1 |
On 18-06-2010 12:16, Alec Warner wrote: |
2 |
> On Fri, Jun 18, 2010 at 2:08 AM, Lars Wendler <polynomial-c@g.o> wrote: |
3 |
>> Am Freitag 18 Juni 2010, 03:42:29 schrieb Brian Harring: |
4 |
>>> On Thu, Jun 17, 2010 at 05:14:16PM -0500, Dale wrote: |
5 |
>>>> Lars Wendler wrote: |
6 |
>>>>> Am Mittwoch 16 Juni 2010, 14:45:21 schrieb Angelo Arrifano: |
7 |
>>>>>> On 16-06-2010 14:40, Jim Ramsay wrote: |
8 |
>>>>>>> Chí-Thanh Christopher Nguyễn<chithanh@g.o> wrote: |
9 |
>>>>>>>> One notable section is 7.6 in which Adobe reserves the right to |
10 |
>>>>>>>> download and install additional Content Protection software on the |
11 |
>>>>>>>> user's PC. |
12 |
>>>>>>> |
13 |
>>>>>>> Not like anyone will actually *read* the license before adding it to |
14 |
>>>>>>> their accept group, but if they did this would indeed be an important |
15 |
>>>>>>> thing of which users should be aware. |
16 |
>>>>>> |
17 |
>>>>>> I defend it is our job to warn users about this kind of details. To me |
18 |
>>>>>> it sounds that a einfo at post-build phase would do the job, what do |
19 |
>>>>>> you guys think? |
20 |
>>>>> |
21 |
>>>>> Definitely yes! This is a very dangerous snippet in Adobe's license |
22 |
>>>>> which should be pretty clearly pointed at to every user. |
23 |
>>>> |
24 |
>>>> Could that also include a alternative to adobe? If there is one. |
25 |
>>> |
26 |
>>> The place to advocate free alternatives (or upstreams that are |
27 |
>>> nonsuck) isn't in einfo messages in ebuilds, it's on folks blogs or at |
28 |
>>> best in metadata.xml... einfo should be "this is the things to watch |
29 |
>>> for in using this/setting it up" not "these guys are evil, use one of |
30 |
>>> the free alternatives!". |
31 |
|
32 |
Why? You are running a free and opensource operating system, what's |
33 |
wrong suggesting *other* free and opensource alternatives? You are just |
34 |
providing the user a choice, not to actually oblige him to install anything. |
35 |
|
36 |
Also, I'm pretty sure seeing nvidia-drivers suggesting the use of the |
37 |
kernel driver when using the hardened profile. |
38 |
>> |
39 |
>> Maybe I expressed myself a bit misinterpretative. I don't want to request an |
40 |
>> elog message telling users about alternative packages. But in my opinion an |
41 |
>> elog message pointing at the bald-faced parts of Adobe's license should be |
42 |
>> added. These parts about allowing Adobe to install further content protection |
43 |
>> software is just too dangerous in my opinion. |
44 |
> |
45 |
> I will ignore the technical portion where basically any binary on your |
46 |
> system; even binaries you compiled yourself have the ability to |
47 |
> 'install things you do not like' when run as root (and sometimes when |
48 |
> run as a normal user as well.) |
49 |
|
50 |
For all the years running Linux, I never found that case. |
51 |
> |
52 |
> The real meat here is that you want Gentoo to take some kind of stand |
53 |
> on particular licensing terms. I don't think this is a good |
54 |
> precedent[0] to set for our users. It presumes we will essentially |
55 |
> read the license in its entirety and inform users of the parts that we |
56 |
> think are 'scary.'[1] The user is the person who is installing and |
57 |
> running the software. The user is the person who should be reading |
58 |
> and agreeing with any licensing terms lest they find the teams |
59 |
> unappealing. I don't find it unreasonable to implement a tool as |
60 |
> Duncan suggested because it is not a judgement but a statement of |
61 |
> fact. "The license for app/foo has changed from X to Y. You should |
62 |
> review the changes accordingly by running <blah>" |
63 |
|
64 |
I'm the person who initially proposed warning users on elog. The initial |
65 |
proposal only states about: |
66 |
1) A warning about change of licensing terms. |
67 |
2) A warning that "additional Content Protection software" might be |
68 |
installed without users consent. |
69 |
|
70 |
In fact, portage already warns the users about bad coding practices, |
71 |
install of executables with runtime text relocations, etc.. How is this |
72 |
different? |
73 |
If me, as a user, didn't know about such detail (who reads software |
74 |
license agreements anyway?) and someday I hypothetically find a |
75 |
executable running without my permission as my user account and I'm able |
76 |
to associate it with Adobe's flash, I would be pissed off to no extent. |
77 |
And guess what? First thing I would *blame* is flash maintainers. |
78 |
I expect package maintainers to be more familiar with the packages they |
79 |
maintain than me. As consequence, I expect them to advice me about |
80 |
non-obvious details on those packages. At least that's what I try to do |
81 |
on the packages I maintain. |
82 |
GNU/Linux is all about choice. Stating, during install, that a package |
83 |
might later install additional stuff will just provide a choice to the |
84 |
user, not conditioning it. |
85 |
|
86 |
Regards, |
87 |
- Angelo |
88 |
> |
89 |
> [0] There is an existing precedent for reading the license and |
90 |
> ensuring Gentoo itself is not violating the license by distributing |
91 |
> said software. Gentoo takes measures to reduce its own liability in |
92 |
> case a lawsuit arises; however this is a pretty narrow case. |
93 |
> [1] The other bad part here is that 'scary' is itself a judgement call |
94 |
> about licensing terms. I do not want to have arguments with users |
95 |
> about which terms I should have to warn them about versus not. Users |
96 |
> should (ideally) be reading the software licenses for software they |
97 |
> choose to use. |
98 |
> |
99 |
> -A |
100 |
> |
101 |
>> |
102 |
>>> Grok? |
103 |
>>> |
104 |
>>> ~harring |
105 |
>> |
106 |
>> -- |
107 |
>> Lars Wendler (Polynomial-C) |
108 |
>> Gentoo developer and bug-wrangler |
109 |
>> |
110 |
>> |
111 |
> |