GRsecurity is preventing others from employing their rights under version 2 the GPL to redistribute source code

Sam Bull sam.hacking at
Wed Jun 1 09:13:29 UTC 2016

As somebody previously mentioned the first time you posted this, I'm
not sure why this is relevant to Ubuntu development?

Perhaps you should get in touch with the Software Freedom Conservancy,
and see if there is anything they can do.

On Tue, 2016-05-31 at 03:12 +0000, concernedfossdev at wrote:
> GRsecurity is preventing others from employing their rights under
> version 2 the GPL to redistribute (by threatening them with a non-
> renewal of a contract to recive this patch to the linux kernel.)
> (GRsecurity is a derivative work of the linux kernel (it is a patch))
> People who have dealt with them have attested to this fact:
> nux_developer_steals_page_from_randi/
> "You will also lose the access to the patches in the form of grsec
> not renewing the contract.  
> Also they've asked us (a Russian hosting company) for $17000+ a year
> for access their stable patches. $17k is quite a lot for us. A
> question about negotiating a lower price was completely ignored.
> Twice." -- fbt2lurker
> And it is suggested to be the case here aswell:
> arch_grsecuritys_rap_is_here/
> "Do you work for some company that pays for Grsecurity? If so then
> would you kindly excersise the rights given to you by GPL and send me
> a tarball of all the latest patches and releases?" -- lolidaisuki
> "sadly (for this case) no, i work in a human rights organization
> where we get the patches by a friendly and richer 3rd party of the
> same field. we made the compromise to that 3rd party to not
> distribute the patches outside and as we deal with some critical
> situations i cannot afford to compromise that even for the sake of
> gpl :/
> the "dumber" version for unstable patches will make a big problem for
> several projects, i would keep an eye on them. this situation cannot
> be hold for a long time" -- disturbio
> Is this not tortious interference, on grsecurity's (Brad Spengler)
> part, with the quazi-contractual relationship the sublicensee has
> with the original licensor?
> (Also Note: the stable branch now contains features that will never
> make it to the "testing" branch, and are not allowed to be
> redistributed, per the scheme mentioned above (which has been
> successful: not one version of the stable branch has been released by
> anyone, even those asked to do so, since the scheme has been put in
> place (they say they cannot as they cannot lose access to the patch
> as that may cost the lives and freedom of activists in latin
> america)))
> @xoreipeip @grsecurity they call it a "demo" version "20:14 <
> spender> what's in the public version is < 1/5th the size of the full
> version"
> oreipeip @grsecurity "20:21 < spender> also it wouldn't be as fast as
> the commercial version [...] there are missing optimization passes"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the Ubuntu-devel-discuss mailing list