SELinux and patents
According to the license page, SELinux is freely distributable under the terms of the GPL. It looks like a high-quality and useful contribution to the Linux community.
There is a potential problem, however. Much of the actual work in the implementation of SELinux was done by Secure Computing Corporation (SCC). SCC, in its implementation of SELinux, used a technology that it calls type enforcement. As it turns out, SCC has a patent on this technology.
Concerns over the type enforcement patent are not new - they were first raised back in 2000. At that time, SCC put up an SELinux FAQ stating:
There will be no restrictions on the use of TE by the Linux open source community.... We will release source code for all the modifications to the existing kernel and for a general-purpose security policy engine under the GPL.
Recently, this page has been removed from the SCC web site - a move which should be of concern to anybody who is relying on web-based promises about access to patented technology. For now, the cached copy on Google is still available, though. Grab a copy while you can - web-posted promises can be ephemeral things.
More recently, in a conversation on the Linux Security Module list, an SCC employee made a rather different statement:
This, of course, puts a damper on many possible uses of SELinux, as well as negating any claims of GPL licensing. Projects which have used some of the SELinux code, such as the Debian SE effort, are having to reconsider.
It would appear that SCC has not really decided what its policy is going to be; a message has been posted stating:
So, SCC may eventually do the right thing (from the free software
community's point of view) and preserve the free licensing of SELinux.
(This cause will probably not be helped by sending inflammatory
mail, by the way). Either way, this situation shows, yet another time, the
sort of threat that software patents pose to free software.
Posted Jun 13, 2002 5:18 UTC (Thu)
by tompoe (guest, #9)
[Link]
Posted Jun 13, 2002 9:25 UTC (Thu)
by morhippo (guest, #334)
[Link] (2 responses)
Posted Jun 13, 2002 11:12 UTC (Thu)
by forthy (guest, #1525)
[Link] (1 responses)
Unfortunately, the GPL doesn't say what "everyone's free use" really is. Is it ok if the patent is limited to GPL'd programs (Free Software)? Is it ok if the patent is limited to OpenSource programs? Can these patents be used as defensive weapon against evil empires that try to sue free software programmer with their patents (while at the same time using patents granted by shipping GPL'd source)?
Posted Jul 31, 2003 3:25 UTC (Thu)
by spirogyra (guest, #13510)
[Link]
Posted Jun 13, 2002 12:27 UTC (Thu)
by olilo (guest, #2008)
[Link]
Other versions:
Posted Jun 14, 2002 1:27 UTC (Fri)
by abredon (guest, #2038)
[Link]
7. ... For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. ... if SCC intends to not permit royalty free redistribution of the program, they are not allowed to distribute. They distributed, therefore they can be held to have permitted royalty free distribution under the GPL. Since they are both the patent holder AND the distributing party, if they try to charge for use of the patent, they are violating the GPL contract they signed by making a derivative work, and thus lose all rights they have to make said derivative work. End result: If they do decide to charge for the patent, there is effectively no such thing as SELinux, and both SCC and the NSA must stop distributing it - a public relations land mine that SCC should not want to step on, not to mention that the NSA would not like to find out that they can not distribute SELinux due to SCC having broken a contract, after having announced the release of SELinux QUITE publicly.
Hi: This points out just exactly why we need to take the W3.org folks to task on their "RAND" policies. There just can be no room for such poor ethics [they call it "business"] in the Open Source arena.SELinux and patents
Thanks, Tom Poe, Reno, NV, http://www.studioforrecording.org/ , http://www.ibiblio.org/studioforrecording/
Hmm, if they gave out GPLed software with their questionable software patent didn't they give me a license of the patent already?
SELinux and patents
Definitely. The GPL says - in the preambel - "To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all." If the patent is only valid in certain countries (like RSA was in the USA only), a GPL'd software could be restricted to those areas where the patent is null and void.SELinux and patents
Basically, SCC has weakened but probably not broken the enforcability of their patent and wasted a lot of peoples time.
SELinux and patents
The page can be retrieved on Web Archive:SELinux and patents
http://web.archive.org/web/20011101160243/http://www.securecomputing.com/archive/press/2000/nsa_faq_secure_linux.html
for the Nov 01, 2001 version
http://web.archive.org/web/*/http://www.securecomputing.com/archive/press/2000/nsa_faq_secure_linux.html
Since SCC released under the GPL, they effectively have to license their patent for free use by any derivative. Section 7 of the GPL:SELinux and patents