On Mon, Jun 27, 2016 at 4:41 AM, Shawn <cit...@gmail.com> wrote: > I'm not an expert of GPL compliance. I personally don't see any GPL > violation in PaX/Grsecurity. Because of some embedded vendors pissed > off PaX/Grsecurity's authors last year and then they decided stable > patch was going to customer-only, which means you could get the source > code once you paid. It's very fair to myself. Because they need to > spend time and hire people to do the regression testing to make their > customer's production system as stable as possible. Fortunately, they > are still release test patch for public. As a user and a security > consultant, test patch is good enough to deal with the most situation > I've met.
>From what I've read. It sounds like they are making customers sign NDAs, and/or threatening to cut them off if the customers share the source code for those patches to anyone. This is clearly a violation of freedom 2 "The freedom to redistribute copies so you can help your neighbor (freedom 2)." I'm not a lawyer or expert on the GPL. The GPL may not protect against situations like this, but it clearly goes against the spirit of Free Software. > > I 'd say we are lucky to have brilliant FLOSS hackers like Spender and > PaX team in this era. Because of them, we have a very effective > solution for linux kernel security, which compares to other core > infrastructures such as firmware or compiler. Even CHIPSEC and > reproducible builds are just starting point somehow. It'd be a long > way to protect your digital freedom away from BIGBROs just like > PaX/Grsecurity in kernel field;-) > > On Sun, Jun 5, 2016 at 12:58 PM, <concernedfoss...@teknik.io> wrote: >> Soylent news published an article/discussion on GRSecurity, RMS, etc >> If you're interested it's here: >> https://soylentnews.org/article.pl?sid=16/06/02/214243 >> >>>RMS Responds - GRsecurity is Preventing Others From Redistributing Source >>>Code [UPDATED] >> >> > > > > -- > GNU powered it... > GPL protect it... > God blessing it... > > regards > Shawn >