Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1754064AbdG3Jrj (ORCPT <rfc822;w@1wt.eu>);
        Sun, 30 Jul 2017 05:47:39 -0400
Received: from atrey.karlin.mff.cuni.cz ([195.113.26.193]:38350 "EHLO
        atrey.karlin.mff.cuni.cz" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753896AbdG3Jre (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 30 Jul 2017 05:47:34 -0400
Date: Sun, 30 Jul 2017 11:47:31 +0200
From: Pavel Machek <pavel@ucw.cz>
To: "Paul G. Allen" <pgallen@gmail.com>
Cc: linux-kernel <linux-kernel@vger.kernel.org>
Subject: Re: Yes you have standing to sue GRSecurity
Message-ID: <20170730094731.GC18381@amd>
References: <6261acc7cc854161158181d1ecfc7682@redchan.it>
 <CAN4-gUESAsBGkwtztoEEyEaPm_=snh2jQLFRsUxAY2ykEQRtuQ@mail.gmail.com>
 <20170729200726.6qxlnh7mmfpfxkq3@thunk.org>
 <CAN4-gUGQJCdYysoxE6=6uU8NS0b-Nkr-vr9AQ7bSmwddmf95GQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
        protocol="application/pgp-signature"; boundary="LwW0XdcUbUexiWVK"
Content-Disposition: inline
In-Reply-To: <CAN4-gUGQJCdYysoxE6=6uU8NS0b-Nkr-vr9AQ7bSmwddmf95GQ@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 3505
Lines: 78


--LwW0XdcUbUexiWVK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi!

On Sat 2017-07-29 17:20:52, Paul G. Allen wrote:
> > It's not even clear that there is infringement.  The GPL merely
> > requires that people who have been distributed copies of GPL'ed code
> > must not be restricted from further redistribution of the code.  It
> > does not require that that someone who is distributing it must
> > available on a public FTP/HTTP server.
> >
> > Brad Spengler has asserted that he has not forbidden any of his
> > customers from further redistribution of the code.  Other than his
> > claim of being in compliance with the GPL, I do not personally have
> > any information either suggesting that he is or is not violating the
> > terms of the GNU Public License.
> >
> > Personally, I think I don't think it makes any difference one way or
> > another.  GRSecurity has made themselves irrelevant from the
> > perspective of upstream development.  If someone wants to find some
> > embedded device which is using GRSecurity, and wishes to purchase said
> > device, and then demand access to source code under the terms of the
> > GPL, and then post those sources on some web site, that is all within
> > their right to do.  For the most part, though, it's rarely useful to
> > get dead code posted on a web site.  This is the same reason that
> > people who do drive-by open sourcing of code largely don't make much
> > difference.  You can make a code drop of (for example) Digital's old
> > Tru64 advfs and make it available under an open source license.  But
> > even though it was a very good file system for its time, unless it
> > comes with a community of developers, the code drop will very likely
> > just sit there.
> >
> > So personally, I don't think it's a particularly good use of *my* time
> > to investigate whether or not folks who are responsible for grsecurity
> > are violating the terms of the GPL, and to get involved in a lawsuit.
> > It may be that there is no "there" there, in which case it will be a
> > waste of my time.  And even if we can find proof that GRsecurity has
> > forbidden its customers from redistribution code derived from the
> > Linux kernel, in violation of the GPL, it will be messy, it will
> > enrich a bunch of attorneys --- and at the end of the day we will get
> > a dump of code that probably won't make any real difference to the
> > upstream development of the Linux kernel, since it will probably be
> > based on some ancient 3.18 kernel or some such.
> >
>=20
> If there is something to this (that GRSecurity is somehow in violation
> of the GPL), then it would probably be a very good idea for someone
> (the community, Red Hat, etc.) to protect the kernel. From my
> understanding, at least in America, protections under any license or

You probably still have code in the kernel. So you probably can sue
them. I'll have my fingers crossed for you :-), but otherwise don't
expect much help.

								Pavel

--=20
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blo=
g.html

--LwW0XdcUbUexiWVK
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAll9qzMACgkQMOfwapXb+vIgiACdGbZ/1rR57r2zpLKO97OaCb3D
V/gAoLDYqTCYvsM/G/BIV5jMRYL7BYEo
=8+2b
-----END PGP SIGNATURE-----

--LwW0XdcUbUexiWVK--