Consider the following: rust rewrites of projects like coreutils exist purely to remove copyleft licensing.

tanavit@toot.aquilenet.fr

@txt_file

In a chain, if one link is unfree, the whole chain is unfree.

It is very difficult to use the linux kernel alone.

@maxine

bms48@mastodon.social

@maxine I would not go so far as to categorise permissive licenses in that way, even though Apple, Inc. are my economic free rider. The reality is always more nuanced than that. But for the sake of argument, I feel MPL-2.0 is the way to go for what I publish outside of FreeBSD or existing BSD/MIT projects I work on.

tris@chaos.social

@maxine proof: https://github.com/uutils/coreutils/pull/8538
There could be more but I'm not in a mood to dig them all
cc: @hipsterelectron

sundew@beige.party

@maxine I love copyleft licensing, but I don't think memory safety bugs are irrelevant, nor do I think people trying transition to memory safe languages are automatically bad actors.

flesh@transfem.social

@bms48@mastodon.social @maxine@hachyderm.io Classifying BSD/MIT as anti-labour in general is debatable. That said, in particular contexts like this, they sure can be.

stf@chaos.social

@sundew @maxine most of the utils in coreutils have no remote attack surface and run without suid bit, so neither local privilege escalation is an issue. so the threat model really does not include memory-safety in any important way. thus the whole rewrite coreutils in rust for security is utter bullshit.

luxliquida@critter.cafe

@maxine Tangential, the Phoronix forums seem to be absolutely flooded with transphobia and other bigotry... I know "don't read the comments" is common sense, but they really need moderators over there ‍️

maxine@hachyderm.io

@luxliquida I resent using Phoronix as a source here but I didn’t find another quickly, but yes, the community of that site is an absolute cesspit. Has been as long as I remember.

sundew@beige.party

@stf @maxine

I think memory safety issues in any program can still be very bad news. One example:
https://www.csoonline.com/article/549634/vulnerability-in-widely-used-strings-utility-could-spell-trouble-for-malware-analysts.html

Sure, a safety issue in a webserver is worse than in a utility, but I'd still like all the software I use to be memory-safe.

Even if you're not doing full-on malware analysis, I'd like to know it's safe to run basic utilities on files downloaded from the internet without having to worry about RCE.

hipsterelectron@circumstances.run

@maxine also forgot about the c2rust ones https://circumstances.run/@hipsterelectron/116453862836059542

rustynail@floss.social

@torb @txt_file @maxine android uses Linux just fine and it's getting more and more closed. The way I understood it is it's legal because as far as Linux is concerned, all parts of android outside of the kernel are no different from random proprietary apps you can run on your desktop, which is not even a GPL thing but a special additional clause in the Linux license

kelpana@mastodon.ie

@flesh @maxine @bms48 Agreed, MIT is appropriate, even necessary in some circumstance - Godot engine would not be possible without MIT licensing. However, projects like this effectively laundering the licence shouldn't be tolerated.

flixxie@troet.cafe

@maxine can you explain to a license noob what copyleft licensing means?

bms48@mastodon.social

@kelpana @flesh @maxine I can't quite understand the correlation between "rewrite in Rust" and "adopt permissive licensing", nor do I imply causation from it, as some mention. But the stated arguments in defence of these actions seem specious at best. "If it ain't broke, don't fix it" goes the old wisdom, but they insist on footgunning themselves, citing "oh because it's memory-safe". I don't run conspiracy theory either way, I just mentally read it in the Homer Simpson voice. DOH!

ranidspace@wetdry.world

@maxine a good thing to note is that while Rust is licensed permissively, you can license rust programs with whatever you want, including copyleft licenses.

This isn't a rust rewrite problem, this is a general rewrite problem

nicr9@techhub.social

@maxine From the rust coreutils repo:

> Goals
> uutils coreutils aims to be a drop-in replacement for the GNU utils. **Differences with GNU are treated as bugs.**

I guess I should file a licence change PR?

GitHub - uutils/coreutils: Cross-platform Rust rewrite of the GNU coreutils

Cross-platform Rust rewrite of the GNU coreutils. Contribute to uutils/coreutils development by creating an account on GitHub.

GitHub (github.com)

lx@mas.to

@flixxie @maxine Copyleft means people can create modified versions of the software but must pass on that right to recipients. In contrast to BSD where the maker of a modified version can choose to keep it proprietary.