FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo Development

 
 
LinkBack Thread Tools
 
Old 02-26-2012, 10:34 AM
Kacper Kowalik
 
Default Are we allowed to provide valid SRC_URI for fetch restricted packages?

Hi all,
I've been asked by a user to remove valid SRC_URI for a package that has
RESTRICT="fetch". The package in question requires you to go to
upstream's webpage, sign license agreement and then you're fed with
download link. User argues that by giving people valid download link
hardcoded in ebuild we may encourage them to bypass the registration
step[1] and that may pose a legal threat. Can anyone more law-aware
comment on that?
TIA!
Kacper

[1] https://bugs.gentoo.org/show_bug.cgi?id=405803#c0
 
Old 02-26-2012, 11:33 AM
Alec Warner
 
Default Are we allowed to provide valid SRC_URI for fetch restricted packages?

On Sun, Feb 26, 2012 at 3:34 AM, Kacper Kowalik <xarthisius@gentoo.org> wrote:
> Hi all,
> I've been asked by a user to remove valid SRC_URI for a package that has
> RESTRICT="fetch". The package in question requires you to go to
> upstream's webpage, sign license agreement and then you're fed with
> download link. User argues that by giving people valid download link
> hardcoded in ebuild we may encourage them to bypass the registration
> step[1] and that may pose a legal threat. Can anyone more law-aware
> comment on that?
> TIA!
> Kacper
>
> [1] https://bugs.gentoo.org/show_bug.cgi?id=405803#c0
>

You should file a bug with the trustees; they deal with legal stuff.

-A
 
Old 04-10-2012, 07:38 PM
Mike Frysinger
 
Default Are we allowed to provide valid SRC_URI for fetch restricted packages?

On Sunday 26 February 2012 06:34:13 Kacper Kowalik wrote:
> I've been asked by a user to remove valid SRC_URI for a package that has
> RESTRICT="fetch". The package in question requires you to go to
> upstream's webpage, sign license agreement and then you're fed with
> download link. User argues that by giving people valid download link
> hardcoded in ebuild we may encourage them to bypass the registration
> step[1] and that may pose a legal threat. Can anyone more law-aware
> comment on that?

i don't see a problem here. although this is something that you'd prob want
to post to the trustees and let them make a decision.
-mike
 
Old 04-10-2012, 07:47 PM
Rich Freeman
 
Default Are we allowed to provide valid SRC_URI for fetch restricted packages?

On Tue, Apr 10, 2012 at 3:38 PM, Mike Frysinger <vapier@gentoo.org> wrote:
>
> i don't see a problem here. *although this is something that you'd prob want
> to post to the trustees and let them make a decision.
> -mike
>

This is a bit of a stale thread. This particular package was modified
to remove the SRC_URI, so it is no longer outstanding. The Trustees
have discussed, and i'd say a majority would prefer not to have
SRC_URI for fetch-restricted files. However, I don't believe we put
it to a vote.

Personally, I tend to not see an issue here, but am open-minded to
specific precedents/etc that raise concerns. I think others are a bit
more conservative.

Rich
 

Thread Tools




All times are GMT. The time now is 05:04 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org