On Sun, 2002-04-21 at 19:44, Brian May wrote: > However, I am a bit puzzled; does that mean: > > - It is OK to distribute these programs if they are seperate from > Debian? > > - It is OK to distribute a close source package that uses GPL packages > from Debian?
No to both, but see below. > My feeling is that these limitations aren't on the source code, but > the binary code. If it was only the source code, then the binary code > wouldn't matter. > > So you can link X (GPL) against Y (BSD), but if the binary of Y is > changed (maybe without prior notice) to link against, say openssl, then > suddenly the original linkage breaks the GPL. Even though the original > program (X) has not changed, and has not even been recompiled. Linking is never a problem. You can link X (GPL) against Y (Microsoft EULA) if you like (and the MS EULA allows it). The problems arise when distributing the result. If we're distributing Debian with X (GPL) linked with Y (new BSD) linked with OpenSSL, then we're not in compliance with X's license, since you cannot use X without the presence of GPL-incompatible code. It doesn't matter when any of that was linked. If someone is distributing just X separately from Debian and relying on Debian to provide Y, and Y on Debian happens to link with OpenSSL (but can be built without it), then it would seem that everyone is OK, both Debian and the third party - at least, until someone gets the bright idea of distributing the pieces together. > Come to think of it, can the GPL really say "It is Ok to distribute > package X, but not if the version of Y supplied is linked into openssl"? Sure it can. Why not? > What if several compiled versions of Y have been made available, and > only one of these uses openssl? (lets assume that these different > versions can be used without recompiling, and that somehow the Depends > field allows this). I would expect that this would be OK as long as the "default" Y doesn't link with OpenSSL. I'm not totally sure of that, though. > The way I see Debians intepretation of the GPL is that it is based on > the perspective of the end-user. I'm not sure this is true. As I see it, we interpret the GPL by asking what people distributing Debian are allowed to do. (Including us, of course.) Since the GPL is a distribution license, not a use license, questions about the end user aren't really relevant. End users are explicitly allowed to do whatever they want under the GPL. > What would happen if a "Priority: required" package required OpenSSL? > Wouldn't this defeat the point of the restrictions set by the GPL? Since > any users would have to install openssl anyway? Mere aggregation is explicitly allowed in the GPL. As long as the required package has a compatible license to OpenSSL, there's no problem. The GPL doesn't apply to Debian as a whole. Debian's goals are described in the DFSG, and since OpenSSL is DFSG-compliant, requiring OpenSSL doesn't conflict with our goals (at least in that respect). -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
