Grsecurity® is an extensive security enhancement to the Linux kernel that defends against a wide range of security threats through intelligent access control, memory corruption-based exploit prevention, and a host of other system hardening that generally require no configuration. It has been actively developed and maintained for the past 14 years. Commercial support for grsecurity is available through Open Source Security, Inc.
In a big red block at the top of their home page is the following warning:
Important Notice Regarding Public Availability of Stable Patches
Due to continued violations by several companies in the embedded industry of grsecurity®'s trademark and registered copyrights, effective September 9th 2015 stable patches of grsecurity will be permanently unavailable to the general public. For more information, read the full announcement.
And I thought GRSecurity was based on the GPL'd work called "Linux". Guess I was wrong.
(Score: 2) by _NSAKEY on Monday September 07 2015, @04:53PM
Two of the offending companies are almost certainly Intel and Verifone. Here, have a collection of links:
https://twitter.com/ioerror/status/636677916365996032 [twitter.com]
https://twitter.com/grsecurity/status/450995354972864513 [twitter.com]
https://www-ssl.intel.com/content/dam/www/public/us/en/documents/white-papers/iot-security-profiles-white-paper.pdf [intel.com]
https://news.ycombinator.com/item?id=10126648 [ycombinator.com]
The basic problem here is that they're using the grsec name and not providing any means whatsoever for end users to acquire the source. Personally, I think the lawsuit should be complemented with an update to enlightenment.tgz [grsecurity.net] that specifically targets and exploits the products of the companies he's suing.