Grsecurity is a patch for the Linux kernel which, it is claimed, improves its security. It is a derivative work of the Linux kernel which touches the kernel internals in many different places. It is inseparable from Linux and can not work without it. it would fail a fair-use test (obviously, ask offline if you don’t understand). Because of its strongly derivative nature of the kernel, it must be under the GPL version 2 license, or a license compatible with the GPL and with terms no more restrictive than the GPL. Earlier versions were distributed under GPL version 2.
Currently, Grsecurity is a commercial product and is distributed only to paying customers. My understanding from several reliable sources is that customers are verbally or otherwise warned that if they redistribute the Grsecurity patch, as would be their right under the GPL, that they will be assessed a penalty: they will no longer be allowed to be customers, and will not be granted access to any further versions of Grsecurity. GPL version 2 section 6 explicitly prohibits the addition of terms such as this redistribution prohibition.
By operating under their policy of terminating customer relations upon distribution of their GPL-licensed software, Open Source Security Inc., the owner of Grsecurity, creates an expectation that the customer’s business will be damaged by losing access to support and later versions of the product, if that customer exercises their re-distribution right under the GPL license. This is tantamount to the addition of a term to the GPL prohibiting distribution or creating a penalty for distribution. GPL section 6 specifically prohibits any addition of terms. Thus, the GPL license, which allows Grsecurity to create its derivative work of the Linux kernel, terminates, and the copyright of the Linux Kernel is infringed. The contract from the Linux kernel developers to both Grsecurity and the customer which is inherent in the GPL is breached.
(Score: 0) by Anonymous Coward on Thursday July 06 2017, @02:19PM (1 child)
Patch files include significant portions of the original work, so I think this argument is wrong on the face of it.
Uh no, this happened just a couple months ago (around March I think), when grsecurity pulled the public "testing" patches and started actually cancelling people's subscriptions for exercising permissions granted to them by the GPL. They were unhappy with the fact that KSPP was getting their stuff merged into mainline Linux.
I don't think this is a long-term successful plan for grsecurity because all the distributions hate them now, and the community isn't going to be putting in any effort to make sure things work with grsecurity anymore.
(Score: 2) by Bot on Thursday July 06 2017, @02:32PM
Eh, this is the side effect of the popularity of the GPL. It gets adopted by people for convenience, not because they believe in freedom. No matter how much you invest in a linux based project, what you get in return from it is an order of magnitude more. So, idealism aside, they are still in debt with free software, no matter what. And if they do not recognize this, I am afraid I am going to stop trusting them for everything else.
Account abandoned.