r2 - 2012-09-29 - 03:18:40 - HarlanStennYou are here: NTP >  Dev Web > PerFileCopyrightAndLicenseNotice
NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.

ntp-4.2.8p10 was released on 21 March 2017. It addresses 6 medium- and 5 low-severity security issues, 4 informational security topics, 15 bugfixes, and contains other improvements over 4.2.8p9.

Please see the NTP Security Notice for vulnerability and mitigation details.

Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.

Per-File Copyright and LIcense Notice

Related Items: bug_small.png Bug #2215

Options

If we decide to go to a per-file notice we have choices:

  • A Copyright Notice
  • A License Notice
  • Both

As Harlan recalls, Dave Mills is no fan of boilerplate cluttering up the source files. Harlan is no fan of clutter either.

It's perfectly OK to have no per-file notices.

But there are some sound reasons for having something.

One choice is:

Copyright 2012 The Foo Project Developers. See the COPYRIGHT file at the top-level directory of this distribution and at http://example.org/project/COPYRIGHT.

This file is part of Foo Project. It is subject to the license terms in the LICENSE file found in the top-level directory of this distribution and at http://www.example.org/foo/license.html. No part of Foo Project, including this file, may be copied, modified, propagated, or distributed except according to the terms contained in the LICENSE file.

Harlan thinks that is still a bit long, and will see if the following is OK:

Copyright 1992-2012 University of Delaware. See the COPYRIGHT file at the top-level directory of this distribution and at http://ntp.org/COPYRIGHT for copyrght and license information.

Updating

This may/will be a PITA to update annually. What to do?

We could script an update annually, but is that lame if the only thing that changes in a file for a year is the copyright year?

Should we try to come up with a trigger script to update the copyright year when doing a checkin?

Is this something we can "avoid" by using a bk keyword expansion?

autogen

autogen may emit a copyright/license block in the files it generates.

Checking for the License/Copyright

Do we want to havea bk trigger that checks for a License/Copyright on checkin?

Do we want part of the build process to check for this?

Other choices?

Comments

 
Edit | WYSIWYG | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r2 < r1 | More topic actions
 
SSL security by CAcert
Get the CAcert Root Certificate
This site is powered by the TWiki collaboration platform
IPv6 Ready
Copyright & 1999-2017 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding the site? Send feedback