| |||||||||||
Misunderstanding of embedded system designersMisunderstanding of embedded system designersPosted Jan 19, 2006 23:12 UTC (Thu) by im14u2c (subscriber, #5246)In reply to: Misunderstanding of embedded system designers by hingo Parent article: GPLv3: a first look
Huh? How can the GPL say "You are not allowed to design hardware or software that recognizes only a single binary compilation of this program code."
That simply doesn't make sense. What if I wanted a Linux Security Module that verified all binaries on a system against a write-protected set of binary signatures, to verify no one's intruded on my system? Are you saying I can't do that for GPLv3 programs? That simply makes no sense.
(Log in to post comments)
The GPL doesn't say you can't design anything. Posted Jan 20, 2006 3:28 UTC (Fri) by xoddam (subscriber, #2322) [Link] The GPL does say you can't sell a version of GPLd software that is notmodifiable by the end-user. Draft GPLv3 says that if you need to sign the software to run it, you must also provide the necessary key to the end user -- it is considered part of the source code, and properly so.
Misunderstanding of embedded system designers Posted Jan 20, 2006 6:36 UTC (Fri) by hingo (subscriber, #14792) [Link] You mean you have take a hash of the final executable and the hardware will only run that and nothing else? I'm not sure on this one, but that may in fact be allowable (there is no secret key to give away, so you have given the user everything there is). It may not be very wise however, because if there is a bug in your software you cannot update it anymore, you'd have to replace the entire device. (If there is a non-hardware way to update it, the license requires you to provide the user with that mecanism.)Therefore the wiser thing to do is what Karim above wants to do, have the firmware check whether the executable is signed with a particular key. This way you can later produce updates and sign them. On this issue the v3 is very clear. You have to either a) provide the user with the secret key needed, or (more likely) b) enable the user to alter the device such that he can use another key of his own without losing any functionality because of that. While I'm writing here, I'll reply to Karim as well: Obviously, the GPL cannot dictate the hardware license. You can build such hardware if you want, and if your software is GPLv3 you'll have to include the secret key. Sorry boy, you are just worng and confused, and you should let go already. (For the benefit of everybody, I don't intend to continue this thread although I fully expect Karim will do so.)
Misunderstanding of embedded system designers Posted Jan 20, 2006 20:50 UTC (Fri) by karim (subscriber, #114) [Link] Feel free to paint my position in whichever color makes you feel better. But here's the quote from the license:"Complete Corresponding Source Code also includes any encryption or authorization codes necessary to install and/or execute the source code of the work, perhaps modified by you, in the recommended or principal context of use, such that its functioning in all circumstances is identical to that of the work, except as altered by your modifications." And what I suggest does exactly that. The kernel's behavior hasn't changed, its functioning is identical. It's the hardware beneath that isn't functioning the same way from the point of view of the user space applications accessing it ... If confusion there is, I don't believe it's on my side. Karim
|
|||||||||||