On 11/20/2013 09:48 PM, Tom Callaway wrote:
On 11/19/2013 02:11 PM, Florian Weimer wrote:
What's Fedora's stance on linking GPL-only libraries into the same
process as a library which is considered GPL-incompatible (such as
4-clause BSD) if this linking happens rather indirectly?
We currently link psql against both libreadline and libcrypto/libssl
(OpenSSL), so if that is okay, more indirect linking should be
acceptable as well.
However, I'm not sure I'd appreciate that if I were a GPL-only library
author who chose that license deliberately (perhaps even with a desire
to sell alternative licensing), and some intermediate libraries makes my
work available under a more permissive license, only wrapped in a
different programming interface.
For OpenSSL, we consider that a system library, so the point is somewhat
irrelevant in that case.
That's a refreshingly different approach which certainly simplifies
things. :)
However, to your larger point, we are not concerned with indirect
linking like you describe. We are primarily focused with the direct
linking case, though, if there was an egregious case of a shim intended
to circumvent that, we'd revisit that on a case-by-case basis.
What's the procedure for resolving such potential issues? Post it here
and ask for advice?
With Fedora's system library exception, that should never be an issue
for Fedora itself, but downstream users might be led to assume that the
license of a particular library is more permissive than it actually is.
--
Florian Weimer / Red Hat Product Security Team
_______________________________________________
legal mailing list
legal@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/legal
