[wp-hackers] Credit Links

Brian Layman Brian at TheCodeCave.com
Mon Aug 14 20:49:31 GMT 2006

>Francisco Burzi's response:

That's an interesting read.  What Ryan said about CR vs vanity not
withstanding, it makes sense.  I think the reasoning is that you can't edit
the source code without creating a derivitive product.  And removing the
copyright notice would involve editing the source.  

I also suspect that it is easy enough to "legally" get around that
limitation.  Someone could simply remove the notices, as they like, call it
a derivitive product by putting a "NoCRNotice is based phpNuke Copyright
blah blah blah" line in a readme file and send an email with a link to the
source out to phpnuke.org.  At that point, they could even distribute it.  

I would also think WordPress is in a slightly different situation.  The
Wordpress link is in the theme.  Therefore, you are not editing the core to
remove that credit line.  

Interestingly enough, 1and1.com, "The world's largest and fastest growing
web host", now has something called a "1&1 Weblog".  They make you "agree to
the terms and conditions" of GNU GPL V2 and then set you up with a WordPress
blog.  I've yet to get their creation-process to work past the agreement
part, but obviously some people have.  In one way, they are doing good
things because they include the WP meta data: http://thewidestweb.info/
(this is an example blog they sent out the url for) (2.0.2 yikes!), but
they've obviously changed parts of the core:
http://thewidestweb.info/wp-login.php?redirect_to=%2Fwp-admin%2F (look at
the logo).  The big thing about this is that they are distributing this new
version.  They MAY have notified the powers that be, but I kind of doubt it.

A quick check of directories that this stuff installs into via
http://thewidestweb.info/wp-settings.php shows that it is installed in the
user's own directory structure.  Now, the interesting question: Since this
is still on their servers, are they distributing software?

OT: BTW, I've always understood that revealing the directory structure is
bad as it makes it easier to get directly at files once (if and when) your
site is compromised.  Should situations like the above link be corrected in
the core?

Brian Layman

More information about the wp-hackers mailing list