[Ksummit-discuss] [CORE TOPIC] GPL defense issues
Matthew Garrett
mjg59 at coreos.com
Sun Aug 28 00:02:14 UTC 2016
On Aug 27, 2016 6:49 PM, "Linus Torvalds" <torvalds at linux-foundation.org>
wrote:
>
> On Sat, Aug 27, 2016 at 4:30 PM, Matthew Garrett <mjg59 at coreos.com> wrote:
> >
> > Can you clarify whether or not you believe that source availability for
> > owners of devices that run Linux (even if the vendor chooses not to
> > participate upstream) is something you consider to be good for the
project?
>
> That question makes no sense.
>
> Without an actual case, and without being able to judge the upsides
> *AND* downsides, your question is just silly.
OK. A vendor sells 500,000 network-connected devices running a version of
Linux that has a vulnerability in the network driver that's discovered a
year later. The hardware is custom, they refuse to release source, and
they've discontinued the product line, so nobody else is able to fix it. Is
it acceptable to engage in litigation in order to ensure that owners of
these devices can receive a security update, even if by doing so we
alienate the vendor and cause them to choose another kernel in future?
(other than sales numbers, which I don't have direct insight into, this is
not a hypothetical)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/ksummit-discuss/attachments/20160827/7f40f1a9/attachment-0001.html>
More information about the Ksummit-discuss
mailing list