Date: Thu, 28 Aug 2014 06:56:41 +0200 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com Subject: Re: Open Source only? On Wed, 27 Aug 2014 17:52:30 -0600 Kurt Seifried <kseifried@...hat.com> wrote: > Simple: If we go with Open Source only then "is the code available > under an approved license"? > > http://opensource.org/licenses Being part on the Gentoo licensing team for a while I can tell you that there exists no list of approved licenses that is nearby complete (neither FSFs nor OSIs is anywhere near). There's a very large number of licenses out there that comply with every definition of Free Software or Open Source Software that you'll find in no list whatsoever, mostly slight variations of the various BSD-alike licenses that are only used for a single piece of software. As for the original matter, I agree that we should go with open source licenses only, however given I know that it can sometimes be hard to decide, I think nobody should blame the list moderators if they decide in doubt to let messages through if they have unclear licensing situation. Because doing the research if something should be considered foss can sometimes be painful and a lot of work. -- Hanno Böck http://hboeck.de/ mail/jabber: hanno@...eck.de GPG: BBB51E42 Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ