lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20061217041017.GA29035@thunk.org>
Date:	Sat, 16 Dec 2006 23:10:17 -0500
From:	Theodore Tso <tytso@....edu>
To:	Ricardo Galli <gallir@...il.com>
Cc:	Linus Torvalds <torvalds@...l.org>, linux-kernel@...r.kernel.org
Subject: Re: GPL only modules [was Re: [GIT PATCH] more Driver core patches for 2.6.19]

On Sun, Dec 17, 2006 at 01:22:12AM +0100, Ricardo Galli wrote:
> OK, let assume your perspective of the history is the valid and real one, 
> then, ¿where are all lawsits against other big GPL only projects? For example 
> libqt/kdelibs. You can hardly provide any example where the GPL wasn't hold 
> in court.

There's no need for lawsuits against things like libqt.  The question
is whether someone who writes a commercial program that happens to
dynamically link against libqt is in fact in violation of copyright
claims.  In such a case, the owners of libqt would have to sue the
commercial application writer, not the other way around.  There
haven't been any such cases, mostly because (a) the FUD generated by
the FSF about GPL vs. LGPL has generally been enough to cause
application authors to avoid using GPL'ed code even if it would be
legally defensible in court, and (b) I personally suspect that the FSF
has deliberately not tried to make a test case out of a commercial
application dynamically linking against a GPL'ed library.

In point of fact, if you compile libss from e2fsprogs on a Solaris
machine, and then let the Sun Enterprise Authentication Mechanism (a
propietary version of Kerberos v5) link against that version of libss
(as opposed to the one derived from the MIT Kerberos version of
libss), you can have a propietary Sun binary linking against libss
which will called will dynamically pull in the GPL'ed version of
readline (or the BSD licensed editline library, whichever one it finds
first in its search path).  Quick!  Is there a GPL violation involved,
and if so, who should the FSF try to sue first?

There are indeed plenty of cases where the GPL has been upheld in a
court of law, but usually it's some straightforward case of an
embedded version of Linux being used without releasing source.  As far
as I know, there has been no case on point about GPL and dynamic
linking, and I personally suspect it's at least partially because the
FSF is afraid it would lose such a case.  (As I've said, at least one
law professor of mine from the MIT Sloan School of Management has told
me that in her opinion the FSF's theory would be "laughed out of
court").

						- Ted
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ