Slashdot Mirror
Linus Adopts Enhanced Tracking Process
millette writes ""Under the enhanced kernel submission process, contributions to the Linux kernel may only be made by individuals who acknowledge their right to make the contribution under an appropriate open source license. The acknowledgement, called the DCO, tracks contributions and contributors. The DCO ensures that appropriate attribution is given to developers of original contributions and derivative works, as well to those contributors who receive submissions and pass them, unchanged, up the kernel tree. All contributors are called upon to "sign off" on a submission before it may be considered for inclusion in the kernel."
From the press release. Also seen in the New York Times"
I wonder how this will affect the speed of the development process.
NYT comes out of nowhere with this idiotic, inflammatory headline. It's disheartening that mainstream technology journalists are still attributing anarchy, punk rock and anti-establishment to Open Source.
DCO is a wonderful idea. Steve Lohr, on the other hand, needs to get his head out of his ass.
What is it about? It's about putting information that was already mostly available (by scrounging in mail archives) in a structured form. So that the next SCO doesn't waste so much developer time, and (as a bonus) so that Linus can figure out which maintainer sent some code when debugging.
The evaluation of an action as 'practical' . . . depends on what it is that one wishes to practice.
Is this something that will change? With improved contribution tracking, will the next SCO/liability/whatever suit be directed against individual developers?
What if someone uses Linux in a 'mission critial' situation and it fails due to a bug? The bug is then traced back to an individual developer who is sued. There are countries where 'denial of liability' is a weak defence. Can the fact that a developer didn't get paid, so there was no transaction between teh developer and user act as a defence?
Just playing devils advocate.
But, more importantly, you have to realize--this has nothing to do with giving (positive) "props" to the kernel authors and everything to do with identifying sources of blame when it all goes to hell.
Forget whether or not you like software patents for a moment; the fact is that right now they exist. Previously, you could in theory contribute some patented or even copyrighted (direct copied) source into the kernel and it might go unnnoticed for years. Now, the theory goes, once the infringing bit is noticed, IBM or Autozone can't be sued as easily anymore--rather, what they will do is say "no, look - this piece of code came from monkeyboy332, a programmer in serbia".. sue him instead!
In short, this is a nice way for large companies attempting to wash their hands of responsibility for a linux kernel that they arguably have access to because it's open. In simpler terms still, this is corporate welfare by linus to try to win wider adoption of linux. It's not a bad strategy, but accept it for what it is.
It has nothing to do whatsoever with giving authors "credit." That is already well handled by other mechanisms.
No, to me this more sounds like a preventative measure, to make sure something like the whole SCO debacle doesn't happen again.
It could also provide a more improved structure for linux, but I'm not a programmer, so I don't know what the heck I'm talking about.
This is the sig that says NI (again)
There already is a EULA. Its called the GPL.
--Kevin
This system would be excellent for situations against SCO/liability/whatever suits. The beauty is that the code in question can be tracked. SCO or whoever who decides to sue can't just say "Hey...[the whole of] Linux is ours!"
With tracking, the code written by the author can be reviewed and resolved if necessary!
Mission critical: Well buy mission critical support from Redhat/Suse/Mandrake etc... Don't like that? Signup and offer patches or fixes to contributors.
As said previously, this process is not a 'finger pointing process'. Its a process that helps the development of linux to enable it to progress to new heights! If code needs modification/optimisation, communicate and help the contributor! If you find a particular component is really helpful or beneficial, write to the contributor and thank them, or you may even paypal or donate..etc.etc.etc.etc!
Have fun.
Not needed. Because you do not have a right to use Linux as well as its accompanying utilities, the GNU tools - and if you don't have a right to use something, you can hardly sue somebody because that something did misbehave.
Except of course if you agree to the GNU General Public License, which the software is licensed under. Then you can use it. Obviously only under the terms of the GPL, which explicitly state that you must not hold the author liable for any damages caused.
Also interesting: In most countries of the world (such as my country, Austria), EULAs are not enforcible because the user does not get any more rights granted than what he got anyways when he bought the software. The GPL, in contrast, is enforcible.
&& aemula C. ab stirpe interiit
This is a very bad precedent: the OSS community now has to follow processes that in the past, only large corporations could afford: audit trail, overkill documentation, etc. The fact that SCO/MS has managed to move Linus on *their* turf and make him play by *their* rules alas without their resources makes me really nervous: whoever gets to frame the debate always has a disproportionate advantage. What's next? More FUD campaign to fuel the fire, more hoops we'll have to jump through. While OSS people have to play lawyers, they don't write any code.
there's no place like ~
By creating this paper trail of responsibility, the work on Linux will be externally auditable. This will help reassure big business that they will not legally shaft themselves.
Sincerely, Stormcrow309
Remember, free is only free when you consider support and hardware costs.
In God we trust, all others require data.
There already is a EULA. Its called the GPL.
No. No. No! For the last time, moron, the GPL is not an EULA.
GPLed programs never demand the End User to Agree to a License before using the software.
Except of course if you agree to the GNU General Public License, which the software is licensed under. Then you can use it.
Wrong wrong wrong. If somebody gives you software, you can use it from then on. Once the files are in your possession, you can use them, unless you've somehow signed a specific prior contract promising you won't. The only things you can't do with software you possess is break other laws- primarily copyright, which in most countries prohibits you from copying (or redistributing copies) of a program without explicit consent from the author.
If you don't plan to give out copies of the program, you have no need to agree to the GPL, or even read it.
Now, I don't know Austrian law, but if there is something unique about it that requires specific permission from software authors before you can run their programs, you should've said so.
Obviously only under the terms of the GPL, which explicitly state that you must not hold the author liable for any damages caused.
Wrong. Go read the GPL before lying about it anymore. The GPL mentions there is NO WARRANTY, but just a statement of fact- reminding you that if you thought an author had offered a warranty, that no, she really didn't. It contains no "agreement" of the form "If you decide to use this, you give up all consumer-protection rights and can never sue me"
12. ... UNLESS REQUIRED BY APPLICABLE LAW ...
So if local law doesn't recognise denial of liability, you're liable?
Given this condition, a claim for liability would seem (to me) to be allowed under the GPL. Thus one couldn't even declare the GPL to have been violated, claim the user was using your code without permission, and countersue for copyright infringement.
Good point. It leaves me feeling a little uncomfortable though, as it would still require a defence in court.
I would think that if the developer did not accept compensation (money) for their code that might remove any liability under consumer law, as no 'transaction' ever took place?
There is also the curly question of professional indemnity. What if the developer is a professional, coding for free on the side? The judge might then rule that he/she should have known what he/she was doing and so find him/her liable for mistakes?
Well, it surely comes, but only to *Linux*, not opensource. And, while we're at operating systems: *BSD projects use both CVS and bug tracking system from a long, long time. It's Linus "dislike of versioning systems" (or perhaps, being resistant to good advices), which made Linux-SCO claims as easy. With FreeBSD Web CVS interface, you can do usual things you can do with CVS. For example, review all commits to /README in FreeBSD (just click here) in the last 9 years. Responsible people, commit dates, commit messages. SCO claiming they did the changes? Don't think so. How about Linux? Yes, Bitkeeper repository. Since when? 2.4.x, if I remember correctly... and the code was already above 20 MB tgz by that time.
Pretty late. Well, better late, than never. I'm waiting to see Linux kernel having a "core team", and a central bugzilla... not the mailing list with patches.