|
| From: | Kon Lovett |
| Subject: | Re: [Chicken-hackers] Re: Backdoor GPL in message-digest |
| Date: | Mon, 23 Aug 2010 13:44:48 -0700 |
The below is moot since I moved everything into "own eggs", where they belong anyway.
On Aug 23, 2010, at 12:52 PM, Peter Bex wrote:
On Mon, Aug 23, 2010 at 12:43:21PM -0700, Kon Lovett wrote:Assume a component of package A uses something that is GPL'ed, but no other component in that package uses the GPL tainted component (it is "just along for the ride"). Then all components of package A are tainted?If package A is one binary or a set of binaries that always get linked to a package using it, then it does. It's called a "derivative work". Yes, this is insane.
Yeah, I deliberately did not mention "linked", only "packaged", since I don't see them as the same thing. W/O the benefit of hazy memory I seem to recall that the GPL talks of "link editing" but it may also speak of anything distributed, "linked" or not.
In the "format-compiler-base" used by "error-utils" in "check-errors" situation nothing got linked, only packaged. Unless "errorf" is actually used then no linkage occurs. (And, at the time, the only module using "errorf" was "simple-units".)
I'm just saying that in the "check-errors" package none of the other modules were actually exposed to the contagion from the GPL tainted "error-utils".
<snip> Best Wishes, Kon
| [Prev in Thread] | Current Thread | [Next in Thread] |