Re: ITP: kernel-patch-selinux
John == John Galt [EMAIL PROTECTED] writes: John First of all, I doubt that you're going to have too much John trouble getting a response from SElinux. They've been pretty John good on responding to their mailinglist I had sent in an informal request for clarification to the mailing list (and, after a mini-fiasco of not posting from the email address I was subscribed with, and reposting), and it has been forwarded to the lawyers in question (the ones who wanted the click through disclaimer). The post should be showing up on the SELinux list any time now. manoj -- Oh, and this is another kernel in that great and venerable BugFree(tm) series of kernels. So be not afraid of bugs, but go out in the streets and deliver this message of joy to the masses. Linus, in the announcement for 1.3.27 Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/%7Esrivasta/ 1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Re: ITP: kernel-patch-selinux
On Sat, Sep 22, 2001 at 05:36:26PM +0200, Russell Coker wrote: I intend to package the kernel patch for NSA Security Enhanced Linux. Below is all the details on licenses. My interpretation of the below license details (copied from the web site) is that the kernel patch is under the GPL and everything is fine. However is the issue about warranty exclusion etc which requires agreement before download going to force me to use non-free for my package? Wouldn't it be OK if you simply include WARRANTY EXCLUSION and LIMITATION Of LIABILITY clauses in debian/copyright ? [...] WARRANTY EXCLUSION I expressly understand and agree that this software is a non-commercially developed program that may contain bugs (as that term is used in the industry) and that it may not function as intended. The software is licensed as is. NSA makes no, and hereby expressly disclaims all, warranties, express, implied, statutory, or otherwise with respect to the software, including noninfringement and the implied warranties of merchantability and fitness for a particular purpose. LIMITATION OF LIABILITY In no event will NSA be liable for any damages, including loss of data, lost profits, cost of cover, or other special, incidental, consequential, direct or indirect damages arising from the software or the use thereof, however caused and on any theory of liability. This limitation will apply even if NSA has been advised of the possibility of such damage. I acknowledge that this is a reasonable allocation of risk. -- http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/projects.html Projects I am working on http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Eric VAN BUGGENHAUT Oh My God! They killed init! You Bastards! --from a /. post \_|_/ Andago \/ \/ Av. Santa Engracia, 54 a n d a g o |--E-28010 Madrid - tfno:+34(91)2041100 /\___/\ http://www.andago.com / | \ Innovando en Internet [EMAIL PROTECTED]
Re: ITP: kernel-patch-selinux
On Mon, 24 Sep 2001, Eric Van Buggenhaut wrote: On Sat, Sep 22, 2001 at 05:36:26PM +0200, Russell Coker wrote: I intend to package the kernel patch for NSA Security Enhanced Linux. Below is all the details on licenses. My interpretation of the below license details (copied from the web site) is that the kernel patch is under the GPL and everything is fine. However is the issue about warranty exclusion etc which requires agreement before download going to force me to use non-free for my package? Wouldn't it be OK if you simply include WARRANTY EXCLUSION and LIMITATION Of LIABILITY clauses in debian/copyright ? I'm afraid you can't simply do that without permission of the original authors. The reason you have to read this legal stuff before downloading is that you can't deny having read it afterwards. If this is packaged, you can do so. Lawyers won't like that... snip -- wouter dot verhelst at advalvas dot be Human knowledge belongs to the world -- From the movie Antitrust rm -rf /bin/laden
Re: ITP: kernel-patch-selinux
Russell Coker wrote: I intend to package the kernel patch for NSA Security Enhanced Linux. Below is all the details on licenses. My interpretation of the below license details (copied from the web site) is that the kernel patch is under the GPL and everything is fine. However is the issue about warranty exclusion etc which requires agreement before download going to force me to use non-free for my package? Note that http://www.nsa.gov/selinux/src-disclaim.html begins Before downloading this software... and is titled Legal Notices, not License (and has disclaim in the URL). I think that means that _you_ are required to agree before downloading from their site. Someone installing your Debian package is not downloading from their site and so has no need to read the notice. http://www.nsa.gov/selinux/license.html makes it very clear that the license terms are DFSG compliant. -- John Hasler [EMAIL PROTECTED] Dancing Horse Hill Elmwood, Wisconsin
Re: ITP: kernel-patch-selinux
First of all, I doubt that you're going to have too much trouble getting a response from SElinux. They've been pretty good on responding to their mailinglist: which, I might add, I see more than one Debian Developer has contributed to, yet you have not. It would behoove you to actually look as if you really cared before ITPing. Secondly, since Debian's warranty is no warranty, I fail to see how the expression of that in a license makes it non-free. Thirdly, isn't this a question for -legal? On Sat, 22 Sep 2001, Russell Coker wrote: I intend to package the kernel patch for NSA Security Enhanced Linux. Below is all the details on licenses. My interpretation of the below license details (copied from the web site) is that the kernel patch is under the GPL and everything is fine. However is the issue about warranty exclusion etc which requires agreement before download going to force me to use non-free for my package? I know I could ask upstream for clarification of this issue, however the NSA takes a long time to prepare public statements, and I imagine that things will take longer now than they would have a few weeks ago... License statement from http://www.nsa.gov/selinux/license.html : All source code found on this site is released under the same terms and conditions as the original sources. For example, the patches to the Linux kernel, patches to many existing utilities, and new programs and libraries available here are released under the terms and conditions of the GNU General Public License (GPL). The patches to some existing utilities and libraries available here are released under the terms and conditions of the BSD license. I downloaded the patch from http://www.nsa.gov/selinux/src-disclaim.html which has the following disclaimer: Before downloading this software, you must accept the warranty exclusion and limitation of liability which appears below. WARRANTY EXCLUSION I expressly understand and agree that this software is a non-commercially developed program that may contain bugs (as that term is used in the industry) and that it may not function as intended. The software is licensed as is. NSA makes no, and hereby expressly disclaims all, warranties, express, implied, statutory, or otherwise with respect to the software, including noninfringement and the implied warranties of merchantability and fitness for a particular purpose. LIMITATION OF LIABILITY In no event will NSA be liable for any damages, including loss of data, lost profits, cost of cover, or other special, incidental, consequential, direct or indirect damages arising from the software or the use thereof, however caused and on any theory of liability. This limitation will apply even if NSA has been advised of the possibility of such damage. I acknowledge that this is a reasonable allocation of risk. -- I can be immature if I want to, because I'm mature enough to make my own decisions. Who is John Galt? [EMAIL PROTECTED]
Re: ITP: kernel-patch-selinux
On Tue, 25 Sep 2001 00:12, John Galt wrote: First of all, I doubt that you're going to have too much trouble getting a response from SElinux. They've been pretty good on responding to their mailinglist: which, I might add, I see more than one Debian Developer has contributed to, yet you have not. It would behoove you to actually look as if you really cared before ITPing. I've read some of the archives, although they are incomplete and poorly indexed. Did you have a point with this or do you just want to write more flames and waste everyone's time as usual? Secondly, since Debian's warranty is no warranty, I fail to see how the expression of that in a license makes it non-free. They ask that people agree to conditions before download. We have no facilities for showing the conditions before downloading, they could potentially disagree with this. Thirdly, isn't this a question for -legal? I think this is now being handled adequately in private mail. A developer who has had prior contact with the NSA people is now dealing with the matter. On Sat, 22 Sep 2001, Russell Coker wrote: I intend to package the kernel patch for NSA Security Enhanced Linux. Below is all the details on licenses. My interpretation of the below license details (copied from the web site) is that the kernel patch is under the GPL and everything is fine. However is the issue about warranty exclusion etc which requires agreement before download going to force me to use non-free for my package? I know I could ask upstream for clarification of this issue, however the NSA takes a long time to prepare public statements, and I imagine that things will take longer now than they would have a few weeks ago... License statement from http://www.nsa.gov/selinux/license.html : All source code found on this site is released under the same terms and conditions as the original sources. For example, the patches to the Linux kernel, patches to many existing utilities, and new programs and libraries available here are released under the terms and conditions of the GNU General Public License (GPL). The patches to some existing utilities and libraries available here are released under the terms and conditions of the BSD license. I downloaded the patch from http://www.nsa.gov/selinux/src-disclaim.html which has the following disclaimer: Before downloading this software, you must accept the warranty exclusion and limitation of liability which appears below. WARRANTY EXCLUSION I expressly understand and agree that this software is a non-commercially developed program that may contain bugs (as that term is used in the industry) and that it may not function as intended. The software is licensed as is. NSA makes no, and hereby expressly disclaims all, warranties, express, implied, statutory, or otherwise with respect to the software, including noninfringement and the implied warranties of merchantability and fitness for a particular purpose. LIMITATION OF LIABILITY In no event will NSA be liable for any damages, including loss of data, lost profits, cost of cover, or other special, incidental, consequential, direct or indirect damages arising from the software or the use thereof, however caused and on any theory of liability. This limitation will apply even if NSA has been advised of the possibility of such damage. I acknowledge that this is a reasonable allocation of risk. -- http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/projects.html Projects I am working on http://www.coker.com.au/~russell/ My home page
