Wednesday, 11 January 2012

What does open source mean?

I have been chalenged by my employer to define for them what open source means legaly.
This post encompasses my research sources on this topic:

Copyleft  
(Extracted from http://en.wikipedia.org/wiki/Copyleft)
  • copyleft is a general method for making a program (or other work) free (libre), and requiring all modified and extended versions of the program to be free as well.
  • Under copyleft, derived works may be produced provided they are released under the compatible copyleft scheme.
  • The underlying principle is that one benefits freely from the work of others but any modifications one makes must be released under compatible terms.
  • Under fair use, however, the copyleft license may be superseded, just like regular copyrights. Therefore, any person utilizing a copyleft-licensed source for their own work is free to choose any other license provided they meet the fair use standard.
  • Common practice for using copyleft is to codify the copying terms for a work with a license. Any such license typically gives each person possessing a copy of the work the same freedoms as the author, including (from the Free Software Definition):
    Freedom 0 – the freedom to use the work,
    Freedom 1 – the freedom to study the work,
    Freedom 2 – the freedom to copy and share the work with others,
    Freedom 3 – the freedom to modify the work, and the freedom to distribute modified and therefore derivative works. 



  • "Weak copyleft" licenses are generally used for the creation of software libraries, to allow other software to link to the library, and then be redistributed without the legal requirement for the work to be distributed under the library's copyleft license. Only changes to the weak copylefted software itself become subject to the copyleft provisions of such a license, not changes to the software that links to it. This allows programs of any license to be compiled and linked against copylefted libraries such as glibc (the GNU project's implementation of the C standard library), and then redistributed without any re-licensing required.
    Free software licenses that use "weak" copyleft include the GNU Lesser General Public License and the Mozilla Public License.
    Most well known free software license that uses strong copyleft is the GNU General Public License (GPL).



GNU General Public License
  • The GPL permits you to create and distribute an aggregate, even when the licenses of the other software are non-free or GPL-incompatible. The only condition is that you cannot release the aggregate under a license that prohibits users from exercising rights that each program's individual license would grant them.
    What is the difference between two separate programs, and one program with two parts? This seems to depend both on the mechanism of communication (exec, pipes, rpc, function calls within a shared address space, etc.) and the semantics of the communication. If the modules are included in the same executable file, they are definitely combined in one program, simularly if they run in a shared address space. By contrast, pipes, sockets and command-line arguments are communication mechanisms normally used between two separate programs. But if the semantics of the communication involve exchanging complex internal data structures, that too could be a basis to consider the two parts as combined into a larger program.
  • The GPL permits anyone to make a modified version and use it without ever distributing it to others. (See...)
  • Some laws used for copyleft licenses vary from one country to another. For this reason the extent of such warranties are specified in most European copyleft licenses. Regarding that, see the European Union Public Licence EUPL.
  •  GPL allows you to sell copies of a program containing GPL components (#DoesTheGPLAllowMoney) or even to charge for downloading them.
  •  A copy of the license must be included with the work is vital so that everyone who gets a copy of the program can know what his rights are. A link to the licence is not acceptable.
  • With a public-facing commercial website, which uses a GPL module and/or binaries without modifying them is not considered a distribution. Infact GPLv2 does not mandate this, while here is a modified version(AGPL) that is specifically designed to force web apps to release the code.(citation).
  • A Website using free software licensed under the GNU GPL, but NOT distributing the software/the code for that Website. As the GPL-FAQ item states, you are not required to publicly distribute any part of the software, but if and when you do distribute the software, in source and/or binary form, you can only do so under the terms of the GPL.
  • Despite high profile commnets declaring GPL a threat to interlectual property rights [26] and others stating the contrary[28]; It seems infringment of the GPL can be avoided by providing a version of a derived work under GPL or if the derived work interacts with a non-copyleft product in an abstract way (such as executing a command-line tool with a set of switches or interacting with a Web server.[30]).

    Using homegrown modules on a public website is as much a distribution of source code as a dinner at a restaurant is a "distribution" of the recipe.
 GNU Lesser General Public License
  • LGLP was designed as a compromise between the strong-copyleft GNU General Public License or GPL and permissive licenses such as the BSD licenses and the MIT License
  • The LGPL places copyleft restrictions on the program governed under it but does not apply these restrictions to other software that merely link with the program. 
  • There are, however, certain other restrictions on this software!
  • The main difference between the GPL and the LGPL is that the latter allows the derived work to be linked with (in the case of a library, 'used by') a non-(L)GPLed program, regardless of whether it is free software or proprietary software.[1]
    The non-(L)GPLed program can then be distributed under any terms if it is not a derivative work
  • A standalone executable that dynamically links to a library, through a .so, .dll, or similar medium, is generally accepted as not being a derivative work (as defined by the LGPL).
    See (paragraph 5 of the LGPL version 2.1)
  • Essentially, if it is a "work that uses the library", then it must be possible for the software to be linked with a newer version of the LGPL-covered program.
  • One of the conditions of LGPL is the "combined work" must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License.
    If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. 
  • A further condition is: a distribution of the work must include a  complete corresponding machine-readable source code for the Library. (LGPL Section 6a).
  • A further condition is: Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution.
  • A further condition is: Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. (LGPL Section 7b).
  • A further condition is: The recipient of the combined work recieves the same licence to the libary from the original licencor as you. (LGPL Section 10.)
  • Because the LPGL library is provided free of charge there is no warranty for the library, therefore there the warranty of the combined work falls to the supplier of the combined work and not the original licencor.

And finally

After some resent research into the Apache Licence I came across the following useful comparison of terms.


3 comments:

  1. A good explanation can be found at Smashing magazine.
    http://www.smashingmagazine.com/2010/03/24/a-short-guide-to-open-source-and-similar-licenses/
    http://www.smashingmagazine.com/2010/03/24/a-short-guide-to-open-source-and-similar-licenses/

    ReplyDelete
  2. O'Reilly have a book on OOS which includes a section on licences.
    http://www.oreilly.com/openbook/osfreesoft/book/ch02.pdf

    ReplyDelete
  3. Linux Core Developers Wary of Taking GPL Violators to Court.
    http://thenewstack.io/dangers-linux-litigation-businesses/

    ReplyDelete