work which does that probably violates
> the license of the GPL'd code.
>
> I don't know the details of who writes the SSL support for Konq or how
> it's done, nor do I have any machines with Konqueror on them in front
> of me right now, so I can't comment on that.

There's a C++ class (LGPL license, no exceptions) that loads OpenSSL
dynamically.  I'd be doing approximately the same, except in C.

>>> KDE is also manifestly not a single work: I use konquerer but no other
>>> part of it, for example.
>>
>> Any typical use of my program would use only a few of the available
>> plugins.  What's the difference?
>
> That you're making a single work which benefits from the generosity of
> the authors who released their code under the GPL,

And KDE is not?  When I run Konqueror, it most certainly appears as a
single work to me.  I know there are several processes and lots of
magic going on behind the scenes, but there's no way I can influence
that.

> but don't seem willing to abide by the rules they set for derivation
> from their code.

I'll abide by the rules, once I figure out what the rules are.

>>> The KDE folks have, from what I've seen, been quite careful with
>>> licensing issues.
>>
>> In case you hadn't noticed, I'm trying to be, too.
>
> You seem to be looking for a way to do what you want while claiming
> it's within the bounds the authors set.

The bounds are very unclear, and I'm trying to gather some opinions
about them.

>>> Can you provide any specific examples of single works incorporating
>>> pure-GPL work and linking against OpenSSL?
>>
>> KDE is distributed as a few huge tar files, obviously intended to be
>> used together.  Someone said that was enough to make the GPL apply to
>> all of it.
>
> Who?  Where?  That looks much more like "mere aggregation" to me.

One Andrew Suffield said, in message <[🔎] 20031206151537.GA10316@doc.ic.ac.uk>:

> > > No. But a vendor could get into trouble if they shipped both.
> > 
> > How's that?  The GPL allows distribution together with non-GPL works,
> > as long as the non-GPL things are not derived from anything GPL'd.  In
> > my opinion, placing two shared objects in the same tar file doesn't
> > make one a derived work of the other.  Would it make a difference if
> > the offending (to rms) plugins were distributed separately?
>
> The argument is, approximately, that by shipping the whole lot
> together you are creating a derived work that violates at least once
> of the licenses. Certainly you can concoct a case where this is
> plausible (wrap them all up in one .deb with a default configuration
> that uses both) - and it is not at all clear where to draw the
> line. There are legitimate arguments in both directions (the
> counter-argument is approximately "It's not derivation, it's
> collation").

>>>>> Ask yourself this: is what you're doing in compliance with the wishes
>>>>> of the authors of the various pieces of software you're using?
>>>>
>>>> I don't know what the authors wish, I'll have to ask them.
>>>
>>> They've told you in the license.
>>
>> They haven't told me their intent with choosing that particular
>> license.
>
> That's not *what* they want you to do, that's *why* they want what
> they want.

In Sweden, there are numerous court discussions about what the actual
intent was with various laws.  Apparently, even after vast resources
and lots of time has been spent debating the matter before the law was
passed, still nobody knows why they did it or what they really wanted
to say.  How then, can someone who tacks on the GPL, because he's seen it
before, and it's supposed to be a good choice, know exactly what he
really wants?  I'm not talking about GNU Readline here, I'm talking
about numerous small projects having nothing to do with the FSF and
their grand scheme.

-- 
Måns Rullgård
mru@kth.se



Reply to: