- cross-posted to:
- linux@programming.dev
- cross-posted to:
- linux@programming.dev
At first I was sceptical, but after a few thought, I came to the solution that, if uutils can do the same stuff, is/stays actively maintained and more secure/safe (like memory bugs), this is a good change.
What are your thoughts abouth this?
You must log in or register to comment.
the deGPLification of the Linux ecosystem ffs
Okay, I’m not a fan of this either but let’s not get too worried about this. Everyone’s known Ubuntu is a joke for a long time and they don’t really have much influence on even several of their downstreams, let alone the rest of the ecosystem.
I think Ubuntu has a lot of influence in industry
The correct title should be “Ubuntu explores replacing gnu utils with MIT licenced uutils”.
Waiting for Canonical to up sell proprietary utils features by subscription. Ubuntu’s regular release cycles were brilliant in 2004 when there weren’t a lot of alternatives but why does it still exist?
Sorry, “tee” is not part of the basic Ubuntu package. Do you want to unlock premium coreutils for the cheap price of 19.99$ p.m.? Alternatively, upgrade your Ubuntu pro to pro-double-plus-good for 10$ p.m.
What does this have to do with MIT licensing?
Time for Mecha-Stallman to declare war.
The time has come to GNU-slash the enemies of freedom!
It’s funny since don’t these core utils come from bsd meaning the new license is more like the original license than gpl is like either. So didn’t gnu effectively steal the code and change the license for political reasons?
I personally don’t see the point.
Mainly memory safety;
split(which is also used for other programs likesort) had a memory heap overflow issue last year to name one. The GNU Coreutils are well tested and very well written, the entire suite of programs has a CVE only once every few years from what I can see, but they do exist and most of those would be solved with a memory and type safe language.That said, Rust also handles parallelism and concurrency much better than C ever could, though most of these programs don’t really benefit from that or not much since they already handled this quite well, especially for C programs.
I’m mixed on it. If it is more secure/safe then that’s a good thing, but if it’s done because it’s MIT-licensed instead of GPL-licensed, then that could possibly be concerning.
My scepticism is that this should’ve been done within the coreutils project, or at least very closely affiliated. This isn’t an area of the linux technical stack that we should tolerate being made distro-specific, especially when the licensing is controlled by a single organisation that famously picks and chooses its interpretation of “FOSS” to suit its profit margins.
On a purely technical level, GNU coreutils should very seriously consider moving to rust if only to counter alternatives before it’s too late. While these utilities work well in C (and usually stay secure thanks to the Unix philosophy limiting the project scope), FOSS projects are continuing to struggle with finding new contributors as younger devs are more likely to use modern systems languages like Go and Rust. Not to mention that any project using Rust as a marketing tool will appeal to anyone rightfully concerned about hardening their system.
uutils is not distro-specific.
I for one welcome our rust overlords
So i hear that removing all the gnu stuff opens linux to be redistributed with a bew liesinse like mit. Which means its a little more closed iff a little more monitized.
Not knowledge enough on my own to know for sure. If someone with more knowledge could explain.
This is one of the old-time original arguments in the OSS community.
The crux of the matter is that the GNU licenses require that modifications be released back to the community. Other “more permissible” licenses like MIT do not.
So if you want to make a commercial version of X, and X is under a GPL, then any changes you make need to be released under the GPL. The idea being “I shared this code with the community with the intent that you can use it for free and modify it as you like, but you need to share back what you do.” Also called “Share and share alike”.
This defends against “embrace, extend, extinguish” tactics that companies like Microsoft has loved to do. They can’t take your code, modify it for their own purposes and re-sell it possibly making a more popular version that is now proprietary.
Somewhat ironic example.
X (Xorg) has been MT licensed for 40 years. So is Wayland. So is Mesa.
I think Xorg is a good example of the real world risks for something like core utils. If you did not know or care until now that X and Wayland were MIT licensed, you probably do not need to care too much about utils licensing either.
Here’s a better example: the use of GPL software (primarily Linux and busybox) by Linksys when they made their wrt54g router was used to compel them into releasing the source code of the firmware for that router. Subsequent GPL enforcement by the SFC made Cisco release full firmware sources for a whole series of Linksys routers. Thanks to those sources openwrt, ddwrt and several other open source router firmwares developed.
I can now run three openwrt routers in my home purely thanks to the GPL. If those projects had been MIT licensed, Linksys and Cisco could have just politely told everyone to go suck a lemon because they would have had no obligation to release anything.
The Linux kernel still is and will always be GPL. It really doesnt matter if the coreutils aren’t.
I wonder whether Linux Mint will follow suit?
Mint is basically Ubuntu with all of Canonical’s BS removed. This definitely counts as Canonical BS, so I’d be surprised if it made its way into Mint.
Canonical making open source software that is more secure than the code it replaces and offering it for free is canonical bs? If so give me more.
Here I thought canonical bs was just that stupid docker snap thing they did.
As I recall Ubuntu will allow to switch uutils to coreutils. So it looks like Linux Mint will continue to use coreutils
Likely not anytime soon as they tend to hold off latest features and prefer older (but maintained) LTS versions of just about everything. Also especially not if it turns out to be a bad idea; they explicitly build Mint without Snaps since their inclusion in the Ubuntu base.
I prefer a glibc replacement.
On the one hand, Toybox exists. So, the non-copyleft license bs isn’t new. On the other hand, toybox afaik isnt aiming to treat “deviations with GNu as bugs”. Almost feels hostile-takeover-ish though I know that almost certinly isn’t the idea behindbit.
If this ends in proprietization bs I’m going to throw hands.
