Slashdot Mirror

← Back to Stories (view on slashdot.org)

SCC Statement on SELinux Patent Issues

Posted by michael on from the patent-leather dept.

Hawke writes "Secure Computing has announced a Statement of Assurance that they will not use the patents in question to limit the availability of SELinux. They continue to say: 'However, Secure Computing does not extend the Assurance to software that merely interoperates with SELinux, or is merely included with a distribution of SELinux.'" The original story was here.

15 of 65 comments (clear)

  1. Re:This raises the important question: by tanveer1979 · · Score: 2, Interesting

    Well its pretty obvious
    "why do they release this statement?"
    If they dont ppl avoid SElinux,
    but now people wont really avoid it.. and once it becomes common they can actually hold ppl to ransom.

    This is called corporate skills. This is what is taught in a B'School. I have friends from B'school and they tell me ethics are passe do anything to get marketshare!

    So its pretty simple here, and i wont be using it unless those patens vanish *sigh*

    --
    My Aurora : http://www.youtube.com/watch?v=o91ZsGwJYyg
    FB : https://www.facebook.com/TanveersPhotography
  2. The MS'ian Loophole by Anonymous Coward · · Score: 3, Interesting

    The following paragraph totally voids the whole thing. It also would create a terribly dangerous submarine patent.

    ===
    No Third Party Restrictions.
    This Statement of Assurance is made by Secure
    Computing alone, and does not bind or obligate any other person or party. Secure
    Computing may license or otherwise transfer any or all of its rights in the Subject Patents,
    including the Subject Patent Rights, without any restriction or condition. The recipients
    of such rights are not bound by this Statement of Assurance, and may assert any rights
    acquired from Secure Computing without any limitation or restriction.

    ===

    If the patents are transfered, they can then be enforced. Any existing distributions and installations of SELinux will become subject to unilateraly imposed lisence and royalty fees imposed by a new owner.

    No way is this:
    "Our assurance is subject to certain limitations that we believe are consistent with the spirit of open source. "

  3. Re:Nooo.. by Tony+Hoyle · · Score: 3, Interesting

    Untrue. The GPL *requires* that the rights that it gives are passed on to all derived GPL code.

    This patent has directly overriden this. If I took the patented code and created a GPL app based on it I would be sued for patent infringement.

    They have only dropped royalties for SELinux, not apps derived from it.

  4. Re:Nor.... by rusty0101 · · Score: 4, Interesting

    In their Statment of Assurance, they specifically allow that they may license, sell or re-assign any or all rights to a third party, who is not and would not be bound by the Statement of Assurance.

    Basically this means that the parts of SELinux that they have a patent on, are free of licensing restrictions, so long as the distribution continues to be SELinux (you are free to modify it and re-distribute under the same name) and so long as they have not reassigned those rights on the patent to a third party.

    Forgive me if I seem a bit less than touched by the assurance, but this assurance seems to me to be exceedingly self serving, and no assurance of anything.

    -Rusty

    --
    You never know...
  5. Limiting the Availability of SELinux... by 3seas · · Score: 3, Interesting


    Seems to me they are confused. FreeSoftware supporters will limit their
    use of SELinux and that inturn will Limit ..... well let's just say they
    can expect limited use of it, regardless of what dillusions they speak.

  6. Re:Nor.... by anonymous+cowfart · · Score: 4, Interesting

    Last year in a show of how easy it was to disrupt and abuse the patent process by registering a common, every-day idea a Melbourne lawyer patented a "circular transportation facilitation device" with more info on the story here, here(pdf file), and here

    Obviously it's too easy to get things patented these days, especially in areas of high technology as few if any patent officer workers are well versed in the areas of technology. Most of the patent office stampers would have little inclination as to how an intigrated circuit works or if an item of software recently designed is any different or unique from any other piece of similar software.

    Sure, it's nice to be able to patent and protect your inventions and innovations, but when most of today's patent holders are larger corporations, it's hardly meant to protect the garage inventor anymore.

    --

    So I'm a pervert. Welcome to the Internet.
  7. Re:So they've effectively nullified the GPL? by thales · · Score: 3, Interesting
    "Patents directly nullify this - with SELinux I can't modify it and make my own distro, or take the good bits of the code and use it in my own GPL project... making SELinux essentially proprietary."

    Not entirely true. As long as SELinux refrains from enforcing the patent or collecting royalities you can make your own distro. The problem is you can do it today but there is nothing in the bogus statement that would prevent them from changing their minds tomorrow.

    The only way you and any people who use your distro or SELinux's distro would be safe is if they included a non exclusive license that insured royality free use and redistrubition rights. The statement clearly states they aren't licensing the Patents, so any redistrubition could be hazzardous to your finical health in the future.

    It dosen't seem to violate the letter of the GPL, but it makes a mockary of the spirit of the License, and I hope The FSF closes this loophole ASAP

    --
    Quemadmodum gladius neminem occidit, occidentis telum est
  8. Pantents by attobyte · · Score: 2, Interesting

    If a company releases the source to something that was patented under the GNU can the enforce it later?

    They licensed it to us to use as we see fit, just as long as we release the source, right?

    Mike

    --
    I didn't use the preview button, so get over it!!!!

    Mike

  9. Patents arent valid in all countries. by Anonymous Coward · · Score: 2, Interesting

    Are the patents valid anywhere except the US ?

    1. Re:Patents arent valid in all countries. by Tomah4wk · · Score: 4, Interesting

      Simple answer - No.

      The USA is the only country with such ill educated government officials

  10. Re:To sum up by Anonymous Coward · · Score: 4, Interesting

    So, let's see - an operating system produced by the NSA, with the threat of future patent claims on its core technology.

    Please don't start this again. Paranoia over the nation's most powerful spy agency aside, Security Enhanced Linux has introduced a myriad of useful security ideas into the Linux world. SELinux uses type enforcement and role-based access control to secure the operating system from the ground up; instead of relying on applications to perform their own security, SELinux ensures that programs only have access to the system resources that they SHOULD have, and nothing more.

    Furthermore, a presentation of SELinux by NSA officials at the 2.5 Linux Kernel Summit in March 2001 spurred Linus to propose an idea that has come to be the Linux Security Module, which will hopefully make it's way into the 2.5 kernel eventually. Under this system, and security module, not just SELinux, can be quickly loaded into the Linux kernel to provide whatever kind of security the user desires.

    The fact that SCC has issued this statement, however cryptic, is a huge step in the right direction for the Linux world, and perhaps the entire UNIX world. It ensures the current development of SELinux by the NSA and its contributers, and allows Linux users to employ one of the more secure operating system implementations out there.

    The National Security Agency has been making good strides towards making better public relations, and SELinux would appear to be a good weapon in giving them a better public image. If still paranoid, just download the source and view it yourself; it's not huge, and it's very clean-cut and understandable.

  11. Re:How is this legal? by Hoxworth · · Score: 3, Interesting
    SELinux is not a distribution; it is rather a series of patches and utilities to the Red Hat 7.2 distribution. The National Security Agency cleary states that certain sections of the patches may or may not fall under the terms and conditions of the GPL, as shown by the following statement from the NSA SELinux website:
    "All source code found on this site is released under the same terms and conditions as the original sources. For example, the patches to the Linux kernel, patches to many existing utilities, and new programs and libraries available here are released under the terms and conditions of the GNU General Public License (GPL). The patches to some existing utilities and libraries available here are released under the terms and conditions of the BSD license."
    SELinux uses the idea of Type Enforcement, which is patented by SCC. This is one area that would not fall under the GPL, but SCC is deciding to ignore that fact for the time being.
  12. Re:hrmm their statement has a typo in the patent by Phurd+Phlegm · · Score: 2, Interesting
    It doesn't exist in any of the searches I made .... maybe I made a mistake.

    Someone made a mistake, but it wasn't you. The right number is 4621321. I wonder if the mistake was intentional, so they could later enforce that patent and claim they're still in compliance with their statement. That doesn't make much sense, but I guess it isn't impossible.

  13. Re:Nor.... by Alan+Cox · · Score: 5, Interesting

    Its actually useless. It allows them to sell it to a friend, sue everyone and buy their patent back one afternoon. The exemption excludes authorizing applicaitons or protocols (ie everything NSALinux does)

    Utterly cynical. However it demonstrates how bad the US patent problem is. Even the NSA, the US ultimate investigative and spook agency can't get patent stuff sane. So now the US government has written a security system that only foreign governments can profit from due to bad USSA law and poor planning.

    Its a pity Americans don't understand irony...

  14. That is why you have to read contracts by Anonymous Coward · · Score: 1, Interesting

    There is what RMS intended, what people think he intended, and what he actually wrote. The three do not always meet. (The second one most often disagrees with the other two.)

    RMS wrote the license. Having written it, he is free to state how he interprets what he wrote. Barring courts ruling on it, his interpretations have considerable weight. But only if they are reasonable as interpretations of what he wrote. For him to say that his license says what it does not (that a patent licensed for GPLed use has to be licensed for anyone's use) would be a lie and useless.

    That said, the question becomes whether he disagrees with his license, and whether either of them disagree with your understanding of what he meant. I submit that he agrees with his license. The freedom to write GPLed versions of software - which can then become available for anyone's free use - is exactly what he wants to encourage. Your inability to write software that denies others their freedom to use it doesn't matter to him.

    Remember. The GPL is designed to encourage widespread use of the GPL, which in turn is meant to push RMS' social philosophy. It is coincidentally useful for a lot of people who disagree with RMS' beliefs. But the fact that it does not satisfy those people in all the ways that they would like to be satisfied is not a failing of the GPL, and is not a problem for RMS.