Remove some entries due to various compliance requirements. [LWN.net] (original) (raw)

Re: [PATCH] MAINTAINERS: Remove some entries due to various compliance requirements.

Thread information [Search the all archive]

| From: | | James Bottomley <James.Bottomley-AT-HansenPartnership.com> | | --------------- | | ------------------------------------------------------------------------------------------ | | To: | | geert-AT-linux-m68k.org | | Subject: | | Re: [PATCH] MAINTAINERS: Remove some entries due to various compliance requirements. | | Date: | | Thu, 24 Oct 2024 11:39:11 -0400 | | Message-ID: | | 7ee74c1b5b589619a13c6318c9fbd0d6ac7c334a.camel@HansenPartnership.com | | Cc: | | gregkh-AT-linuxfoundation.org, linux-kernel-AT-vger.kernel.org, patches-AT-lists.linux.dev |

On Fri, 18 Oct 2024, Greg Kroah-Hartman wrote:

Remove some entries due to various compliance requirements. They can come back in the future if sufficient documentation is provided.

This is very vague...

We finally got clearance to publish the actual advice:

If your company is on the U.S. OFAC SDN lists, subject to an OFAC sanctions program, or owned/controlled by a company on the list, our ability to collaborate with you will be subject to restrictions, and you cannot be in the MAINTAINERS file.

What are "various compliance requirements"? What does "sufficient documentation" mean?

The documentation Greg is looking for (which a group of Lawyers at the LF will verify) is that someone in the removed list doesn't actually work for an OFAC SDN sanctioned entity.

I can guess, but I think it's better to spell out the rules, as Linux kernel development is done "in the open". I am also afraid this is opening the door for further (ab)use...

I agree we should have been more transparent about this but I think it would be hard for someone other than Greg to get a Maintainer removed on the "compliance issue" grounds so it's probably not that open to abuse.

Regards,

James