1 |
You can't really change license because it is a kernel patch so it has |
2 |
to be GPLv2 from what i understand. |
3 |
|
4 |
|
5 |
On 04/30/2017 01:08 PM, Alex Efros wrote: |
6 |
> Hi! |
7 |
> |
8 |
> On Sat, Apr 29, 2017 at 07:46:10PM +0300, Alex Efros wrote: |
9 |
>> Thanks! But isn't this mean you forbid all Linux distributions (including |
10 |
>> commercial ones like RedHat) to be GrSec/PaX subscribers (in case they |
11 |
>> like to spend some money for it)? I.e. this decision will ensure majority |
12 |
>> of Linux systems will never ever have GrSec/PaX |
13 |
> If no one is replies on this yet because that's sad truth, then may I ask |
14 |
> why don't you like to solve this in some way? |
15 |
> |
16 |
> For example, you can continue publishing source of GrSec/PaX versions, but |
17 |
> use license which allows using it for free only for personal use and small |
18 |
> business (say, less than 10-20 computers) on usual desktop/server PC. |
19 |
> This way all server/desktop Linux distributions will be able to include |
20 |
> alternative hardened kernel or have alternative hardened variant of |
21 |
> overall distribution, but end-user will have to decide is they can use it |
22 |
> for free or should subscribe or avoid using it. |
23 |
> For Android phones/tablets and embedded devices you can make separate |
24 |
> clause in license to let you get some money from Google and companies |
25 |
> developing embedded devices if they will like to use GrSec/PaX, without |
26 |
> forbidding such a possibility at all (rumours are current subscription |
27 |
> options require to limit amount of installations, which is surely doesn't |
28 |
> makes sense for Android). |
29 |
> |
30 |
> This way you shouldn't lose any money comparing to current situation, |
31 |
> it also solve mentioned before issues when bad companies sell unsupported |
32 |
> and modified GrSec variant and use "grsecurity" for marketing own |
33 |
> products. Plus you'll continue wide-test your patch with Gentoo Hardened |
34 |
> and some other distribution users and have your patch available for any |
35 |
> external audit which is always good for security product's karma. |
36 |
> |
37 |
> If there are no good reasons to reject proposed solution and no |
38 |
> alternatives to let people continue using GrSec/PaX for personal/small |
39 |
> business use, then, yeah, conspiracy theories and three-letter-agencies |
40 |
> start coming to mind - just because they wins more than anybody else |
41 |
> including yourself if all Linux distributions won't have GrSec/PaX anymore. |
42 |
> |