this post was submitted on 16 Jun 2024
1005 points (88.7% liked)

linuxmemes

20880 readers
6 users here now

I use Arch btw


Sister communities:

Community rules

  1. Follow the site-wide rules and code of conduct
  2. Be civil
  3. Post Linux-related content
  4. No recent reposts

Please report posts and comments that break these rules!

founded 1 year ago
MODERATORS
 

Context:

Permissive licenses (commonly referred to as "cuck licenses") like the MIT license allow others to modify your software and release it under an unfree license. Copyleft licenses (like the Gnu General Public License) mandate that all derivative works remain free.

Andrew Tanenbaum developed MINIX, a modular operating system kernel. Intel went ahead and used it to build Management Engine, arguably one of the most widespread and invasive pieces of malware in the world, without even as much as telling him. There's nothing Tanenbaum could do, since the MIT license allows this.

Erik Andersen is one of the developers of Busybox, a minimal implementation of that's suited for embedded systems. Many companies tried to steal his code and distribute it with their unfree products, but since it's protected under the GPL, Busybox developers were able to sue them and gain some money in the process.

Interestingly enough, Tanenbaum doesn't seem to mind what intel did. But there are some examples out there of people regretting releasing their work under a permissive license.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 10 points 5 months ago (2 children)

Only until you have any other contributor, as you're then no longer the sole copyright holder. If you still want to work like that you'll need a CLA.

[–] [email protected] 7 points 5 months ago

Sure, but I was taking "all my own OSS stuff" at face value.

[–] [email protected] 4 points 5 months ago (1 children)

Correct me if I'm wrong but if I start a project with a GPL and a custom proprietary license for use at work wouldn't that also apply to any contributions by 3rd parties later on to that projevt? Afaik only adding or switching licenses with existing 3rd party contributions is difficult without a CLA.

[–] [email protected] 1 points 5 months ago

Kinda. IANAL, but here's my understanding: If you're explicitly dual-licensing and publish the proprietary license then contributions can be assumed to also follow the same dual licensing. You'd need to be extremely careful with writing the proprietary license though, since your business is now using non-employee proprietary code.

If you write "the copyright holder may choose to allow an entity to use this work", then you do actually need permission from every contributor. If you write "this work may be copied, modified and redistributed freely by Blah enterprises" now the business cannot be sold without losing access (or possibly have it's name changed). If you write "Neshura may freely copy, modify and redistribute this" then you can't be fired or move jobs without the company losing access.

You can also never ever change this license, since every contributor needs to agree. So if a mistake is made when writing it you're just fucked.

On the other hand with a CLA that transfers copyright ownership you don't need to dual-license at all since everything already belongs to the business. Much less risky.