Slash Boxes

SoylentNews is people

posted by Fnord666 on Sunday February 16 2020, @02:22PM   Printer-friendly
from the no-way-out dept.

The head of security firm Open Source Security, Brad Spengler, says he had little option but to file a lawsuit against open source advocate Bruce Perens, who alleged back in 2017 that security patches issued for the Linux kernel by OSS violated the licence under which the kernel is distributed.

The case ended last week with Perens coming out on the right side of things; after some back and forth, a court doubled down on its earlier decision that OSS must pay Perens' legal costs as awarded in June 2018.

The remainder of the article is an interview with Brad Spengler about the case and the issue.

iTWire contacted Spengler soon after the case ended, as he had promised to speak at length about the issue once all legal issues were done and dusted. Queries submitted by iTWire along with Spengler's answers in full are given below:

Court Orders Payment of $259,900.50 to Bruce Perens' Attorneys

Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Wednesday February 19 2020, @02:24AM

    by Anonymous Coward on Wednesday February 19 2020, @02:24AM (#959749)
    Hi, The GPLv2 license on the Linux Kernel (and GCC) forbids the offering of additional terms when distributing the Program or any derivative work.

    The act of including an additional term such as
    "you promise not to redistribute the work to 3rd parties, if you do we will not do any further business with you and will not refund your money" when distributing the work to a distributee, is such an additional term. The GPL governs the dealings you may and may not have with regard to the Linux Kernel and any derivative you make of it.
    Such terms offered is a violation of the GPLv2.

    Which is exactly what GRSecurity is doing: yes they're violating

    If you distribute them, then GRSecuity will no longer do business with you - but that in no way limits your rights to distribute the code they've already sold you, which is the only thing the GPL2 covers.

    Grsecurity violates the linux kernel and GCC licenses /when/ it offers the additional terms: terms who's purpose is to restrict the redistribution of the derivative work