GRsecurity is preventing others from redistributing source code

concernedfossdev at teknik.io concernedfossdev at teknik.io
Wed Jun 1 15:01:51 UTC 2016 

> Elsewhere it has been said that support cost $200, but perhaps that has changed.
It appears the sum has ballooned to seventeen thousand dollars per year now:

---
https://www.reddit.com/r/KotakuInAction/comments/4grdtb/censorship_linux_developer_steals_page_from_randi/
"You will also lose the access to the patches in the form of grsec not renewing the contract. 
Also they've asked us (a Russian hosting company) for $17000+ a year for access their stable patches. $17k is quite a lot for us. A question about negotiating a lower price was completely ignored. Twice." -- fbt2lurker
---

http://pastebin.ca/3614117

June 1 2016 2:52 PM, "Neal McBurnett" <neal at bcn.boulder.co.us> wrote:
> I agree with RMS that it sounds like this is a GPL violation. That also seems to agree with what
> you quoted from bkuhn (Brad Kuhn, president of Software Freedom Conservancy), who simply noted that
> we needed more details and the complaint has to be originitated by someone who does have the code
> and wants to distribute it. That's quite different from your characterization of the SFC response.
> 
> And I agree that this is quite different from what Red Hat does, since they do distribute their
> patches. They protect their brand via trademark, which is appropriate.
> 
> Someone who wants to open up GRsecurity patches could buy commercial support:
> https://grsecurity.net/business_support.php Elsewhere it has been said that support cost $200, but
> perhaps that has changed.
> 
> Thanks for noting this, and I hope we find someone who can actually make this happen, or file a
> legal case.
> 
> Neal McBurnett http://neal.mcburnett.org
> 
> On Wed, Jun 01, 2016 at 02:37:51PM +0000, concernedfossdev at teknik.io wrote:
> 
>> Here is RMS' response:
>> 
>> Re: GRsecurity is preventing others from employing their rights under version 2 the GPL to
>> redistribute source code
>> Richard Stallman (May 31 2016 10:27 PM)
>> 
>> [[[ To any NSA and FBI agents reading my email: please consider ]]]
>> [[[ whether defending the US Constitution against all enemies, ]]]
>> [[[ foreign or domestic, requires you to follow Snowden's example. ]]]
>> 
>> If I understand right, this is a matter of GPL 2 on the Linux patches.
>> Is that right? If so, I think GRsecurity is violating the GPL on
>> Linux.
>> 
>> --
>> Dr Richard Stallman
>> President, Free Software Foundation (gnu.org, fsf.org)
>> Internet Hall-of-Famer (internethalloffame.org)
>> Skype: No way! See stallman.org/skype.html.
> 
> On Wed, Jun 01, 2016 at 02:15:46PM +0000, concernedfossdev at teknik.io wrote:
> 
>> There is an important distinguishing feature: RedHat itself does release its sourcecode, albit as
>> huge code patches rather than the little ones that are desired, but that makes the issue moot even
>> before it would go to court.
>> 
>> That is an important distinction, so these situations are not the same.
>> 
>> Here the source is not released by Spengler to the public,
>> the stable patches do differ substantially from the "testing" patches
>> (one feature is 5 times bigger in the closed stable patch), and
>> sublicensees are threatened to not distribute.
>> 
>> Now some people are arguing that kernel patches are not derivative works;
>> which would make the entire GPL even MORE worthless than it already has shown to be in practice.
>> https://www.law.washington.edu/lta/swp/law/derivative.html
>> 
>> And the SFConservancy doesn't seem to give a damn,
>> and #fsf and #gnu all scream to the high heavens that what spengler is doing is just fine and
>> they seem to totally support him in it.
>> 
>> I try to teach them that there is more to the law than their license but they won't listen.
>> 
>> ----
>> There is a legal term for this. It's called acting in bad faith.
>> That often gets your contract nullified.
>> Here there is a license grant. Spengler is acting in bad faith to frustrate its purpose.
>> It does not matter if he is breaking legs, threatening to expose secrets, or threatining to raise
>> prices to exorbidant rates, or to cease sending the patches:
>> What matters is that his goal is to deny the sublicensee the right given to the sublicensee by the
>> original licensor, and that he has obtained that goal via his actions (the threats here).
>> 
>> He has frustrated the purpose of the agreement (the grant) he had with the original licensor, and
>> thus
>> the grant fails. In other words: he has violated the license.
>> 
>> June 1 2016 2:02 PM, "Jonathan Corbet" <corbet at lwn.net> wrote:
>>> On Tue, 31 May 2016 18:47:38 +0000
>>> concernedfossdev at teknik.io wrote:
>>> 
>>>> Is this not tortious interference, on grsecurity's (Brad Spengler) part,
>>>> with the quazi-contractual relationship the sublicensee has with the
>>>> original licensor?
>>> 
>>> Unfortunately, it doesn't seem to be that way. This is essentially the
>>> Red Hat approach, and that has generally been deemed to be acceptable over
>>> the years.
>>> 
>>> jon
>>> --
>>> Jonathan Corbet / LWN.net / corbet at lwn.net

More information about the Ubuntu-devel-discuss mailing list