[aur-general] PKGBUILD that downloads ilegal content
johannes at kyriasis.com
Tue Jul 7 09:03:09 UTC 2015
On 07/07, Philipp Wolfer wrote:
>2015-07-05 19:39 GMT+02:00 Hugo Osvaldo Barrera <hugo at barrera.io>:
>> There's a PKGBUILD on the AUR that downloads a binary that is illegal
>> to distribute (due to licensing, it may only be distributed in source
>> IMHO, it's a bit of a grey area if the PKGBUILD is legal or not (I
>> believe it is not in some jurisdictions), but anyone running it is
>> receiving illegal content, so I don't think we should keep it around.
>Can somebody explain to me, why this binary should be illegal at all? I
>looked at the site and the code provided, and from what I can see the
>entire product is covered by the GPLv3. And the license does *not* forbid
>distributing binaries, it just makes it a requirement to also provide
>access to the source code. Now we can discuss whether the PKGBUILD in its
>current form satisfies that requirement (it provides a link to upstream,
>but not directly to a source download location).
Their code is GPLv3. OpenSSL is not and has a GPL-incompatible license,
and thus software using the GPLv3 needs a special version of the GPL
with an explicit OpenSSL linking exception, otherwise you cannot
distribute the software while it links to OpenSSL.
>Also this implies that upstream is doing something illegal by providing
>binaries of their own software, which is nonsense. They are free to do
>whatever they want with their own software.
It's not nonsense. They can do what they want with their software, yes,
but not when it breaks the license of other software they use.
PGP Key ID: 0x50FB9B273A9D0BB5
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1495 bytes
Desc: not available
More information about the aur-general