On Tue, May 22, 2012 at 05:24:27PM -0400, Leyne, Sean wrote:
> > while reviewing Firebird 2.5 packages for OpenSuSE Factory, our legal team
> > noticed that copyright notice on top of extern/SfIO/include/stdio.h claims
> > that it contains "certain software code or other information proprietary to
> > AT&T Corp."
>
> What is the problem with the FB packages having this file?
I'm not sure it really is a problem but given the text on top of the
file, I can't be sure it is OK either, especially when our legal team
considers it to be bad enough to exclude it from OpenSuSE. This is why
I wanted to discuss it in the list. (Yes, I too would prefer to live
in a world where a developer doesn't need law school more then computer
science.)
The problem I see is that the source tarball contains a file claiming it
contains a code proprietary to AT&T and not referring to any license.
For anyone who gets the tarball it means they don't now what they can or
cannot do with it - and therefore with the source tree as a whole.
> There is no restriction on the distribution of the file.
Which is not clear from the file itself. The page referenced in
extern/SfIO/read.me indicates SfIO is distributed under EPL but
1. The version from the page is different so strictly speaking there
is no source saying the file we include is covered by EPL as well.
2. Nowhere in the downloaded tarball any license is mentioned, only
the comment about "containing code proprietary to AT&T" is there
3. Actually, the page doesn't even say SfIO is distributed under EPL,
it just requests you to confirm you agree with EPL to allow you to
download it.
This is quite unfortunate as e.g. the version embedded in ksh sources
explicitly mentions EPL and refers to URL where it can be found (and
there is no mention of proprietary code, just a simple copyright notice).
Michal Kubecek
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
