Ira Abramov wrote: > This is not exactly a GPL violation, I'm not sure you are right about this.
Here's my take on things. The kernel is GPL, which means that all derived work of it needs to be GPL too, or it is infringing on the kernel's copyright. There are three approaches to understanding binary only modules: One is to say that merely using the interface does not make a module derived work, and therefor the GPL doesn't apply. This claim is backed up by the fact that interfaces are not considered copyrightable (or else Wine, Samba and many others would be infringing work, and all user-space programs would have to be GPL). The way I see it, this true ONLY if the interface involved is well documented and stable. I believe you will find that the kernel->module interface is neither. This is also why I think that creating an "adapter module", that exports a well-documented stable interface out of the kernel would allow perfectly legal binary modules. Even if the kernel's interface was stable and documented (or otherwise defined as "non-derived work"), I highly doubt their trick uses the interface alone, and so this protection is highly likely not relevant for this case. The second case is to say that the kernel export functions themselves give permission. It's called "מכלל לאו יוצא הן". If you export 10 symbols, and you tell me not to touch 3 of them unless I'm GPL, I have a very good case for claiming that I am allowed to touch the other 7 (despite all of Muli's claims to the contrary). Here, as before, the moment their binary module links with symbols that are defined as "GPL Only", it is, in fact, sidestepping the above permission, and is infringing on the kernel's copyright. The third possibility (which I do not buy into) is to say that there are no exceptions, and that binary only modules are not allowed. If that is the case, this is no greater GPL violation, but it certainly is bringing the copyright disregard to new levels. So I think that claiming that this is not a GPL violation is a bit naive. > What would you do? > Now were talking about the real dillema. > do you just protest but keep working there? > It's very easy to say "No!!" when it's someone else's money. It really depends. If you can afford to lose the client, I'd consider stopping working with them, but the details really depends. > make that information public? > A professional lives by his/her reputation. You have to let your clients know that they can trust you not to go behind their back. It may be a big enough violation for you to stop working with the client, but unless it's a life threatening neglect, I wouldn't go public with such things. > Inform lkml how they fooled the kernel without revieling the identity of > the violators, just to help them patch it for the future? > You already did so here, didn't you? No, the specifics of how to do the bypass don't really matter. I don't think anyone has any interest in a cat-and-mouse game such as this. As I have said above (in the "is this a GPL violation" part), it's the intent that counts. > spill the beans on Slashdot? > I fail to see what good that will do. > and what would you do if it was a real GPL violation? > I think it is a GPL violation. All my answers above apply. I'd let them know that, as far as I know, this is a GPL violation. I'll draw their attention to the fact that they can lose all distribution rights. > will a signed NDA with that company make a difference in your decision? > Absolutely not. I have clients that asked for a signed NDA as a pre-condition to interviewing me to find out whether I'm good enough for them. I have clients that asked for an NDA half a year after I already started working with them. I have clients that never asked for an NDA at all. As far as I'm concerned, my reputation is at stake here. NDA or not, I have to have the trust of my clients, which means that anything the client would really not like to be known, I keep confidential. The only exception I can think of is life threatening neglect, and again, then an NDA wouldn't change my actions one way or the other. > Thanks, > Ira. > Shachar -- Shachar Shemesh Lingnu Open Source Consulting ltd. Have you backed up today's work? http://www.lingnu.com/backup.html ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
