[riot-users] LGPL Requirements
pierre.ficheux at openwide.fr
Mon Mar 23 10:48:33 CET 2015
----- Mail original -----
> De: "Craig Younkins" <craig at freshtemp.com>
> À: users at riot-os.org
> Envoyé: Dimanche 22 Mars 2015 23:42:00
> Objet: [riot-users] LGPL Requirements
> Hello there,
> Not sure which list this should go in, devel or users.
> A few questions about the LGPL requirements. We may not do some of
> these, and many OSS advocates would not like it if we did, but I
> need to understand our legal obligations.
> 1. Am I legally obligated to provide a software upgrade mechanism on
> the device? Do I need to publish the documentation on how to upgrade
I don't think so. It could/should be in case of GPL v3.
> 2. Am I permitted to only allow signed software upgrades?
I think so.
> 3. Many micros have lock bits that prevent further programming
> without erasure. Are there any restrictions on setting those?
I don't think so.
> 4. Can I store secrets like private or symmetric keys in flash memory
> alongside but that is not part of the flashed binary? This would be
> similar to storing those secrets in external EEPROM, which is almost
> certainly permitted. This has interesting effects in combination
> with 3, including potentially bricking a device if firmware upgrade
> was attempted due to erasure of keys.
More generally speaking I don't think LGPL v2 is a problem for you except in the case you
"derivate" LGPL source code without providing modifications to the end user. LGPL adds "linking exception" (to the GPL)
so you can even link priopritary objects with LGPL libraries.
> Thank you!
> Craig Younkins
> users mailing list
> users at riot-os.org
Pierre FICHEUX -/- CTO OW/OWI, France -\- pierre.ficheux at openwide.fr
I would love to change the world, but they won't give me the source code
More information about the users