Stories
Slash Boxes
Comments

SoylentNews is people

Linux Kernel Patch Maker Says Court Case Was Only Way Out

posted by Fnord666 on Sunday February 16 2020, @02:22PM   Printer-friendly
from the no-way-out dept.

An Anonymous Coward writes:

https://www.itwire.com/open-source/linux-kernel-patch-maker-says-court-case-was-only-way-out.html

The head of security firm Open Source Security, Brad Spengler, says he had little option but to file a lawsuit against open source advocate Bruce Perens, who alleged back in 2017 that security patches issued for the Linux kernel by OSS violated the licence under which the kernel is distributed.

The case ended last week with Perens coming out on the right side of things; after some back and forth, a court doubled down on its earlier decision that OSS must pay Perens' legal costs as awarded in June 2018.

The remainder of the article is an interview with Brad Spengler about the case and the issue.

iTWire contacted Spengler soon after the case ended, as he had promised to speak at length about the issue once all legal issues were done and dusted. Queries submitted by iTWire along with Spengler's answers in full are given below:

Previously:
Court Orders Payment of $259,900.50 to Bruce Perens' Attorneys

Original Submission

 
This discussion has been archived. No new comments can be posted.
Linux Kernel Patch Maker Says Court Case Was Only Way Out | Log In/Create an Account | Top | 157 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by Immerman on Monday February 17 2020, @11:36PM (3 children)

    by Immerman (3985) on Monday February 17 2020, @11:36PM (#959349)

    >If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all
    But you can. You get code from GRSecurity - and you're absolutely free to immediately redistribute it under the exact same GPL2 terms you received it under.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 0) by Anonymous Coward on Tuesday February 18 2020, @12:07PM (2 children)

    by Anonymous Coward on Tuesday February 18 2020, @12:07PM (#959497)

    Grsecurity's work is a non-seperable derivative work of the linux kernel, which is licensed under version 2 of the GPL.
    Do you understand this, dumbfuck? No? good.

    Grsecurity is NOT permitted to create derivative works of a copyrighted work by default: it is a violation of the Copyright owners rights.
    Do you understand this, dumbfuck? No? good.

    Grsecurity is ONLY permitted to create derivative works of a copyrighted work IF they get permission (license) to do so from the Copyright owner.
    Do you understand this, dumbfuck? No? good.

    This permission, regarding making non-seperable derivative works of the linux kernel, is called version 2 of the GPL.
    Do you understand this, dumbfuck? No? good.

    Version 2 of the GPL forbids a licensee, or creator of a derivative work, from, when distributing the derivative work, adding any additional terms in the agreement between him and whoever he is distributing the derivative work. See sections 6 and section 4.
    Do you understand this, dumbfuck? No? good.

    Grsecurity has chosen to add additional terms when distributing it's non-seperable derivative work of the linux kernel (and GCC aswell, they wanted to be through). Here are those additional terms: https://new.perens.com/wp-content/uploads/sites/4/2017/06/grsecstablepatchaccessagreement_additionalterms.pdf [perens.com]
    (including the "no redistribution or else" term proffered)
    Do you understand this, dumbfuck? No? good.

    Section 4 of the GPL version 2 revokes the licensee's (Grsecurity) permission to create and distribute derivative works.
    Do you understand this, dumbfuck? No? good.

    • (Score: 2) by Immerman on Tuesday February 18 2020, @02:27PM (1 child)

      by Immerman (3985) on Tuesday February 18 2020, @02:27PM (#959521)

      GRSecurity's patches ARE RELEASED UNDER GPL2 and can be freely redistributed.

      If you distribute them, then GRSecuity will no longer do business with you - but that in no way limits your rights to distribute the code they've already sold you, which is the only thing the GPL2 covers.

      • (Score: 0) by Anonymous Coward on Wednesday February 19 2020, @02:24AM

        by Anonymous Coward on Wednesday February 19 2020, @02:24AM (#959749)
        Hi, The GPLv2 license on the Linux Kernel (and GCC) forbids the offering of additional terms when distributing the Program or any derivative work.

        The act of including an additional term such as
        "you promise not to redistribute the work to 3rd parties, if you do we will not do any further business with you and will not refund your money" when distributing the work to a distributee, is such an additional term. The GPL governs the dealings you may and may not have with regard to the Linux Kernel and any derivative you make of it.
        Such terms offered is a violation of the GPLv2.

        Which is exactly what GRSecurity is doing: yes they're violating

        If you distribute them, then GRSecuity will no longer do business with you - but that in no way limits your rights to distribute the code they've already sold you, which is the only thing the GPL2 covers.

        Grsecurity violates the linux kernel and GCC licenses /when/ it offers the additional terms: terms who's purpose is to restrict the redistribution of the derivative work