Re: selling web application access
* Ottavio Campana <firstname.lastname@example.org> [060920 14:46]:
> Scenario: a software house develops a web application based on GPL
> software. It doesn't sell the application to customers, it sells the
> access to the application, which is installed, run and is maintained on
> the software house's server.
> Question: can the users ask for the application's source code? I mean,
> in the GPL only the case of software distribution is covered. But in
> this case the software isn't distributed, it remains in the software
> house's servers.
This is quite an old discussion and quite an often used excuse to
produce non-free software licenses. Take a look on "Affero loophole"
on your favorite search enigine.
This so called loophole shows a restriction how a sane copyright law
can restrict what people do.
The question is: If you do no have no license at all, are you allowed to
run a program?
While this question is open in most jurisdictions by constructs
like "copying to RAM/processor cache in order to run it needs copy
permission", let's assume a copyright law at least sane enough to
not restrict running.
Then how could you (assuming you want to) restrict the use case you
described? No copying is done, no distribution is done, nothing
is done we assume the copyright law to forbid. So this needs the
company to restrict itself from it by signing some contract telling
no to do it.
Why should it want to sign such a contract? Well, it modifies and
copies the program to develop its modification. For that it need
permission. So you'd have to force people to signing such a thing
before being allowed to modify it. (Does it already start to sound
non-free to you?)
But now imagine the company is clever and splits in two parts,
one developing the application and one running it. Uh. Oh.
The only thing helping out here would forbid the modifying and
copying company to give it to anyone without that one entering
a contract to not run it in a way you do not like (let's call
that on an EULA as that's what it is....)
But now I want to use some code from your application to use it inside
a router. How did you phrase your conditions on how people may run the
code? Are people causing packages to be sent over the router also
users thus having to request the source? Do I have to add to each
package routed a description how to obtain the source?
Next imagine I want to build a traffic light system. Are pedenstrians
pressing the buttons also users? Do I have to build in ethernet
sockets to allow people to retrieve the source code? Am I at least
allowed to make those requests served by other chips, so there is
no connection from the ports to the traffic control system, so noone
can easily switch all car lights to green when he finds a buffer overflow?
Of course one may also "only" restrict the right to modify the code
to remove some interface to retrieve source. But either you restrict
people to run firewalls and filters before that to block that interface
(which is again run restrictions) or you have just a massive restriction
on freedom without any gain at all, which I refuse to call free.
Bernhard R. Link
 sane in the meaning of sane provided it disallows copying by
default, though some might deem this to contradicting to be meaningful.