Is this game libre?
Hello everyone,
I'm new to the forums, to GNU/Linux and even using an x200. I purchased one from libiquity pre-librebooted last week.
I am an avid gamer but even before getting my x200 I wasn't playing very many games. Mainly due to the pay-to-win, lootbox and dlc infested modern games.
I would however like to continue playing Runescape. A game I have been playing on and off since elementary school. I know that the Runescape client provided by the company that owns it is not open-source or libre in any way shape or form. The community however has made a client that is open-source (https://runelite.net/) and it is licensed using BSD-2 (https://github.com/runelite/runelite/blob/master/LICENSE).
The client can be compiled using source-code and it is what I intend to do. My question would be-
Could/would this be considered libre in the sense that it will not execute malicious code on my machine?
If not which of the 4 freedoms would this encroach upon?
Thanks!
Beko
Welcome to the Trisquel community Beko! As long as everything you need to compile Runescape is in that repo, under that 2-clause BSD license, you will be fine from a software freedom point of view. The only thing that might trip you up is if there are external dependencies/ assets not covered by that license, which are proprietary.
> Could/would this be considered libre in the sense that it will not execute malicious code on my machine?
This confuses two separate issues. Software can be 100% libre and still execute malicious code on your machine.
There have been a number of famous case, such as the Amazon Lens released with some versions of Ubuntu about 10 years ago, which sent users' desktop search strings to Amazone. More recently, a Nodejs package that had a scammer take over as maintainer and use it to steal crypto-tokens from users. Those are just example of *intentionally* malicious code. Libre software can also contain bugs and security holes that allow it to be exploited. The ability for anyone with the skills to to peer review free code and do independent security audits on it make all these things less likely than in proprietary software. But by itself, having code under freedom-respecting licenses is necessary but not sufficient to guarantee security.
> How would one sandbox a particular .appimage or .jar?
I could easily be wrong about this (*please* correct me if you are better informed). But my loose understanding is that appimages and other applications are sort of sandboxed by default, so you just need to be very careful what you're giving permission to whenever a pop-up box asks you to enter your administrator password.
On a related note, I'm very excited about a concept called Object Capabilities, which sounds like it has the potential to make software much more secure by design by kind of sandboxing everything, even within programs. There's a good podcast explaining this in non-coder language here:
https://librelounge.org/episodes/episode-13-object-capabilities-with-kate-sills.html
Thanks for the info. I didn't see your post, so sorry!
To run the appimage I have to right click, go to properties and mark as executable. That was what I was hesitant about..
I haven't run it at all, I had already installed firejail a few days ago and kept trying to run the appimage within firejail but kept getting an error message. I couldn't even run abrowser through firejail so I'm sure that I haven't configured it correctly or it's too out of date.
>Software can be 100% libre and still execute malicious code on your machine.
It was my understanding that libre software is open-source software with better morals and licensing. What I meant to say is that since it is open-source, ultimately the community would 'audit' since there are tens of thousands of people using this client.