[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lwip-devel] [bug #64010] oss-fuzz integration
From: |
Jan Breuer |
Subject: |
[lwip-devel] [bug #64010] oss-fuzz integration |
Date: |
Tue, 11 Apr 2023 04:28:32 -0400 (EDT) |
Follow-up Comment #9, bug #64010 (project lwip):
According to the requirements [1], the use of non-free software is prohibited.
Even just talking about it here is forbidden.
On the other hand, oss-fuzz itself is free software covered by Apache-2.0 [2]
license. It defines the whole infrastructure, containers, and how to run them.
All used fuzzers are also free software covered by Apache-2.0 or more free
licenses (BSD-3-Clause, ...), all compatible with GPL-3.0+ meeting all
requirements.
RMS tries to specify the boundary between SaaSS and renting (virtual) hardware
[3] and he does not consider renting virtual hardware as bad. But, unless you
own the whole datacenter, the line between proprietary SaaSS and renting
virtual hardware is so blurry. Is renting a virtual server with a virtual disk
in proprietary infrastructure ok? Is renting a container with blob storage in
proprietary infrastructure ok?
The reason why am I talking about it is, that it is exactly what is happening
here. Free software (OSS-Fuzz) is running in a free software container in a
proprietary container manager (Cloud Build [8]) and proprietary infrastructure
behind it. Results are stored in blob storage (GCS [4]) which we should
consider being just storage of data and not SasSS [9] because it does not
perform further processing.
Here is also at least one precedent: GNU Coreutils.
- Official repository of one of the core GNU projects [5]
- Official GitHub (nonfree service) mirror [6]
- OSS-Fuzz usage [7]
Was this a big mistake or a practical decision and modernization?
[1]: https://savannah.nongnu.org/register/requirements.php
[2]: https://github.com/google/oss-fuzz/blob/master/LICENSE
[3]:
https://www.gnu.org/philosophy/who-does-that-server-really-serve.html#renting
[4]: https://cloud.google.com/storage
[5]: https://savannah.gnu.org/projects/coreutils
[6]: https://github.com/coreutils/coreutils
[7]:
https://github.com/google/oss-fuzz/blob/master/projects/coreutils/project.yaml
[8]: https://cloud.google.com/build
[9]: https://www.gnu.org/philosophy/who-does-that-server-really-serve.html
section Distinguishing SaaSS from Other Network Services
_______________________________________________________
Reply to this item at:
<https://savannah.nongnu.org/bugs/?64010>
_______________________________________________
Message sent via Savannah
https://savannah.nongnu.org/
- [lwip-devel] [bug #64010] oss-fuzz integration, J. Neuschäfer, 2023/04/06
- Message not available
- [lwip-devel] [bug #64010] oss-fuzz integration, Stian Sebastian Skjelstad, 2023/04/07
- [lwip-devel] [bug #64010] oss-fuzz integration, J. Neuschäfer, 2023/04/07
- Message not available
- [lwip-devel] [bug #64010] oss-fuzz integration, Simon Goldschmidt, 2023/04/07
- [lwip-devel] [bug #64010] oss-fuzz integration, J. Neuschäfer, 2023/04/08
- Message not available
- [lwip-devel] [bug #64010] oss-fuzz integration, Ineiev, 2023/04/08
- [lwip-devel] [bug #64010] oss-fuzz integration, J. Neuschäfer, 2023/04/08
- Message not available
- [lwip-devel] [bug #64010] oss-fuzz integration, J. Neuschäfer, 2023/04/08
- Message not available
- [lwip-devel] [bug #64010] oss-fuzz integration, Ineiev, 2023/04/08
- [lwip-devel] [bug #64010] oss-fuzz integration,
Jan Breuer <=
- [lwip-devel] [bug #64010] oss-fuzz integration, Ineiev, 2023/04/13
- [lwip-devel] [bug #64010] oss-fuzz integration, Jan Breuer, 2023/04/13
- [lwip-devel] [bug #64010] oss-fuzz integration, Ineiev, 2023/04/14
- [lwip-devel] [bug #64010] oss-fuzz integration, Simon Goldschmidt, 2023/04/14
- [lwip-devel] [bug #64010] oss-fuzz integration, Ineiev, 2023/04/18