Diego Iastrubni wrote:

> Hi all,
>
>
> For all those who are still living in a bobble, vmware released some
> months ago "free at no cost" applications which only play the good old
> vmware images, for Linux, Windows and Mac. They also provide a lot of
> images for most of your favorite Linux distros. It seems they are
> afraid of qemu... :)
>
>
> I am trying to play with some of those cool toys (allek cool....
> crapiest Linux installation, and cripple on windows...), and I found a
> few of those Linux images on the net.
>
>
> Now, the software on those images is GPL, which means they should
> provide the sources of those applications (kde, xorg, Linux.... etc)
> or point to a location in which the sources is available. Well, no
> problem, those are standard installations of standard distros. But,
> still it's not possible to reproduce those images, without paying them
> money.

Them, or Microsoft.

VMWare player will play images created with either VMWare Workstation,
or with Virtual PC (today a Microsoft program). Yes, you need one of
these two tools in order to create an image, just like you need to buy
Microsoft Visual Studio in order to recompile xeyes for windows
(http://shemesh.biz/code/xeyes-1.0.zip). I think it falls squarely under
the "build tool" umbrella (which is also the reason this is not a GPL
violation).

> How to make new images for this tool...? (evaluating other vmware
> products...?)

Either buy VMWare Workstation (about 199$), get an evaluation (if 30
days are enough for what you want to do), or use Virtual PC (if you have
MSDN or buy the program).

> Now a more theoretical question. Lets say, I write an extreamly cool
> application.... but it can be compiled with my own language, which I
> do not provide specs, and I do not give a "free at no cost" tool for
> compiling applications for it. Now, I also release the source of the
> application (in my very uncool language) under the terms of the GPL.
>
>
> How the hell does the GPL help me here...?

Why should it help you? You are the sole copyright holder, aren't you?

> I still have no way to really trust that application....

See Muli's reply for trusting applications. I'll just mention that
unless you have the resources to evaluate each and every line of code of
each and every application you use, and compile it all yourself (i.e. -
you are the NSA), there really is no way for you to trust any
application at all. If you follow Muli's link, you will see that even if
you do scan each and every line of code, you can still not trust your
application completely. This particular risk, at least, can be minimized
by cross-compiling using several build tools from several vendors. In
order for your build to remain not-completely trusted, all compilers
used within the process must have been rooted with the same override,
which is impractical.

I'll give another strange example of an apparent conflict. If you belive
the FSF's FAQ, a GPLed application that links with libraries that are
licensed under a non-GPL compatible license (even if it's free) require
special exception for you to be able to compile them. Personally, I
don't think that claim will hold water, but let's assume for the moment
that it is true.

So, you have an application licensed under the GPL. For the sake of
discussion, let's call it "rsyncrypto". It has a single copyright
holder. Let's give it the code name "Lingnu". This application is linked
with a library which is licensed incompatibly with the GPL. Again, as an
abstract and hypothetical example, let's call it "OpenSSL". If we accept
FSF's interpretation, Lingnu are allowed to compile rsyncrypto (as it is
impossible for the copyright holder to be in violation of the copyright
license), and give you the code for rsyncrypto, but you may not compile
it yourself! At least, not unmodified.

Does that mean that the GPL license on rsyncrypto is meaningless? It's
hard for me to answer this, as it is my view that you are not forbidden
from compiling it yourself, but I think that even if that absured
restriction holds, the code is still not meaningless. While you may not
be allowed to compile the unmodified version yourself, you are allowed
to modify rsyncrypto so that it does not require openssl any more. When
that's done, you get a 100% GPL program. Assuming rsyncrypto does
something interesting beyond what openssl does, you still get a program
worth running.

As I'm headed back to our fine military reserve duty, I will not be able
to answer any of your inquieries regarding why I think the FSF is wrong.
To leave you some food for thought, I will point you to the rsyncrypto
license
(http://cvs.sourceforge.net/viewcvs.py/rsyncrypto/rsyncrypto/COPYING?view=markup),
which clarifies my position on the matter.

          Shachar

-- 
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html


=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

Reply via email to