Re: GPL only usage of security.h

From: Crispin Cowan (crispinat_private)
Date: Sun Sep 23 2001 - 21:10:14 PDT

  • Next message: Greg KH: "Re: GPL only usage of security.h"

    Greg KH wrote:
    
    >On Sun, Sep 23, 2001 at 08:17:19PM -0700, Crispin Cowan wrote:
    >
    >>Actually yes, I vehemently object to this change.
    >>
    >Why?  Don't you think that security modules that are loaded by your
    >kernel should be open source?
    >
    I think that code (especially security code) can be more secure if the 
    source is available. Further, open source code can grow better through 
    the ability of community developers to improve features and fix bugs. 
    But what this change does is impose a singular license on security 
    modules (GPL).
    
    The principle behind GPL'ing kernel contribs is that they are a derived 
    work of the kernel. The reason that loadable modules are not subject to 
    the GPL is that they are using an explicit interface, and thus (like 
    applications) are not derived from the kernel, but rather simply depend 
    on it.
    
    I see no reason why LSM should deviate from this path. It is nice to 
    encourage open sourcing of LSM modules, but it is not nice to enforce 
    one particular license.  It is also not constructive to exclude 
    proprietary security modules, just as it is not constructive to exclude 
    closed source device drivers.
    
    So no, mandatory GPL for LSM modules is not even close to acceptable.
    
    Perhaps we should LGPL the security.h.  Does that create problems?
    
        * It keeps security.h compatible with the kernel.
        * It prevents outright hijacking of security.h
        * It permits arbitrary licensing of applications (modules) that use
          LSM.  I think :-)
    
    Crispin
    
    -- 
    Crispin Cowan, Ph.D.
    Chief Scientist, WireX Communications, Inc. http://wirex.com
    Security Hardened Linux Distribution:       http://immunix.org
    Available for purchase: http://wirex.com/Products/Immunix/purchase.html
    
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Sun Sep 23 2001 - 21:13:53 PDT