Re: other ways of working with third party vendors [was Re: Proposal: Revision of policy surrounding 3rd party and non-free software]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 






On 22 January 2014 15:54, Miloslav Trmač <mitr@xxxxxxxx> wrote:
On Wed, Jan 22, 2014 at 5:39 PM, Matthew Garrett <mjg59@xxxxxxxxxxxxx> wrote:
> You want that set of channels to include a number of third-party vendors
> who distribute non-free software. There's a few practical problems here
> - how do we choose those vendors? What process do we have for ensuring
> that they aren't distributing malicious code? What if they provide a
> package that breaks software that we ship as part of Fedora? What if a
> vendor with a known history of shipping broken software requests
> inclusion and kicks up a PR storm if we refuse?

Every single retailer is facing these questions about he products arriving from the vendors, and somehow they manage.  This should not be that huge a deal in practice; primarily it's a matter of mindset, abandoning the "full-featured and self-contained distribution" expectation.


Retailers manage because there are long and large amounts of contractual and other commerce laws, treaties, etc to back them up when dealing with product problems with their upstream. There are contracts in place all through the chain of construction that are in place that liability moves up the chain and not to the retailer. However when you don't have those contracts in place you as the end party can be found liable for the problems versus the upstream vendor. 

So yes it is huge and has implications that aren't easily or logically parseable.

 
(It seems that sandboxing the third-party software is what the world is converging on, but we've also had >30 years of software products for sale before sandboxing existed.)
    Mirek


_______________________________________________
advisory-board mailing list
advisory-board@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/advisory-board



--
Stephen J Smoogen.

_______________________________________________
advisory-board mailing list
advisory-board@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/advisory-board

[Index of Archives]     [Fedora Users]     [Fedora Outreach]     [Fedora Desktop]     [Fedora KDE]     [KDE Users]     [Fedora SELinux]     [Yosemite Forum]     [Linux Audio Users]

  Powered by Linux