Le dimanche 15 octobre 2017 21:24:28 UTC+2, Dima Pasechnik a écrit : [ Snip... ]
> Some soft, notable wget, have an exception clause, needed for binary > installs. > See https://en.wikipedia.org/wiki/Wget > > Additional permission under GNU GPL version 3 section 7 > > If you modify this program, or any covered work, by linking or combining > it with the OpenSSL project's OpenSSL library (or a modified version of > that library), containing parts covered by the terms of the OpenSSL or > SSLeay licenses, the Free Software Foundation grants you additional > permission to convey the resulting work. Corresponding Source for a > non-source form of such a combination shall include the source code for the > parts of OpenSSL used as well as that of the covered work. > > Can we include something like this in the license and be done with? > Seconded. It would be nice if a *real* lawyer (US by preference, only country on Earth where such legaloidstic nonsense can be taken seriously...) could give us (*pro bono*, of course...) advice on the wording. But that's the easy part of the task. The hard one is to persuade dissenters... after hearing and understanding their points. -- Emmanuel Charpentier > > Dima > >> >> >> My gut feeling on this: >> - We should either require OpenSSL be installed systemwide or just ship >> OpenSSL with Sage. Security is way, way too important to expose our users >> to potentially major security problems just because we're overly worried >> about license issues. Moreover, I think there is no way the OpenSSL >> copyright owners are going to sue us for violating their funny license by >> including it in a GPLv3+ program, especially after announcing an intention >> to switch to MPLv2, and getting most OpenSSL devs to sign off on that. >> >> ** By not just fully supporting and requiring OpenSSL for everything in >> Sage, we are exposing all Sage users to an increased chance of installing >> malicious software from repos. Let's not do that. ** >> >> In retrospect, I wish I had never removed OpenSSL from Sage. >> >> -- William >> >> >> >> >>> >>> On Debian testing, both patches pass ptestlong with no failures >>> whatsoever. R sort-of passes its own test suite (i. e. I get a couple of >>> expected, announced failures, analogous to what we get with Python's test >>> suite). >>> >>> -- >>> Emmanuel Charpentier >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "sage-devel" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to sage-devel+...@googlegroups.com. >>> To post to this group, send email to sage-...@googlegroups.com. >>> Visit this group at https://groups.google.com/group/sage-devel. >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- >> -- William Stein >> > -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+unsubscr...@googlegroups.com. To post to this group, send email to sage-devel@googlegroups.com. Visit this group at https://groups.google.com/group/sage-devel. For more options, visit https://groups.google.com/d/optout.
