Re: [kernel-hardening] Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel?

From: aconcernedfossdev
Date: Thu Jun 15 2017 - 15:25:13 EST

Next message: Rik van Riel: "Re: [PATCH v2 02/10] x86/mm: Remove reset_lazy_tlbstate()"
Previous message: Ricardo Neri: "Re: [PATCH v7 13/26] x86/insn-eval: Add function to get default params of code segment"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The license under-which the linux kernel is distributed forbids, in it's text, the imposition of additional terms.

GRSecurity has, in-fact, successfully imposed a no-distribution term.
Even if it was a wink and a nod or an implicit threat the courts would not be blind to them. Additional terms can be made verbally or arise out of a course of business between a commercial entity and a client etc.

Additionally there is damage to the linux kernel rightsholders in that they have no access to the derivative work (unlike the RedHat situation where the kernel developers have the derived sourcecode so it's a moot point to them)

Courts deal in facts, not the fantasies of Proud, Resilient, Gritty, Battle Hardened, American White Male Programers (who know everything there is to know about everything, according to themselves (which is why they come up with these schemes and are /sure/ they will work))

It's a fairly clear cut blatant violation. Not really a grey-area at all.

On 2017-06-15 17:45, Rik van Riel wrote:

On Thu, 2017-06-15 at 16:05 +0000, aconcernedfossdev@xxxxxxxxxx wrote:

> their customer restriction "you can redistribute

this code, but if you do we will on longer provide you
with updates" does not change that.

That is the imposition of an additional term, a court would not beÂ
amused by the programmers claim it's fine because he didn't ink it
intoÂ
the copy of the license he distributed the code with. The court
wouldÂ
not be blind to the effect and the intention. The law has dealt withÂ
transparent schemes like this for hundreds of years, and withinÂ
copyright for about a century (but much longer within contract law).

There should be a joint action.

I think the best action we can take is making
grsecurity obsolete, by integrating all their
functionality into the upstream kernel.

I don't think testing what a court thinks is
a good idea here, because the GPL does not
include any obligation to continue providing
people with updates to the code.

The GPL may be much better off if that kind of
thing continues to be a gray area that makes
corporate lawyers nervous, rather than taking
the chance that a court rules against the
interests of GPL proponents...

Of course, I am not a lawyer, and if you want
real lawyer advice you will need a real lawyer.

Next message: Rik van Riel: "Re: [PATCH v2 02/10] x86/mm: Remove reset_lazy_tlbstate()"
Previous message: Ricardo Neri: "Re: [PATCH v7 13/26] x86/insn-eval: Add function to get default params of code segment"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]