Gentoo Archives: gentoo-dev

From: "Domen Kožar" <domen@×××.si>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] Adding AdobeFlash-10{,.1} licenses to EULA group
Date: Wed, 23 Jun 2010 18:41:46
Message-Id: 1277318470.5556.0.camel@oblak
In Reply to: Re: [gentoo-dev] Adding AdobeFlash-10{,.1} licenses to EULA group by Angelo Arrifano
This should probably be updated:

http://www.gentoo.org/doc/en/gentoo-amd64-faq.xml#flash

On Fri, 2010-06-18 at 15:58 +0200, Angelo Arrifano wrote:
> On 18-06-2010 12:16, Alec Warner wrote: > > On Fri, Jun 18, 2010 at 2:08 AM, Lars Wendler <polynomial-c@g.o> wrote: > >> Am Freitag 18 Juni 2010, 03:42:29 schrieb Brian Harring: > >>> On Thu, Jun 17, 2010 at 05:14:16PM -0500, Dale wrote: > >>>> Lars Wendler wrote: > >>>>> Am Mittwoch 16 Juni 2010, 14:45:21 schrieb Angelo Arrifano: > >>>>>> On 16-06-2010 14:40, Jim Ramsay wrote: > >>>>>>> Chí-Thanh Christopher Nguyễn<chithanh@g.o> wrote: > >>>>>>>> One notable section is 7.6 in which Adobe reserves the right to > >>>>>>>> download and install additional Content Protection software on the > >>>>>>>> user's PC. > >>>>>>> > >>>>>>> Not like anyone will actually *read* the license before adding it to > >>>>>>> their accept group, but if they did this would indeed be an important > >>>>>>> thing of which users should be aware. > >>>>>> > >>>>>> I defend it is our job to warn users about this kind of details. To me > >>>>>> it sounds that a einfo at post-build phase would do the job, what do > >>>>>> you guys think? > >>>>> > >>>>> Definitely yes! This is a very dangerous snippet in Adobe's license > >>>>> which should be pretty clearly pointed at to every user. > >>>> > >>>> Could that also include a alternative to adobe? If there is one. > >>> > >>> The place to advocate free alternatives (or upstreams that are > >>> nonsuck) isn't in einfo messages in ebuilds, it's on folks blogs or at > >>> best in metadata.xml... einfo should be "this is the things to watch > >>> for in using this/setting it up" not "these guys are evil, use one of > >>> the free alternatives!". > > Why? You are running a free and opensource operating system, what's > wrong suggesting *other* free and opensource alternatives? You are just > providing the user a choice, not to actually oblige him to install anything. > > Also, I'm pretty sure seeing nvidia-drivers suggesting the use of the > kernel driver when using the hardened profile. > >> > >> Maybe I expressed myself a bit misinterpretative. I don't want to request an > >> elog message telling users about alternative packages. But in my opinion an > >> elog message pointing at the bald-faced parts of Adobe's license should be > >> added. These parts about allowing Adobe to install further content protection > >> software is just too dangerous in my opinion. > > > > I will ignore the technical portion where basically any binary on your > > system; even binaries you compiled yourself have the ability to > > 'install things you do not like' when run as root (and sometimes when > > run as a normal user as well.) > > For all the years running Linux, I never found that case. > > > > The real meat here is that you want Gentoo to take some kind of stand > > on particular licensing terms. I don't think this is a good > > precedent[0] to set for our users. It presumes we will essentially > > read the license in its entirety and inform users of the parts that we > > think are 'scary.'[1] The user is the person who is installing and > > running the software. The user is the person who should be reading > > and agreeing with any licensing terms lest they find the teams > > unappealing. I don't find it unreasonable to implement a tool as > > Duncan suggested because it is not a judgement but a statement of > > fact. "The license for app/foo has changed from X to Y. You should > > review the changes accordingly by running <blah>" > > I'm the person who initially proposed warning users on elog. The initial > proposal only states about: > 1) A warning about change of licensing terms. > 2) A warning that "additional Content Protection software" might be > installed without users consent. > > In fact, portage already warns the users about bad coding practices, > install of executables with runtime text relocations, etc.. How is this > different? > If me, as a user, didn't know about such detail (who reads software > license agreements anyway?) and someday I hypothetically find a > executable running without my permission as my user account and I'm able > to associate it with Adobe's flash, I would be pissed off to no extent. > And guess what? First thing I would *blame* is flash maintainers. > I expect package maintainers to be more familiar with the packages they > maintain than me. As consequence, I expect them to advice me about > non-obvious details on those packages. At least that's what I try to do > on the packages I maintain. > GNU/Linux is all about choice. Stating, during install, that a package > might later install additional stuff will just provide a choice to the > user, not conditioning it. > > Regards, > - Angelo > > > > [0] There is an existing precedent for reading the license and > > ensuring Gentoo itself is not violating the license by distributing > > said software. Gentoo takes measures to reduce its own liability in > > case a lawsuit arises; however this is a pretty narrow case. > > [1] The other bad part here is that 'scary' is itself a judgement call > > about licensing terms. I do not want to have arguments with users > > about which terms I should have to warn them about versus not. Users > > should (ideally) be reading the software licenses for software they > > choose to use. > > > > -A > > > >> > >>> Grok? > >>> > >>> ~harring > >> > >> -- > >> Lars Wendler (Polynomial-C) > >> Gentoo developer and bug-wrangler > >> > >> > > > >

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-dev] Adding AdobeFlash-10{,.1} licenses to EULA group Thilo Bangert <bangert@g.o>