From: Russell Coker <email@example.com>
To: firstname.lastname@example.org, email@example.com
Subject: Re: SELinux Dumb Questions
Date: Tue, 4 Jun 2002 23:59:46 +0200
Cc: "Haigh, Tom" <firstname.lastname@example.org>,
"'Admissions Office'" <email@example.com>,
Carsten Grohmann <firstname.lastname@example.org>,
On Tue, 4 Jun 2002 23:30, JW wrote:
> > On Mon, 3 Jun 2002 16:50, Admissions Office wrote:
> > > Folks this may seem like a dumb question given the Open Source and
> > > postings on the site. Its just that we want to be sure....
> > >
> > > Is there any reason why a Colo company cannot offer SELinux as a
> > > standard product offering they would install on clients servers?
> > As Mark stated there are no license or legal issues preventing such use.
> On Monday 03 June 2002 04:13 pm, Haigh, Tom wrote:
> > SELinux includes Type Enforcement technology developed and patented by
> > the Secure Computing Corporation, who still holds rights to all
> > commercial use of the technology. Before a colo company, or anyone else
> > uses the technology commercially, it will be necessary to negotiate a
> > license with Secure Computing. If anyone wants to do so, I can help get
> > the ball rolling with our Legal and BD folks.
Let's look at the following URL:
> Question 6: Will SCC use its patent on Type Enforcement TM to restrict use,
> future development, derivative work, or release of the source code of the
> There will be no restrictions on the use of TE by the Linux open source
> community. We believe that leveraging the resources of the Linux community
> is the best way to develop robust security for Linux.
That seems like a clear statement that we can do what we like with it!
But Tom, if your company does want to go ahead with this patent plan then
please do the following:
1) Change that misleading web page.
2) Let me know so I can remove all SE Linux code from Debian, remove it from
my client's machines, and start work on a competing product.
3) Make formal statements as to limitations of distribution etc, also
clarify to what extent you want SE Linux code removed from the world. Should
I get the upstream maintainer of stat to remove the SE Linux code too? Also
you'll have to get it removed from LSM which is under the GPL, and you had
better hope that the problems with building as a module are fixed quickly -
you can't ship code that links with the kernel unless it's under the GPL.
PS When does the patent expire? If it's due to expire in 1 year or less we
can just wait until it's gone...
I do not get viruses because I do not use MS software.
If you use Outlook then please do not put my email address in your
address-book so that WHEN you get a virus it won't use my address in the
linux-security-module mailing list
to post comments)