Re: [Firebird-devel] extern/SfIO/include/stdio.h license problem
On 23-5-2012 22:24, Dimitry Sibiryakov wrote: 23.05.2012 21:00, Leyne, Sean wrote: When ATT had resources which were developing Unix it might have been possible to reach out to them. But given that is no longer the case, I think it more likely that we could raise Dennis Ritchie from the dead (Dennis Ritchie is father of C programming language, he died in October 2011) before we would get an answer from ATT. In this case we can consider this file to be abandonware. That is BS and the wrong attitude to go about (potential) IP problems. Abandonware does not exist, and taking something as your own because you can't contact the owner is evil. My non-lawyer opinion is that header files are not subject to copyright. This is confirmed by a number of lawsuits here in Europe, where - if I understood it correctly - it was stated that the definition of an API (eg a header file) is not a creative work and therefor not copyrightable; only the implementation itself can be copyrighted. Do note that ATT itself states that SfIO is release under an opensource license: http://www.research.att.com/software_tools They also state that the entire package is covered by the license: http://www2.research.att.com/sw/download/ Before downloading you have to accept the EPL license. Now that package does contain a stdio.h (in src/lib/sfio/stdio_s) with the 'scary' license, but in my opinion that is overruled by the fact that the ATT website itself says it is under EPL before you download it. If you want to know for sure, contact either g...@research.att.com (feedback link on the download page) or at...@att.com (licensing contact listed on the main page). Mark -- Mark Rotteveel -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] extern/SfIO/include/stdio.h license problem
On Thu, 24 May 2012 08:39:55 +0200, Mark Rotteveel m...@lawinegevaar.nl wrote: They also state that the entire package is covered by the license: http://www2.research.att.com/sw/download/ Under 'License' in the menu on the leftside. Mark -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] extern/SfIO/include/stdio.h license problem
On Thu, May 24, 2012 at 08:39:55AM +0200, Mark Rotteveel wrote: Before downloading you have to accept the EPL license. Now that package does contain a stdio.h (in src/lib/sfio/stdio_s) with the 'scary' license, but in my opinion that is overruled by the fact that the ATT website itself says it is under EPL before you download it. As I tried to explain yesterday, this is nice but this link is in the opposite direction. Someone who downloads Firebird source tarball and wants to use (and possibly redistribute) it in some way, cannot rely on some website somewhere providing the same file under compatible license (moreover, it actually does _not_ provide the same file). He/she has only the file and the text on top of it - and it sounds quite discouraging. Anyway, if noone else thinks this is a problem, I'll just remove the file as (at least some) other Linux distributions do. Michal Kubecek -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] extern/SfIO/include/stdio.h license problem
On Thu, 24 May 2012 10:36:51 +0200, Michal Kubecek m...@mk-sys.cz wrote: On Thu, May 24, 2012 at 08:39:55AM +0200, Mark Rotteveel wrote: Before downloading you have to accept the EPL license. Now that package does contain a stdio.h (in src/lib/sfio/stdio_s) with the 'scary' license, but in my opinion that is overruled by the fact that the ATT website itself says it is under EPL before you download it. As I tried to explain yesterday, this is nice but this link is in the opposite direction. Someone who downloads Firebird source tarball and wants to use (and possibly redistribute) it in some way, cannot rely on some website somewhere providing the same file under compatible license (moreover, it actually does _not_ provide the same file). He/she has only the file and the text on top of it - and it sounds quite discouraging. Anyway, if noone else thinks this is a problem, I'll just remove the file as (at least some) other Linux distributions do. You might be right that it is the best way to go. I do get the feeling that ATT just threw those package over the fence with an opensource license without bothering to update the sourcecode to mention the license or remove older license details. Mark -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] extern/SfIO/include/stdio.h license problem - Email found in subject
On Tue, May 22, 2012 at 05:24:27PM -0400, Leyne, Sean wrote: while reviewing Firebird 2.5 packages for OpenSuSE Factory, our legal team noticed that copyright notice on top of extern/SfIO/include/stdio.h claims that it contains certain software code or other information proprietary to ATT Corp. What is the problem with the FB packages having this file? I'm not sure it really is a problem but given the text on top of the file, I can't be sure it is OK either, especially when our legal team considers it to be bad enough to exclude it from OpenSuSE. This is why I wanted to discuss it in the list. (Yes, I too would prefer to live in a world where a developer doesn't need law school more then computer science.) The problem I see is that the source tarball contains a file claiming it contains a code proprietary to ATT and not referring to any license. For anyone who gets the tarball it means they don't now what they can or cannot do with it - and therefore with the source tree as a whole. There is no restriction on the distribution of the file. Which is not clear from the file itself. The page referenced in extern/SfIO/read.me indicates SfIO is distributed under EPL but 1. The version from the page is different so strictly speaking there is no source saying the file we include is covered by EPL as well. 2. Nowhere in the downloaded tarball any license is mentioned, only the comment about containing code proprietary to ATT is there 3. Actually, the page doesn't even say SfIO is distributed under EPL, it just requests you to confirm you agree with EPL to allow you to download it. This is quite unfortunate as e.g. the version embedded in ksh sources explicitly mentions EPL and refers to URL where it can be found (and there is no mention of proprietary code, just a simple copyright notice). Michal Kubecek -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] extern/SfIO/include/stdio.h license problem - Email found in subject
On Wed, May 23, 2012 at 7:12 PM, Michal Kubecek m...@mk-sys.cz wrote: On Tue, May 22, 2012 at 05:24:27PM -0400, Leyne, Sean wrote: while reviewing Firebird 2.5 packages for OpenSuSE Factory, our legal team noticed that copyright notice on top of extern/SfIO/include/stdio.h claims that it contains certain software code or other information proprietary to ATT Corp. What is the problem with the FB packages having this file? I'm not sure it really is a problem but given the text on top of the file, I can't be sure it is OK either, especially when our legal team considers it to be bad enough to exclude it from OpenSuSE. This is why I wanted to discuss it in the list. (Yes, I too would prefer to live in a world where a developer doesn't need law school more then computer science.) The problem I see is that the source tarball contains a file claiming it contains a code proprietary to ATT and not referring to any license. For anyone who gets the tarball it means they don't now what they can or cannot do with it - and therefore with the source tree as a whole. There is no restriction on the distribution of the file. Which is not clear from the file itself. The page referenced in extern/SfIO/read.me indicates SfIO is distributed under EPL but 1. The version from the page is different so strictly speaking there is no source saying the file we include is covered by EPL as well. 2. Nowhere in the downloaded tarball any license is mentioned, only the comment about containing code proprietary to ATT is there 3. Actually, the page doesn't even say SfIO is distributed under EPL, it just requests you to confirm you agree with EPL to allow you to download it. This is quite unfortunate as e.g. the version embedded in ksh sources explicitly mentions EPL and refers to URL where it can be found (and there is no mention of proprietary code, just a simple copyright notice). In debian/ubuntu the files are removed https://launchpad.net/ubuntu/precise/+source/firebird2.5/+copyright * Removed sources with non-free/missing licensing The following files are removed as they contain only copyright information without any license allowing their distribution. Luckily, they are not needed when building on Debiian. - builds/install/arch-specific/solaris/ - src/install/arch-specific/solx86gcc/CS/postinstall.in - src/install/arch-specific/solx86gcc/CS/postremove.in - src/install/arch-specific/solx86gcc/CS/preinstall.in - src/msgs/templates.sql - extern/SfIO/ -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] extern/SfIO/include/stdio.h license problem - Email found in subject
On Wed, May 23, 2012 at 7:12 PM, Michal Kubecek wrote: I'm not sure it really is a problem but given the text on top of the file, I can't be sure it is OK either, especially when our legal team considers it to be bad enough to exclude it from OpenSuSE. This is why I wanted to discuss it in the list. (Yes, I too would prefer to live in a world where a developer doesn't need law school more then computer science.) The problem I see is that the source tarball contains a file claiming it contains a code proprietary to ATT and not referring to any license. For anyone who gets the tarball it means they don't now what they can or cannot do with it - and therefore with the source tree as a whole. I wonder why you don't ask about whether distribution of this file is ok directly in ATT?.. They claim rights on the file, so they know the answer for sure. -- WBR, SD. -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] extern/SfIO/include/stdio.h license problem
I wonder why you don't ask about whether distribution of this file is ok directly in ATT?.. When ATT had resources which were developing Unix it might have been possible to reach out to them. But given that is no longer the case, I think it more likely that we could raise Dennis Ritchie from the dead (Dennis Ritchie is father of C programming language, he died in October 2011) before we would get an answer from ATT. Sean -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] extern/SfIO/include/stdio.h license problem
23.05.2012 21:00, Leyne, Sean wrote: When ATT had resources which were developing Unix it might have been possible to reach out to them. But given that is no longer the case, I think it more likely that we could raise Dennis Ritchie from the dead (Dennis Ritchie is father of C programming language, he died in October 2011) before we would get an answer from ATT. In this case we can consider this file to be abandonware. -- WBR, SD. -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
Re: [Firebird-devel] extern/SfIO/include/stdio.h license problem - Email found in subject
Michael, while reviewing Firebird 2.5 packages for OpenSuSE Factory, our legal team noticed that copyright notice on top of extern/SfIO/include/stdio.h claims that it contains certain software code or other information proprietary to ATT Corp. What is the problem with the FB packages having this file? There is no restriction on the distribution of the file. Sean -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel