Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 16 Mar 2016 15:01:05 +0100
From: FRIGN <>
Subject: Re: musl licensing

On Wed, 16 Mar 2016 13:34:14 +0100
Szabolcs Nagy <> wrote:

Hey Szabolcs,

> it trains programmers to ignore source comments because they contain
> redundant legal gibberish instead of technically relevant content.

hold your horses there for a second. It is pretty much consent that
the current licensing of musl can be described as erratic at best, with
many different licenses conflicting in the codebase in a small degree.

You for instance have done the following exception
:: The BSD PRNG implementation (src/prng/random.c) and XSI search API
:: (src/search/*.c) functions are Copyright © 2011 Szabolcs Nagy and
:: licensed under following terms: "Permission to use, copy, modify,
:: and/or distribute this code for any purpose with or without fee is
:: hereby granted. There is no warranty."
(taken from COPYRIGHT)

This is basically the poor-man's version of BSD-0, so why not just
declare it as such and be on the safe side? I'm not sure if
"there is no warranty" really protects you from warranty claims.

Also, all code sections which fall under the public domain because they
are not copyrightable: I would not go this direction and instead just
publish those sections as BSD-0.
My stance is: Public domain is worse than a proper non-copyleft license
in many countries, and BSD-0 goes as far as possible.
I could literally take a BSD-0 code, remove all the licensing and do
whatever the fuck I want with it. This is public domain for me, and
in BSD-0 the author explicitly states that he doesn't give a damn about

> i kept the copyright notices of src/math/* files because there are
> too many variations to describe them all in a separate file, but i
> have to note that they do not represent the real authors and year of
> authorship.. which is the usual case for copyright notices..
> (some try to clarify the situation by assigning all the copyright
> to one entity, but that makes it worse: that's clearly not about the
> rights of an author, but pure coercive monopoly over ideas.)

:: Much of the math library code (src/math/* and src/complex/*) is
:: Copyright (...)
:: and labelled as such in comments in the individual source files. All
:: have been licensed under extremely permissive terms.

Now, when I take a look at src/math/lrintf.c for instance, there is
no copyright notice. And "extremely permissive terms" is vague at best.

> why?

Because there is a difference between machine generated code and
hand-written code, but both can be considered a grey-zone.
I also don't feel comfortable if an argument is given against a
more consistent licensing practice by looking at a project which
obviously has licensing issues as well.

> > Also, there's no reason not to just use ISC or BSD-0.
> there are things that should not be the intellectual property
> of any person and you should not claim ownership of those things.

If you publish source code under the BSD-0, anybody can take it,
remove the license and republish it under his name. Anybody can
sell it for any amount thinkable, modify it, release it, release
modifications and burn copies of it on a big pile without ever
having to worry that you would leverage your intellectual property.

Even if you wanted, you could not do anything about it, that's the
beauty. In my opinion, the BSD-0 _is_ a public domain license, as
it literally sets no limits on the usage of the program, except
making you not liable for any damages (which is common sense man).
And other than a public domain license, the judicial context is clear
in any country, and even the companies are happy when the terms are


I think everyone here should be concerned that the COPYRIGHT-file
of musl is approaching the length of the GPLv2, and if in the future
more things are added to musl, It's not unlikely that contributors will
chime in and add special clauses to this file as well.
The goal of a non-copyleft-licensed project is foremost to allow
scavenging the code if you find something that is useful without having
to go through great lengths of finding out what you are allowed to do
and what not.
Currently, this ease of use is not directly given with musl, while
at least for a GPL-licensed project the restrictions are mostly laid
out clearly due to its cancerous nature of self-proclamation.




Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.