Re: [libreplanet-discuss] Article on GRSecurity, RMS, etc.

[concernedfossdev]

What is occurring is that the agreement allows GRSecurity to create derivative 
works from the Linux Kernel source code.
However that same agreement requires that GRSecurity allow sublicensees(for 
lack of a better word) to redistribute those derivative works.

Without the permission from the grant, GRSecurity has no right to modify the 
source code, even for personal use, under
US copyright law.

Courts do not allow one to on one had cover under an agreement, while on the 
other hand subverting another clause in the same agreement. This is called 
acting in bad-faith towards the agreement.

Another note (if GRSecurity were to claim that there is not agreement, just a 
bare license, even though they've been in
communication with the kernel team for decades now):
Bare licenses are revokable at will by the grantor and the GPLv2 lacks a 
non-revocation clause (thus arguing estoppel isn't so easy). Even then court 
will often apply contract law principals even to a bare license.

Another note: 
Linux is not a work of joint-copyright (for those looking over the 1976 
statute).
(Under joint copyright the copyright is owned 100pct by each contributor).
Instead it appears to be a very very very very very long string of derivative 
works.

Derivative works, when created with the permission of the copyright holder, 
also create
a seperate claim of copyright in their creation.

Thus the claims start to stack:
Linux-A-B-C-D-E-F-G-etc

So if G is violating the agreement, it could be argued that all copyright 
holders of a preceeding interest each have a cause of action against G. This is 
different from joint copyright where more than 1/2 of the rightsholders have to 
agree to bring an action.

However someone knowlegeble in procedure would have to chime in here, 
specifically in relation to US copyright claims.
Often there are court rules to limit who can sue further than normal 
generically for any old suit.


June 27 2016 4:52 PM, "Adam Van Ymeren" <adam.vany@gmail.com> wrote:
> On Mon, Jun 27, 2016 at 4:41 AM, Shawn <citypw@gmail.com> wrote:
> 
>> I'm not an expert of GPL compliance. I personally don't see any GPL
>> violation in PaX/Grsecurity. Because of some embedded vendors pissed
>> off PaX/Grsecurity's authors last year and then they decided stable
>> patch was going to customer-only, which means you could get the source
>> code once you paid. It's very fair to myself. Because they need to
>> spend time and hire people to do the regression testing to make their
>> customer's production system as stable as possible. Fortunately, they
>> are still release test patch for public. As a user and a security
>> consultant, test patch is good enough to deal with the most situation
>> I've met.
> 
> From what I've read. It sounds like they are making customers sign
> NDAs, and/or threatening to cut them off if the customers share the
> source code for those patches to anyone. This is clearly a violation
> of freedom 2
> 
> "The freedom to redistribute copies so you can help your neighbor (freedom 
> 2)."
> 
> I'm not a lawyer or expert on the GPL. The GPL may not protect
> against situations like this, but it clearly goes against the spirit
> of Free Software.
> 
>> I 'd say we are lucky to have brilliant FLOSS hackers like Spender and
>> PaX team in this era. Because of them, we have a very effective
>> solution for linux kernel security, which compares to other core
>> infrastructures such as firmware or compiler. Even CHIPSEC and
>> reproducible builds are just starting point somehow. It'd be a long
>> way to protect your digital freedom away from BIGBROs just like
>> PaX/Grsecurity in kernel field;-)
>> 
>> On Sun, Jun 5, 2016 at 12:58 PM, <concernedfossdev@teknik.io> wrote:
>>> Soylent news published an article/discussion on GRSecurity, RMS, etc
>>> If you're interested it's here:
>>> https://soylentnews.org/article.pl?sid=16/06/02/214243
>>> 
>>>> RMS Responds - GRsecurity is Preventing Others From Redistributing Source 
>>>> Code [UPDATED]
>> 
>> --
>> GNU powered it...
>> GPL protect it...
>> God blessing it...
>> 
>> regards
>> Shawn