Comment KCDF Re: patches

Pipe

GRSecurity Linux Kernel patch to end public accessability of stable patches.

Preview

patches (Score: 1)

by pete@pipedot.org on 2015-09-02 00:54 (#K56Q)

they produce patches, not redistrib. linux. its their code, and patch, and thus should be able to do what they want, no?

that aside, im upvoting because the full version of the story sounds quite interesting. they themselves are tired of seeing GPL violations, among other complaints, leading to their decision

Re: patches (Score: 1)

by evilviper@pipedot.org on 2015-09-02 02:00 (#K5A1)

Patches are necessarily derivative code, so covered by the license.

However the GPL never said you have to make your code freely available to the public. It's just that once you give it out, you can't stop anyone else from redistributing it, if they want to.

Re: patches (Score: 0)

by Anonymous Coward on 2015-09-02 14:14 (#K731)

>It's not in violation of any spirit either, as there's nothing that says they have to give you their things, as copyright holders.

Their work is a derivative work.

The contributors to linux very likely intended that any derivative works also be distributed. If any contributor to linux intended this, there may very well be an unwritten clause in the contract which exists between the parties, part of which exists in the form of the document you know as a "copyright license" (WTF did you think it was? A royal patent?). Rarely does a court decide a dispute of this sort solely on the four corners of a document. Only when the document is wholly integrated does that occur.

I don't see those words there in the GPLv2. (Even if those words exist, action taken by the parties can be used as evidence against this, if the court allows the evidence of such to be presented).

Re: patches (Score: 1)

by pete@pipedot.org on 2015-09-03 00:08 (#K8VX)

just to clarify, would a patch not be a derivative work until actually applied to licensed code? on its own its just code, (EDIT: retracted, this statement made sense: "When the second
work makes sense only in light of the original, it's derivative.")
and owned by the author. they don't have to release publicly.

And even if said-patch does infact fall under GPL, the GNU-GPL FAQ makes it clear that you can sell modified versions of GPL code to a client and not release publicly, and its up to the client whether they want to keep the modified version internal, or release it. The only thing that forces public source release, is to likewise distribute any part in any form, to the public.

If that client were to release the modified version, they would need to supply the source, but if kept internally, then no. By requiring a subscription or contract, i'd imagine thats the loop hole that allows private sale/distribution without violating the gpl (if i'm understanding that correctly.) It sounds like this company is ensuring paid-clients are supporting their efforts, while preventing every other company from doing a drive-by-only download instead. It sounds more than reasonable. In the end, the code is still going to make it to the public, eventually.

Re: patches (Score: 0)

by Anonymous Coward on 2015-09-03 13:24 (#KAN1)

>By requiring a subscription or contract, i'd imagine thats the loop hole that allows private sale/distribution without violating the gpl

That's known generally as "bad faith", courts look poorly upon such actions.

As stated before, what is written in the GPL is not the end-all-be-all of the agreement which grants Spengler permission to use and modify the linux kernel, and produce derivative works thereof. (Also, as stated before, the GPL likely rests on contract law, it's not a bare license). We're not even debating the GPL per-se, but the agreement between the 10s of thousands of linux copyright holders and spengler who has created a derivative work, of which the GPL is a document describing in-part, but not fully representative of (in contracts, extrinsic evidence of the agreement can be brought in, even that which contradicts the written document(s). To explain the agreement, usage in trade, and the actual practice of the parties is relevant. (unless the contract is fully integrated (which is made no mention of here with linux, and how could it be, the GPL is about a page long and insufficient to describe fully the relationship)).

If I were intel, holding copyright on parts of linux, I would bring Spengler to court once the case is ripe. I would also sue him for libel aswell. If he wants to ruin linux security and bring a derivative work closed, in the hope of financial gain, we would find out the true nature of the agreement onwhich he relies. There are tens of thousands of potential plaintiffs against spengler.

Remeber: Grsecurity only exists because linux existed 14 years ago and spengler was poking around in it.

GNU/FSF is not a party to this agreement so what exists in their minds is somewhat irrelevant. What matters, when it comes to what anyone thinks, is the understanding that the involved parties had at the time of the agreement.

Re: patches (Score: 0)

by Anonymous Coward on 2015-09-03 23:08 (#KCDE)

>they practically pioneered the exploit mitigations now used by windows, openbsd, you name it

And now they're taking it away from us lower classes. We aren't allowed security, and Spengler doesn't give a damn that his work is derived from a freely distributed opensource project: The Linux Kernel, and he'll use every effort he can to subvert the intentions of the authors of the Linux Kernel (this is called bad faith)

Oh and if you want to argue that the GPL is a bare license rather than a unilateral contract (You'd likely be incorrect but...)

Licenses can be revoked at any time, in-which case we need only one linux kernel contributor to issue notice to Brad Spengler that said license to use his portion of the code is hereby revoked. Thence-forth Spengler will be liable for statutory damages ;-)

It's like you don't understand that, though the basis for the property interest itself flows from, in the US, congressional statute (and the constitution itself), and in the UK, AU, etc from parliamentary law, the rules governing alienation of that interest stem from property and contract law.

So Does he wish to be gotten coming or going? Contract, where extrinsic evidence can come into play, or bare license where if we have a plaintiff he can revolk permission (remeber: (C) isn't signed over in linux dev (and you wonder why FSF requires it... It's for more than the one reason they state))

(It ofcourse gets better than that in Central Europe and Commonwealth countries where, IIRC, you don't even have check weather the nature of the license would bar revocation) (Any contributors to the Linux kernel from germany?)

Re: patches (Score: 0)

by Anonymous Coward on 2015-09-03 23:09 (#KCDF)

*It's like some don't understand that, though the basis for the property interest itself flows from

Junk Status

Marked as [Not Junk] by bryan@pipedot.org on 2016-05-06 23:24