this post was submitted on 16 Jun 2024
1004 points (88.6% liked)

linuxmemes

21172 readers
1041 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.

  • Please report posts and comments that break these rules!

    founded 1 year ago
    MODERATORS
     

    Context:

    Permissive licenses (commonly referred to as "cuck licenses") like the MIT license allow others to modify your software and release it under an unfree license. Copyleft licenses (like the Gnu General Public License) mandate that all derivative works remain free.

    Andrew Tanenbaum developed MINIX, a modular operating system kernel. Intel went ahead and used it to build Management Engine, arguably one of the most widespread and invasive pieces of malware in the world, without even as much as telling him. There's nothing Tanenbaum could do, since the MIT license allows this.

    Erik Andersen is one of the developers of Busybox, a minimal implementation of that's suited for embedded systems. Many companies tried to steal his code and distribute it with their unfree products, but since it's protected under the GPL, Busybox developers were able to sue them and gain some money in the process.

    Interestingly enough, Tanenbaum doesn't seem to mind what intel did. But there are some examples out there of people regretting releasing their work under a permissive license.

    you are viewing a single comment's thread
    view the rest of the comments
    [–] v_krishna@lemmy.ml 14 points 4 months ago (2 children)

    All my own OSS stuff I always release MIT licensed because I want to be able to use the libraries in my closed source job.

    [–] CosmicTurtle0@lemmy.dbzer0.com 18 points 4 months ago (1 children)

    Be really careful with this.

    Depending on how you contribute to your OSS code, commits you make on company time are considered property of the company. You could, unknowingly, be forcing your code to be closed source if your company ever decides to make a claim for it.

    I prefer to keep things bifurcated. I never reuse my own library and if I do, I rewrite it whole cloth.

    [–] folkrav@lemmy.ca 13 points 4 months ago (1 children)

    “Company time” doesn’t mean much to me, as a remote salaried worker with relatively flexible schedules. Not touching anything but work code from my company machine should be enough, as far as I could understand. Not a lawyer, though.

    [–] stinerman@midwest.social 1 points 4 months ago

    It will come down to the laws in your country and how much money you plan to spend on lawyers if your employer wants to force the issue.

    [–] grue@lemmy.world 10 points 4 months ago (1 children)

    If you're the copyright holder, nothing stops you from releasing your work under more than once license. It is not necessary to use permissive licensing; you are perfectly free to release your stuff to the general public with a copyleft license while also granting your company a separate license even with proprietary terms if you want.

    [–] __dev@lemmy.world 10 points 4 months ago (2 children)

    Only until you have any other contributor, as you're then no longer the sole copyright holder. If you still want to work like that you'll need a CLA.

    [–] grue@lemmy.world 7 points 4 months ago

    Sure, but I was taking "all my own OSS stuff" at face value.

    [–] neshura@bookwormstory.social 4 points 4 months ago (1 children)

    Correct me if I'm wrong but if I start a project with a GPL and a custom proprietary license for use at work wouldn't that also apply to any contributions by 3rd parties later on to that projevt? Afaik only adding or switching licenses with existing 3rd party contributions is difficult without a CLA.

    [–] __dev@lemmy.world 1 points 4 months ago

    Kinda. IANAL, but here's my understanding: If you're explicitly dual-licensing and publish the proprietary license then contributions can be assumed to also follow the same dual licensing. You'd need to be extremely careful with writing the proprietary license though, since your business is now using non-employee proprietary code.

    If you write "the copyright holder may choose to allow an entity to use this work", then you do actually need permission from every contributor. If you write "this work may be copied, modified and redistributed freely by Blah enterprises" now the business cannot be sold without losing access (or possibly have it's name changed). If you write "Neshura may freely copy, modify and redistribute this" then you can't be fired or move jobs without the company losing access.

    You can also never ever change this license, since every contributor needs to agree. So if a mistake is made when writing it you're just fucked.

    On the other hand with a CLA that transfers copyright ownership you don't need to dual-license at all since everything already belongs to the business. Much less risky.