msttcorefonts installs non-free fonts automatically and doesn't ask if user agrees with license
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
msttcorefonts (Baltix) |
Confirmed
|
Medium
|
Mantas Kriaučiūnas | ||
msttcorefonts (Debian) |
Fix Released
|
Unknown
|
|||
msttcorefonts (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: msttcorefonts
msttcorefonts installs non-free fonts without asking the user if he agrees with license and wants to install non-free fonts *now*.
It's very important to display MS TrueType fonts license, ask the user if he agrees with the license and wants (and has the ability) to install these fonts *now* and install real fonts only when user answers "yes" to these questions.
msttcorefonts package description is "Installer for Microsoft TrueType core fonts" (long description is "This package allows for easy installation of the Microsoft True Type Core Fonts for the Web"), so when the user installs this package, he thinks, that he is installing only *installer for MS TrueType fonts*, but starting from some msttcorefonts 1.x version, user gets not only installer, but also all the fonts installed automatically, without asking if user wants to have these fonts now :(
All similar packages (installers for non-free software, like flashplugin-
This problem is very serious, as legal problems may occur (for user and even for Canonical). For example I or some company will distribute lot of Ubuntu-based OS CDs with msttcorefonts package (only with MS fonts installer) for schools, but currently the CDs would also contain the fonts (as fonts are installed automatically, without questions), so I can get law issues, because MS TrueType fonts are not free for redistribution in removable media (and in unpacked form)...
Changed in msttcorefonts: | |
status: | Unknown → New |
Changed in msttcorefonts: | |
status: | New → Fix Released |
As with all packages, the copyright and licence conditions are in /usr/share/ doc/msttcorefon ts/copyright. This has always been the case.
It doesn't make sense if each package is going to prompt for this. I propose to close this bug.