New BSD licensed CVS replacement for OpenBSD

← Back to Stories (view on slashdot.org)

New BSD licensed CVS replacement for OpenBSD

Posted by Hemos on Monday December 6, 2004 @12:33AM from the striking-out-on-its-own dept.

Jeferey Bakins writes "In an effort, by Jean-Francois Brousseau (jfb@openbsd.org), to rid the OpenBSD CVS tree of GPL'ed licensed code, OpenCVS is now officially part of the OpenBSD project. For more details, see the OpenCVS homepage; http://www.openbsd.org/opencvs/"

2 of 164 comments (clear)

Min score:

Reason:

Sort:

Re:The battle continues... by ObsessiveMathsFreak · 2004-12-06 01:56 · Score: 4, Informative

There's no silver bullet for licences either. The OpenBSDers want their system licenced under their rules, and more power to them. They have to remove all GPL code to do this beacuse the GPL is a more or less all or nothing free software licence.
It's got nothing to do with evangelism, and all to do with practicality. You can't have bits and pieces of code GPLed and some not.

Other licences are more flexible, but are less precise. I'll still be using the GPL for most of the code I write, because I want as many people as possible to use it, and be fully secure in doing so.

--
May the Maths Be with you!
Re:Why ? by Anonymous Coward · 2004-12-06 03:06 · Score: 5, Informative

Read again...

While CVS have been a functional tool in simple use, it has quite some drawbacks. Everyone who has been in the CVS guts (believe me, I have), knows that it is essentially write-only code.
It is quite buggy, albeit the bugs are in corner-cases, not seldom noticed by people not using CVS massively. The CVS maintainers have been unwilling to accept bug reports (it may be a matter of opinion: "it's not a bug, it's a feature" has been heard). OpenBSD have had several local changes to cvs over the years.
However, for the reason stated above (write-only code), we cannot trust the code enough. It has been one of the weakest spots of our system securitywise. CVS is also a network service, as such, it can put systems into potential risk, like
all network services. We want to be able to put greater trust into this service. The people who thinks this is just license masturbation are wrong. It is nice to be able to free code, but the important thing is to secure it. GCC is not a network service. The GPL is not reason enough for us (yet .-) ) to rewrite it. Also, understandable code makes it easier to find a fix non-security bugs (but we like to look at all bugs, as potentially exploitable ones .-)).

Niklas Hallqvist (I don't care enough to create a /. account)...