OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Crispin Cowan (crispinwirex.com)
Date: Wed May 09 2001 - 18:27:09 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    williamelan.net wrote:

    > I did not say that you can not charge for distribution of the binaries,
    > BSD and apache and many others do allow to charge for distribution. What I
    > said is that you have to make source code available and I believe you may
    > not change licensing even for BSD binaries unless you distribute them as
    > different program

    That is not my understanding of the BSD license. Are you sure you aren't confusing multiple
    licenses? E.g. BSDI UNIX is not free; you pay a LOT per copy for binary-only systems.

    > (and for apache since you are distributing it as apache,
    > you definetly may not put it under Immunix Commercial license).

    You keep saying that, but we haven't asserted anything about the status of the Apache
    package. The Apache license clearly has some interesting restrictions in it, and we'll be
    sure to be careful of them.

    > Also in previous post you said that you do not make "proprietary" claims
    > on Artistic licensed packages. But several packages listed in COPYING
    > file, for example shadow suite are under such license.

    That was not my intent. I constructed that list by inspecting licenses and looking for BSD.
    Can you point out the packages that you feel are inapropriately included in the COPYING list?

    > You're working a very very fine line when you try to put your own license
    > on binary packages and claim them to be "proprietary" only because you'v
    > recompiled them.

    It's certainly unusual. But it's equally unusual to have a value-added compiler. Had we gone
    through the BSD code, adding StackGuard-like integrity checks by hand, no one would dispute
    it. We did it using a tool, which we also GPL'd, so you can do it to. I don't see the big
    deal.

    > Nobody is arguing that you have the right to charge a fee
    > for distribution of these packages and can put your own LICENSE for entire
    > distribution as a whole, but putting your own license for binaries when
    > souce code is clearly not under your own copyright is not right.

    Proprietary binaries is standard operating procedure for BSD-licensed code. It is clearly a
    violation for GPL'd code, so we don't do it. It's an open question for other licenses, and
    I'm still investigating.

    Crispin 

    --
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc. http://wirex.com
Security Hardened Linux Distribution:       http://immunix.org

    _______________________________________________
Immunix-users mailing list
Immunix-usersmail.wirex.com
http://mail.wirex.com/mailman/listinfo/immunix-users