[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Spam message when using CVS for webpages
|
From: |
Ineiev |
|
Subject: |
Re: Spam message when using CVS for webpages |
|
Date: |
Thu, 19 Oct 2023 09:57:22 +0000 |
On Wed, Oct 18, 2023 at 01:15:30PM -0600, Bob Proulx wrote:
> Ineiev wrote:
> > Savane is the free software hosting system savannah.gnu.org runs.
> >
> > sv_membersh is the restricted shell used as the login shell for Savane users
> > when they connect via SSH.
> >
> > Savane released under the AGPL; offering the corresponding source code
> > is a requirement of the AGPL.
>
> I spent some time looking at this issue and my assessment is that
> sv_membersh is only a peripheral part of Savannah at best. It isn't
> needed for Savannah to operate. It's a security gate that we use to
> protect the host from potentially malicious activity or potentially
> accidental harm.
I can't see why this matters. what matters is the fact that we use
it. since we use it, we must comply with its license.
> It does not need to be savane software and might be
> any suitable component program.
Only part of the message depends on this, the one saying it's part
of Savane. if it were part of Giungla, it would say, "sv_membersh is
part of Giungla."
> Even though Savannah as a whole is distributed under the AGPL Savannah
> makes use of many programs which are licensed under other licenses
> such as the other various GPL versions and other permissive licenses.
I feel that as expressed, this mixes Savane, the package we maintain
in Savannah 'administration' group, and Savannah, the set
of services the GNU Project provides. we don't distribute Savannah,
and it is based on a few separate programs, each with its own
licensing terms.
> That the whole of Savannah is available under the AGPL does not make a
> requirement that every component used in Savannah be forced into the
> AGPL.
No, but sv_membersh and the Savane Perl modules it uses
were released under the AGPL, and we both jointly can't
just reconsider that decision.
> For example GNU ls does not emit its license upon every invocation.
> That would interfere with its primary function. But ls will emit its
> license information when this is asked for with ls --version.
GNU ls is distributed under the GPL, and what you are speaking
about is covered by the GPLv3 Section 5d, which explains that
the legal notices may be accessible via a prominent item
in the list of options the interface presents, and moreover,
when an interactive interface doesn't display the notices,
the licensee isn't required to make it display them.
In contrast, sv_membersh is distributed under the AGPL; now,
the AGPL does include the same provisions, but also adds Section 13
requiring that our modified version prominently offer all users
interacting with it remotely an opportunity to receive
the corresponding source of our version; and AGPL Section 13 has
nothing like "you needn't make it do so if it doesn't."
signature.asc
Description: PGP signature
- Spam message when using CVS for webpages, Gavin Smith, 2023/10/18
- Re: Spam message when using CVS for webpages, Corwin Brust, 2023/10/18
- Re: Spam message when using CVS for webpages, Ineiev, 2023/10/18
- Re: Spam message when using CVS for webpages, Gavin Smith, 2023/10/18
- Re: Spam message when using CVS for webpages, Ian Kelling, 2023/10/18
- Re: Spam message when using CVS for webpages, Bob Proulx, 2023/10/18
- Re: Spam message when using CVS for webpages, Ineiev, 2023/10/19
- Re: Spam message when using CVS for webpages, Ineiev, 2023/10/20