Re: web hosting providers' modified .debs
* Arnoud Engelfriet: Florian Weimer wrote: | You may make, run and propagate covered works that you do not | convey, without conditions so long as your license otherwise remains | in force. You may convey covered works to others for the sole purpose | of having them make modifications exclusively for you, or provide you | with facilities for running those works, provided that you comply with | the terms of this License in conveying all material for which you do | not control copyright. Those thus making or running the covered works | for you must do so exclusively on your behalf, under your direction | and control, on terms that prohibit them from making any copies of | your copyrighted material outside their relationship with you. This was put into the license at the very last moment. Maybe it does not apply to the Dreamhost case, but I think it does apply to appliances like the Tivo, and especially to customer premises equipment given to To me the clause reads like a work-for-hire or have-made clause. I think you missed the or provide you with facilities for running those works. It's not just about programmers. you by our ISP (which are a common source of alleged GPLv2 violations). Tivo (or the ISP) only needs to make sure that there's a contract that stipulates that you provide electrical power and connectivity to the device, so you perform a service for them, and voil?, they don't need to provide source code anymore. In a Tivo or ISP situation the ISP does not have its customers make modifications exclusively for the ISP. I really don't see how this clause would apply to an ISP or to Tivo. See above, you provide electricity and rack space to the ISP router, which is prov[ing] [the ISP] with facilities for running those works (i.e., the operating system on the router). -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
Florian Weimer wrote: | You may make, run and propagate covered works that you do not | convey, without conditions so long as your license otherwise remains | in force. You may convey covered works to others for the sole purpose | of having them make modifications exclusively for you, or provide you | with facilities for running those works, provided that you comply with | the terms of this License in conveying all material for which you do | not control copyright. Those thus making or running the covered works | for you must do so exclusively on your behalf, under your direction | and control, on terms that prohibit them from making any copies of | your copyrighted material outside their relationship with you. This was put into the license at the very last moment. Maybe it does not apply to the Dreamhost case, but I think it does apply to appliances like the Tivo, and especially to customer premises equipment given to To me the clause reads like a work-for-hire or have-made clause. If a company needs private modifications made to a GPLv3 work, it may need to hire a third-party programmer. Giving this programmer the (possibly already modified) source code normally constitutes conveyance, so the programmer would be free to publish the source code. To avoid that situation, this clause says that the company can sign an NDA with the programmer and then give him the source. The programmer then can make the requested modifications and give them to the company, but is not allowed to publish the source he received or the modifications he made. you by our ISP (which are a common source of alleged GPLv2 violations). Tivo (or the ISP) only needs to make sure that there's a contract that stipulates that you provide electrical power and connectivity to the device, so you perform a service for them, and voil?, they don't need to provide source code anymore. In a Tivo or ISP situation the ISP does not have its customers make modifications exclusively for the ISP. I really don't see how this clause would apply to an ISP or to Tivo. Arnoud -- Arnoud Engelfriet, Dutch European patent attorney - Speaking only for myself Patents, copyright and IPR explained for techies: http://www.iusmentis.com/ Arnoud blogt nu ook: http://blog.iusmentis.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
FW GPLv3 makes it pretty clear that Dreamhost can take your rights away So all that effort of writing Free Software and the result is there is Johnny, sitting at the shell prompt, unable to see the source code to anything behind it if they decide to close it. Yes, I find the bring-yourself-into-slavery clause extremely discomforting, too: | You may make, run and propagate covered works that you do not | convey, without conditions so long as your license otherwise remains | in force. You may convey covered works to others for the sole purpose | of having them make modifications exclusively for you, or provide you | with facilities for running those works, provided that you comply with | the terms of this License in conveying all material for which you do | not control copyright. Those thus making or running the covered works | for you must do so exclusively on your behalf, under your direction | and control, on terms that prohibit them from making any copies of | your copyrighted material outside their relationship with you. This was put into the license at the very last moment. Maybe it does not apply to the Dreamhost case, but I think it does apply to appliances like the Tivo, and especially to customer premises equipment given to you by our ISP (which are a common source of alleged GPLv2 violations). Tivo (or the ISP) only needs to make sure that there's a contract that stipulates that you provide electrical power and connectivity to the device, so you perform a service for them, and voilĂ , they don't need to provide source code anymore.
Re: web hosting providers' modified .debs
Arnoud Engelfriet [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Florian Weimer wrote: | You may make, run and propagate covered works that you do not | convey, without conditions so long as your license otherwise remains | in force. You may convey covered works to others for the sole purpose | of having them make modifications exclusively for you, or provide you | with facilities for running those works, provided that you comply with | the terms of this License in conveying all material for which you do | not control copyright. Those thus making or running the covered works | for you must do so exclusively on your behalf, under your direction | and control, on terms that prohibit them from making any copies of | your copyrighted material outside their relationship with you. This was put into the license at the very last moment. Maybe it does not apply to the Dreamhost case, but I think it does apply to appliances like the Tivo, and especially to customer premises equipment given to To me the clause reads like a work-for-hire or have-made clause. If a company needs private modifications made to a GPLv3 work, it may need to hire a third-party programmer. Giving this programmer the (possibly already modified) source code normally constitutes conveyance, so the programmer would be free to publish the source code. It also is intended to cover giving a copy of the code to your hosting provider for them to run on your behalf (the or provide you with facilities for running those works part). However, that part could indeed be read in such a way as to create a loophole. One case where this would be a bit more clear is if by default the Tivo box did not contain any GPL'ed code, but still had the key restriction thing. Once you have the device plugged in, Tivo makes an arrangement with you to run the code on the device on their behalf. That would likely be allowed under a strict interpretation. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
\John Halton\ [EMAIL PROTECTED] wrote: On Jan 25, 2008 9:07 AM, Arnoud Engelfriet [EMAIL PROTECTED] wrote: My first question would be whether those files would contain sufficient creative expression to qualify for copyright protection. If they don't (and I am not sure something like /etc/make.conf is 'creative'), then GPLv3 cannot apply to those files. Not all jurisdictions require creative expression for copyright protection. The UK, for example, only requires a work to be original - i.e. not copied. [...] I think that's a bit *too* broad. I'm pretty sure that I've been told by lawyers at seminars that it has to pass some (low) effort threshold to sustain copyright. The main legislation (Copyright Designs and Patents Act 1988) seems not to cover this and I found [2005] EWCA Civ 565 saying:- 33. The essential elements of originality were expounded by the House of Lords over century ago in Walter v. Lane [1900] AC 539, a decision on the Copyright Act 1842. It remains good law: Express Newspapers plc v. News (UK) Ltd [1990] FSR 359 at 365-366. The House of Lords held that copyright subsisted in shorthand writers' reports of public speeches as original literary works. [...] so I suspect this comes from case law. However, I also think some of those configs are going to be subject to copyright in English law, though; but that unless dreamhost are considered to be releasing the binaries, there's no obligation to offer source. It might be a milder variation on the CD-stealer FAQ at http://www.fsf.org/licensing/licenses/gpl-faq.html#StolenCopy so it might be worth asking [EMAIL PROTECTED] If they are in breach of the licence, it needs one of the package copyright holders to act, not debian-legal, although subscribers may help identify the copyright holders, offer explanations and assistance. Hope that helps, -- MJR/slef My Opinion Only: see http://people.debian.org/~mjr/ Please follow http://www.uk.debian.org/MailingLists/#codeofconduct -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
FW GPLv3 makes it pretty clear that Dreamhost can take your rights away So all that effort of writing Free Software and the result is there is Johnny, sitting at the shell prompt, unable to see the source code to anything behind it if they decide to close it. Yes, I find the bring-yourself-into-slavery clause extremely discomforting, too: | You may make, run and propagate covered works that you do not | convey, without conditions so long as your license otherwise remains | in force. You may convey covered works to others for the sole purpose | of having them make modifications exclusively for you, or provide you | with facilities for running those works, provided that you comply with | the terms of this License in conveying all material for which you do | not control copyright. Those thus making or running the covered works | for you must do so exclusively on your behalf, under your direction | and control, on terms that prohibit them from making any copies of | your copyrighted material outside their relationship with you. This was put into the license at the very last moment. Maybe it does not apply to the Dreamhost case, but I think it does apply to appliances like the Tivo, and especially to customer premises equipment given to you by our ISP (which are a common source of alleged GPLv2 violations). Tivo (or the ISP) only needs to make sure that there's a contract that stipulates that you provide electrical power and connectivity to the device, so you perform a service for them, and have no right to the source code under the GPLv3, unless you are explicitly granted access to the binaries. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
On Jan 24, 2008 10:48 PM, Ken Arromdee [EMAIL PROTECTED] wrote (off-list): Maybe I'm missing someone, but in this scenario, isn't it the user who logs in, not the administrator, making the copy? The administrator wouldn't be conveying anything since he's not copying. The user is distributing someone else's software to himself, which might be illegal, but would not obligate the administrator. The definition of propagate in GPL v.3 is quite broad, and includes not only copying but making available to the public and so on. So the administrator will almost certainly be propagating the work. Propagation in itself does not lead to any need to provide the source. That obligation applies where the propagation takes the form of conveying, which means any kind of propagation that enables other parties to make or receive copies. Again, this is much broader than just being the one who does the copying. So if the admin makes the binary accessible by means of a remote shell, then they're propagating the binary. If they make it possible for users to create copies of that binary then they are conveying, and this means they need to make the source available. (Unless you want to argue that the administrator, merely by leaving the file readable, is encouraging the users to copy it. Which leads to absurd results in other cases.) As outlined above, the definition of conveying does not require the admin to *encourage* users to copy it, merely to enable them to do so. John (TINLA) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
On Jan 25, 2008 12:07 AM, Matthew Johnson [EMAIL PROTECTED] wrote: You can execute things you cannot read: $ ls -l /bin/ls ---x--x--x 1 root root 77352 2007-01-30 18:51 /bin/ls Thanks. I stand corrected. However, presumably for many programs licensed under GPL v.3 there will be a number of associated non-executable files (e.g. under /etc) for which read permissions need to remain in place. If you have a GPLed package, I'm not sure what the implications are of conveying the non-executable files while merely propagating (without conveying) the binaries. John (TINLA) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
John Halton wrote: However, presumably for many programs licensed under GPL v.3 there will be a number of associated non-executable files (e.g. under /etc) for which read permissions need to remain in place. If you have a GPLed package, I'm not sure what the implications are of conveying the non-executable files while merely propagating (without conveying) the binaries. My first question would be whether those files would contain sufficient creative expression to qualify for copyright protection. If they don't (and I am not sure something like /etc/make.conf is 'creative'), then GPLv3 cannot apply to those files. The next question would be how you determine from a file in /etc what the Program is as GPLv3 defines it. You could argue that /etc/make.conf is a separate work (if creative) that is part of a collective work called 'make'. Since I'm entitled to remove parts from a GPLv3 work and convey only the remaining parts, I don't see anything unlawful about offering execute-only access to a binary and read access to the manpage and/or configuration files. Arnoud -- Arnoud Engelfriet, Dutch European patent attorney - Speaking only for myself Patents, copyright and IPR explained for techies: http://www.iusmentis.com/ Arnoud blogt nu ook: http://blog.iusmentis.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
On Jan 25, 2008 9:07 AM, Arnoud Engelfriet [EMAIL PROTECTED] wrote: My first question would be whether those files would contain sufficient creative expression to qualify for copyright protection. If they don't (and I am not sure something like /etc/make.conf is 'creative'), then GPLv3 cannot apply to those files. Not all jurisdictions require creative expression for copyright protection. The UK, for example, only requires a work to be original - i.e. not copied. So I think we have to assume that at least *some* of those files are going to be protected. And most of the material under /usr/share or /usr/doc will certainly be protected by copyright. The next question would be how you determine from a file in /etc what the Program is as GPLv3 defines it. You could argue that /etc/make.conf is a separate work (if creative) that is part of a collective work called 'make'. Yes - part of the problem is that the GPL does not clearly define what the work means. Since I'm entitled to remove parts from a GPLv3 work and convey only the remaining parts, I don't see anything unlawful about offering execute-only access to a binary and read access to the manpage and/or configuration files. Good point. I agree. John (TINLA) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
Just curious, e.g., dreamhost.com modifies Debian .debs to produce their hosting environment, which we Dreamhost users then use on our shell accounts there. If I can do $ cat file then I should always also be able to cat the source (.deb) to that same cat, no? (I can at present.) It's ambigous in the GPLv2. The GPLv3 makes it pretty clear that Dreamhost can take your rights on that software away (read: you aren't even allowed to copy the binaries[1]), and does not have to provide source code in this case. Only if they allow you to copy the binaries, they are forced to provide source code as well. [1] This doesn't have to be enforced by the file system. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
FW GPLv3 makes it pretty clear that Dreamhost can take your rights away So all that effort of writing Free Software and the result is there is Johnny, sitting at the shell prompt, unable to see the source code to anything behind it if they decide to close it. I bet the same goes with OLPC then. Also probably: Hey kids, we here at Gooble Corp. have so many extra computers lying around, we've decided to offer you all shell accounts using the famous Debian GNU/Linux operating system plus our bonus tweaks! So just connect to our computers instead of having to go out and buy a computer of your own and install all that mess. We here at Gooble know how confusing source code is, and that is why we are making every effort to never let you see it again, accidentally or otherwise. Use computers some old fashioned way? Why bother! Get with the G-program! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
[EMAIL PROTECTED] writes: [hypothetically] We here at Gooble know how confusing source code is, and that is why we are making every effort to never let you see it again, accidentally or otherwise. People who are swayed by this will ignore the freedom of the software they use in any case. Why do you see this as a special danger? -- \ Simplicity and elegance are unpopular because thy require hard | `\work and discipline to achieve and education to be | _o__)appreciated. -- Edsger Dijkstra | Ben Finney -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
On Fri, 25 Jan 2008, John Halton wrote: Maybe I'm missing someone, but in this scenario, isn't it the user who logs in, not the administrator, making the copy? The administrator wouldn't be conveying anything since he's not copying. The user is distributing someone else's software to himself, which might be illegal, but would not obligate the administrator. The definition of propagate in GPL v.3 is quite broad, and includes not only copying but making available to the public and so on. So the administrator will almost certainly be propagating the work. I still don't think so. To propagate a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. Not all kinds of making available are propagation. It's only propagation if making it available would, without permission, make you liable for infringement. Merely leaving a readable file where someone can copy it doesn't make you liable for infringement. (Imagine the situation where the software isn't GPL. If I lend you my laptop, that doesn't make me liable for infringement just because the copy of Microsoft Windows on it is readable and could be copied.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
Ken Arromdee wrote: To propagate a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. Is that second sentence intended to be declarative or explanatory? The part making available to the public would seem to cover the situation with a world-readable /bin/ls, assuming that users on the system fall under public. doesn't make you liable for infringement. (Imagine the situation where the software isn't GPL. If I lend you my laptop, that doesn't make me liable for infringement just because the copy of Microsoft Windows on it is readable and could be copied.) But if it *were* copied, wouldn't that make you secondarily liable under the MGM/Grokster doctrine? Arnoud -- Arnoud Engelfriet, Dutch European patent attorney - Speaking only for myself Patents, copyright and IPR explained for techies: http://www.iusmentis.com/ Arnoud blogt nu ook: http://blog.iusmentis.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
On Jan 24, 2008 7:41 AM, Arnoud Engelfriet [EMAIL PROTECTED] wrote: This is actually a very intriguing question. If I have a shell account on someone's computer, and I can copy a binary that resides somewhere in /bin (or wherever), is the work being distributed to me? toad:~ ls -l /bin/ls -r-xr-xr-x 1 root wheel 29624 Jan 15 04:30 /bin/ls* toad:~ cp /bin/ls myls toad:~ Can I now demand the source to /bin/ls from the administrators of 'toad'? That is indeed an intriguing question. Within the GPL language of distribution, it's probably a little unclear. However, GPL v.3 would appear to be a little tighter on the issue: - To propagate a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To convey a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. - It seems clear enough that the administrators of toad are propagating /bin/ls. And that propagation is one that enables other parties to make or receive copies. Nor is this mere interaction ... with no transfer of a copy - *running* /bin/ls would fit this category, but making a copy of /bin/ls in your home directory is a different matter. So this would seem to be conveying within the meaning of GPL v.3, and thus will fall within clause 6 of GPL v.3, Conveying Non-Source Forms. John (TINLA) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
On Thu Jan 24 11:37, John Halton wrote: It seems clear enough that the administrators of toad are propagating /bin/ls. And that propagation is one that enables other parties to make or receive copies. Nor is this mere interaction ... with no transfer of a copy - *running* /bin/ls would fit this category, but making a copy of /bin/ls in your home directory is a different matter. So this would seem to be conveying within the meaning of GPL v.3, and thus will fall within clause 6 of GPL v.3, Conveying Non-Source Forms. So, do we need to have the sources all installed on our shell hosts? or a written offer good for three years to provide the source? Maybe having a deb-src line is good enough since users can run apt-get source? Matt -- Matthew Johnson signature.asc Description: Digital signature
Re: web hosting providers' modified .debs
On Jan 24, 2008 11:41 AM, Matthew Johnson [EMAIL PROTECTED] wrote: On Thu Jan 24 11:37, John Halton wrote: It seems clear enough that the administrators of toad are propagating /bin/ls. And that propagation is one that enables other parties to make or receive copies. Nor is this mere interaction ... with no transfer of a copy - *running* /bin/ls would fit this category, but making a copy of /bin/ls in your home directory is a different matter. So this would seem to be conveying within the meaning of GPL v.3, and thus will fall within clause 6 of GPL v.3, Conveying Non-Source Forms. So, do we need to have the sources all installed on our shell hosts? or a written offer good for three years to provide the source? That does sound a bit excessive, I agree. But it's difficult to see how this can be avoided, unless you make it impossible to transfer files from users' home directories on toad to their own local systems. If you were to do that, then arguably no conveying would occur as an copying would be done on a remote system as mere interaction over a computer network. But I'm guessing that prohibiting file transfers in this way would create rather more problems than it would solve! A contrary interpretation - that this is not conveying - would leave a massive loophole in the GPL, because you could say, We are not going to distribute our modified software directly. No, instead we're going to give people shell access by which they can then copy the software to their remote home directory and thence to their own local system. That said, I would be *delighted* if someone can show me where I've gone wrong in my analysis. I don't claim to be a world expert on GPL v.3! Maybe having a deb-src line is good enough since users can run apt-get source? Clause 6(d) of GPL allows the source to be made available in this way, so I assume that would be fine. However, you would need to ensure the relevant details were given next to the object code, whatever *that* means (a README for every affected file in /bin? i.e. /bin/ls.README etc? ***shudder***). John (TINLA) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
Matthew Johnson wrote: On Thu Jan 24 11:37, John Halton wrote: It seems clear enough that the administrators of toad are propagating /bin/ls. And that propagation is one that enables other parties to make or receive copies. Nor is this mere interaction ... with no transfer of a copy - *running* /bin/ls would fit this category, but making a copy of /bin/ls in your home directory is a different matter. So this would seem to be conveying within the meaning of GPL v.3, and thus will fall within clause 6 of GPL v.3, Conveying Non-Source Forms. So, do we need to have the sources all installed on our shell hosts? or a written offer good for three years to provide the source? Perhaps a simple way to avoid this is to simply 'chmod g-r' the executables in question. With only execute permission a mortal user cannot copy the binary, so there's no propagation going on. If the system has a world-readable /usr/src with full sources, I would argue that satisfies any obligation to make source available. Arnoud -- Arnoud Engelfriet, Dutch European patent attorney - Speaking only for myself Patents, copyright and IPR explained for techies: http://www.iusmentis.com/ Arnoud blogt nu ook: http://blog.iusmentis.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
Dear legal beagles, all I know is if one day I couldn't do [EMAIL PROTECTED] dpkg -l apt-get --print-uris ... wget ... to examine the .debs that were Debian debs but slightly modified by Dreamhost (or other such web host), well that would mean the whole Free Software concept had come to a grinding halt. I.e., Junior is sitting at the prompt using $ emacs ...; grep ... but no longer able to see the source of what he is using. Yes he could go to gnu.org or debian.org and see some progenitor versions, but not the source of what he is using, despite all the Copyleft labels still visible in them using strings(1). So Dear legal beagles, please close this loophole, if any. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
On Fri, Jan 25, 2008 at 03:33:34AM +0800, [EMAIL PROTECTED] wrote: So Dear legal beagles, please close this loophole, if any. As outlined previously in the discussion, I don't think there *is* a loophole here. Anyone using GPL v.3 software (which includes almost all GNU software issued since GPL v.3 was introduced) to provide remote shell access appears to be bound by GPL v.3 to provide the source, whether they have modified that software or otherwise. At least, that's my take, and no-one has yet put forward a counter-argument on this thread. So there is no loophole, but equally there is probably a very high rate of non-compliance, which is a different matter. John (TINLA) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
[EMAIL PROTECTED] writes: So Dear legal beagles, please close this loophole, if any. To remove this misapprehension: debian-legal is a discussion forum only. We have no special power to *change* license terms. If there's a loophole, all we can do is expose it. Addressing the loophole will be for those who have the power to change the license terms on the specific work you're interested in. -- \ Eccles: I just saw the Earth through the clouds! Lew: Did | `\ it look round? Eccles: Yes, but I don't think it saw me. | _o__) -- The Goon Show, _Wings Over Dagenham_ | Ben Finney -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
John Halton [EMAIL PROTECTED] writes: That said, I would be *delighted* if someone can show me where I've gone wrong in my analysis. I don't claim to be a world expert on GPL v.3! Here's a 2003 debian-legal discussion about the ASP loophole: URL:http://lists.debian.org/debian-legal/2003/03/msg00755.html -- \ Pinky, are you pondering what I'm pondering? I think so, | `\ Brain, but what if the hippopotamus won't wear the beach | _o__)thong? -- _Pinky and The Brain_ | Ben Finney -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
On Fri, Jan 25, 2008 at 08:26:19AM +1100, Ben Finney wrote: Here's a 2003 debian-legal discussion about the ASP loophole: URL:http://lists.debian.org/debian-legal/2003/03/msg00755.html Thanks. The distinction here is that in the classic ASP loophole situation you are accessing the software through a web browser or other intermediary means, which prevents you from getting direct access to the executable: it is mere interaction over a computer network, with transfer of a copy, as GPL v.3 puts it. A remote shell is a different matter. This isn't just access through a web browser; it is direct access to the executable in a manner not wildly dissimilar to accessing a local file through a shell, and indeed access in a way that will usually allow the user to create a copy of the executable either on the remote system and/or their local system. Hence the first scenario, if considered to be a problem requiring a solution, leads to the Affero GPL. The second scenario is, I would argue, already covered by the regular GPL. (Incidentally, I'm assuming that the earlier suggestion of removing the read permissions for users wouldn't work, because they wouldn't be able to execute the binaries without read as well as execute privileges. Is that correct?) John (TINLA) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
On Thu Jan 24 22:02, John Halton wrote: On Fri, Jan 25, 2008 at 08:26:19AM +1100, Ben Finney wrote: Here's a 2003 debian-legal discussion about the ASP loophole: URL:http://lists.debian.org/debian-legal/2003/03/msg00755.html (Incidentally, I'm assuming that the earlier suggestion of removing the read permissions for users wouldn't work, because they wouldn't be able to execute the binaries without read as well as execute privileges. Is that correct?) You can execute things you cannot read: $ ls -l /bin/ls ---x--x--x 1 root root 77352 2007-01-30 18:51 /bin/ls Matt -- Matthew Johnson signature.asc Description: Digital signature
web hosting providers' modified .debs
Just curious, e.g., dreamhost.com modifies Debian .debs to produce their hosting environment, which we Dreamhost users then use on our shell accounts there. If I can do $ cat file then I should always also be able to cat the source (.deb) to that same cat, no? (I can at present.) Yes I read that Affero news, but am not sure it is relevant. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
[EMAIL PROTECTED] writes: Just curious, e.g., dreamhost.com modifies Debian .debs to produce their hosting environment, which we Dreamhost users then use on our shell accounts there. If I can do $ cat file then I should always also be able to cat the source (.deb) to that same cat, no? (I can at present.) I'm not sure what you're asking. I *think* you're asking about whether Dreamhost are obligated to provide the source code of their modified operating system to you, and I'll answer based on that assumption. The answer depends on whether Dreamhost are, under the relevant jurisdiction, distributing the modified work to you. It could be argued that they are not: they are merely using the modified work, and allowing you to access a machine they own; thus, the modified work is not distributed to you, so no obligation is triggered to give you access to the corresponding source. Of course, there is a sense in which Dreamhost *is* distributing the modified work to you, but I'm pretty sure no jurisdiction's copyright law would see it that way. This is the Application Service Provider (ASP) loophole, which the Affero GPL is intended to close (on works to which the Affero GPL is applied). I'm pretty sure there is no existing judgement that holds an act like that of Dreamhost is an act of distribution of a modified work. I don't know of any jurisdiction where it would be so. I hope that helps. If your question was about something else, please clarify so we can give a better answer. -- \ If life deals you lemons, why not go kill someone with the | `\ lemons (maybe by shoving them down his throat). -- Jack Handey | _o__) | Ben Finney -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: web hosting providers' modified .debs
Ben Finney wrote: The answer depends on whether Dreamhost are, under the relevant jurisdiction, distributing the modified work to you. It could be argued that they are not: they are merely using the modified work, and allowing you to access a machine they own; thus, the modified work is not distributed to you, so no obligation is triggered to give you access to the corresponding source. This is actually a very intriguing question. If I have a shell account on someone's computer, and I can copy a binary that resides somewhere in /bin (or wherever), is the work being distributed to me? toad:~ ls -l /bin/ls -r-xr-xr-x 1 root wheel 29624 Jan 15 04:30 /bin/ls* toad:~ cp /bin/ls myls toad:~ Can I now demand the source to /bin/ls from the administrators of 'toad'? Probably it's more in the making available category of copyright infringement. Arnoud -- Arnoud Engelfriet, Dutch European patent attorney - Speaking only for myself Patents, copyright and IPR explained for techies: http://www.iusmentis.com/ Arnoud blogt nu ook: http://blog.iusmentis.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
