On Thu, 2007-07-19 at 17:09 -0400, seth vidal wrote: > On Fri, 2007-07-20 at 02:33 +0530, Rahul Sundaram wrote: > > In practical terms, I don't need to control a repository to be aware > > what goes into it according to their explicitly written guidelines by > > Fedora contributors outside of Red Hat. It is possible that someone > > might sneak in a package that violates the guidelines in a official or > > third party repository. Either would be considered a bug and fixed. If > > absolute control is necessary you cannot point to a third party > > repository at all but that is up to Legal to decide. > > > but that's just it. if someone puts that in a repository then it could > be a serious poison pill. If it is enough to get red hat sued then even > if it bears out that rh acted appropriately by getting the problem fixed > I can relatively guarantee that will be the LAST time we ever get to try > that. > > > > If that level of control is desirable, it needn't be a third party > > repository but a Fedora repository built and hosted in external (to Red > > Hat) systems in regions that don't enforce software patents by Fedora > > contributors. > > but is red hat complicit in maintaining this? Or a red hat employee? > Does 'the company' know about this or is this a 'wink, wink, nudge, > nudge, say no more, say no more' sort of thing? > > If it is the latter then I think we're at full, dead, stop w/o legal > counsel. +10. josh _______________________________________________ fedora-advisory-board mailing list fedora-advisory-board@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-advisory-board
