packaging an application that phones home
Eric Smith
eric at brouhaha.com
Wed Jan 27 02:46:32 UTC 2010
I'm working on an RPM package for MeshLab, a GPL'd program for
processing unstructured 3D triangular meshes:
http://meshlab.sourceforge.net/
My interest is that it is useful with 3D printers, e.g. RepRap,
MakerBot, or even commercial printers.
The Licenses page of the MeshLab wiki gives a privacy disclaimer stating
that it phones home periodically to check for availability of updated
versions, and that it uploads some aggregated statistical data about the
average number and size of the opened/saved meshes. Nothing personally
identifiable, though they obviously could capture the source IP address:
http://meshlab.sourceforge.net/wiki/index.php/Licenses
Their answer is for people that don't want that to use a firewall. I
don't think that it's acceptable for software to phone home without the
user's explicit consent, and that the user shouldn't have to take
positive action such as installing or configuring a firewall to prevent
that connection.
Is there a Fedora policy about this kind of thing? It seems analogous
to Anaconda uploading system information, which is only done with user
consent.
Would there be a problem with Fedora accepting a package if I patch it
to disable network connections unless the user sets an environment
variable to allow them? I would document that in a README.fedora doc
file that I'd put in the package.
Thanks!
Eric
More information about the devel
mailing list