Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Monday September 07 2015, @08:31AM   Printer-friendly
from the the-GPL-is-open-to-interpretation dept.

Grsecurity® is an extensive security enhancement to the Linux kernel that defends against a wide range of security threats through intelligent access control, memory corruption-based exploit prevention, and a host of other system hardening that generally require no configuration. It has been actively developed and maintained for the past 14 years. Commercial support for grsecurity is available through Open Source Security, Inc.

In a big red block at the top of their home page is the following warning:

Important Notice Regarding Public Availability of Stable Patches
Due to continued violations by several companies in the embedded industry of grsecurity®'s trademark and registered copyrights, effective September 9th 2015 stable patches of grsecurity will be permanently unavailable to the general public. For more information, read the full announcement.

And I thought GRSecurity was based on the GPL'd work called "Linux". Guess I was wrong.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Informative) by stormreaver on Monday September 07 2015, @11:23AM

    by stormreaver (5101) on Monday September 07 2015, @11:23AM (#233226)

    Copyleft covers copying ONLY.

    Copyright, and therefore copyleft, covers copying, modification, and distribution.

    The GPL clearly mandates that source be provided ONLY to recipients of binaries. If you do not buy binaries and you do not receive binaries, you have absolutely no right to receive sources.

    Provided that GRSecurity distributes the entire kernel with their patches to its customers, there's no problem. There is a problem, though, if GRSecurity distributes only its patches to its customers without the rest of the kernel sources, or if GRSecurity tries to prohibit its paying customers from making the patches publicly available.

    Starting Score:    1  point
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 0) by Anonymous Coward on Monday September 07 2015, @11:36AM

    by Anonymous Coward on Monday September 07 2015, @11:36AM (#233230)

    There's no problem with distributing patches alone without the rest of the kernel sources, as long as GRSecurity offers to provide the rest of the kernel sources to anyone who asks for them. And no, GRSecurity can't prohibit paying customers from making the patches publicly available, but they can jack up the price until customers don't want to give away for free something that they paid a lot of money for.

    • (Score: 0) by Anonymous Coward on Monday September 07 2015, @07:35PM

      by Anonymous Coward on Monday September 07 2015, @07:35PM (#233392)

      > but they can jack up the price until customers don't want to give away for free something that they paid a lot of money for.

      The presupposes that there is an actual set of prices at the intersection of "too expensive to give away" and "cheap enough to buy."
      I doubt it.

    • (Score: 0) by Anonymous Coward on Monday September 07 2015, @10:52PM

      by Anonymous Coward on Monday September 07 2015, @10:52PM (#233496)

      > And no, GRSecurity can't prohibit paying customers from making the patches publicly available, but they can jack up the price until customers don't want to give away for free something that they paid a lot of money for.

      Ever heard of "bad faith".

      No?

      Ever heard of "frustration of purpose"

      No?

      You seem to be forgetting the thousands of copyright holders who aren't spengler who own the work from which this patch is derived.

      Oh but you think there's no agreement between spengler and they now, don't you? Ok, so then there is just a bare license, not an irrevokable agreement between the linux copyright holders and spengler, and they can revoke that license. Is that what you want?