Slashdot Mirror
Microsoft Patents sudo
Jimmy O Regan writes "Justin Mason (of SpamAssassin fame) has this blog entry: US Patent 6,775,781, filed by Microsoft, is a patent on the concept of 'a process configured to run under an administrative privilege level' which, based on authorization information 'in a data store', may perform actions at administrative privilege on behalf of a 'user process'."
So, I guess the prior art will be easy to show... right?
5468652047616D65
So SU me!
Probably redundant by now.
So of course this is completely unenforcable...I wonder if they'll even try. What is the process to go about for getting this patent revoked?
man sudo >/dev/uspto
Wouldn't this patent also cover setuid, as that's a way you can have an app run under superuser privs for a regular user?
I don't think I've seen a true unprivileged user under an M$ system yet. Everyone is talking about previous art, which is definitly around, but I'd say make M$ prove they actually understand sudo before you start complaining about "I saw it first."
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
In reading the patent, it does look pretty obvious that it's doing what SUDO is doing... I think this should be blown up with little effort.
Is there any penalty for filing patents for which you KNOW prior art exists? If not, there definitely should be.
-- "A chicken is an egg's way of making another egg."
US Patent 6,775,786 : Filed by Microsoft : The concept of clicking a mouse button to perform a task.
Closely followed by...
US Patent 6,775,787 : Filed by Microsoft : The concept of intercourse to procreate.
Seriously, what is the world coming to. Corporates such as Microsoft should not be allowed to patent bogus things like this.
This is truly Capitalism at it's worst...what power have the US given these people!?
No, sudo asks for the password of the currently running user, and then if correct, checks a data store - /etc/sudoers - to see if that user is allowed to use sudo, and only then runs the administrative command. The root logon is not involved; it's actually disabled on some of my boxes.
I can see missing prior work as prior art. But missing the famous setuid patent seems just silly.
http://www.sudo.ws/sudo/history.html
Prior art.
I'm not going to put it off anymore, I have an amazing idea and I'm off to patent it. Its a web based front end for system updates, see, it scans the system to determine what updates are needed, then only presents them to the user in such a way that they can see what updates are critical and which are just general enhancements. I'm going to make a mint.
"I use a Mac because I'm just better than you are."
" the concept of 'a process configured to run under an administrative privilege level' which, based on authorization information 'in a data store', may perform actions at administrative privilege on behalf of a 'user process'."
Hell, that sounds like Klez!
Everyone will start to cheer when you put on your sailin' shoes.
msudo
Unix, an obscure operating system developed by bored researchers in an attempt to get a better game playing experience.
The American patent system is so out of control, it's unbelievable. The companies that abuse the overworked, underqualified patent office to stack up dubious patents for future ammunition against competitors ought to be sanctioned!
;)
I don't have words to express how angry this IP grab makes me - and I'm not even an American! Did the Patent Office do any looking into prior art in this case at ALL?
Whose brilliant idea was it to give corporations the same legal rights as an individual? I wonder if this kind of crap would happen if only individual inventors could apply for patents, whether or not they were funded by a company that paid for their research. Hell, make it illegal for companies to defend patents or fund the defense of their employees' patents - make it up to the inventor to go to court and defend themselves! Jail time if prior art is found!
Research would still get funded, but only for the purpose of improving products, not for expansion of intellectual property portfolios.
IANAL (obviously), I know these are probably stupid suggestions, but damn it, we need some extreme methods to match the extreme opportunism shown by these companies. Anyone else have other pie-in-the-sky, impractical ideas for changing the US patent system?
Companies are getting rich by stealing the future inventions of people with these generic fucking patents. What are the odds that those who invented the patenting process actually envisioned it being twisted around and allowing people to patent ideas, and concepts, the like of which they themselves have no idea how to achieve.
The idea of a patent is, or at least should be, to patent an invention. Not some task or distant goal which you can imagine some day being achieved, but are unable to currently achieve yourself.
Imagine if Ford had been able to patent the automile in generic enough terms so that any motorized land vehicle was covered... Where would we be today Wine makers had patented the fermentation process before beer had existed?
IMHO, patents should be for very specific inventions, and processes, which you have invented, and can accurately demonstrate at the time of patent request, and which of course didn't exist in it's current form prior to your invention
The computer industry, and it's money sucking lawyers have been allowed to chisel away at the wording and verbiage of the patent laws to such an extent that you are now able to patent just about any idea/concept someone may have down the road. Just think about the stifling of innovation if those science fiction writers of the 50's had patented all that they foresaw.
What makes me mad is that no one has yet come forward and shown prior artwork for a patent on lawyer wielding companies who make their money by exploiting the ideas and innovations of others through a series of generic and vaguely worded patents and threats. Perhaps then this whole mess would disapear.
i'm sure 20 years ago ibm's dos/vse, vm and mvs used to do this to allow an ordinary user to run one program which required the services of another so could invoke the other program to run with elevated priviledges. the priviledges were associated with the program not the user.
sudo - through the use of it's data-store the "sudoers" file, can be configured multiple ways.
#1 - To require the "root" password.
#2 - To require the password of the userid that the user is running as.
#4 - To require the password of the userid the user wishes to switch to.
#5 - To not require any password at all.
When not requiring a password, it can be configured by the userid, or the command that is being run.
All in all, it's very configurable, and definately fits the prior art criteria.
Who is general failure, and why is he reading my hard drive?
$ sudo mount -t vfat /dev/hdd1 /mnt/win1
Instant patent violation!
Actually, double patent violation: FAT and sudo.
Now pull down your pants, bend over and prepare to meet my lawyers.
-- Signed: Bill Gates
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
It's a pseudo-patent.
thanks, I'll be here all week....
I think MS has prior art on this one. Their programs have been executing at a higher than normal privilage level for awhile.
Personally I hope the Patent office continues granting MS patents that have such prior art ---- two things will happen -- 1) it makes the patent office look to be a joke and can be used in court against patents in general and 2) makes MS look to be even more a fool seeings how they really should know better then to file such patent applications for such prior art stuff in software...
Although it's easy to view this patent as a frivolous innovation that will probably be overturned (eventually) if MS chooses to pursue action against competitors, the danger is in the precedent that is continually being set by the USPTO. By failing to adequately examine the concepts behing these obvious patents (eg, running a process authorized by root, single/double/triple clicking a mouse, etc.), our patent system is perverted into one where the burden falls on new inventors to prove that their innovations do not infringe on patents, rather then a system where the burden falls on patent-holders to prove that their IP has been infringed upon.
This strategy may work in the US, where we can simply put the inventor^h^h^h^h^h criminals in jail (note that the US already has among the highest incarcerated population %-ages), but it probably won't hold up well against the rest of the world, especially the parts that don't think the USPTO is the last word. Unless we can start to incarcerate a larger percentage of the world's population for infringing on US IP, this strategy may not prove to be sustainable.
Perhaps corporate sponsorship of prisons facilities would help make this strategy a winner...
My theory is that Microsoft is patenting all these things so they can use it as part of a marketing campaign to PHBs when Longhorn comes out. Something to the effect of, "Why take the risk of running Linux when we own the patents on everything they use?" I know a few people it would convince pretty easily... Tis all FUD.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
A friend and I resolved a while back that we should file a patent for A protocol for expansion of the human race, and essentially describe the process of sexual intercourse in extremely vague terms.
After taking over all the porn sites in the world, we could start suing parents across the nation.
In fact, you should really just give me $699 today if you plan on having sex any time soon. The license is good for a whole year! (But only for one partner.)
________________________________________________
suwain_2
It's an old news, but I wonder have slashdot crowd found out this patent:
P TO2&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch- bool.html&r=1&f=G&l=50&co1=AND&d=PG01&s1=200301895 97&OS=20030189597&RS=20030189597
http://appft1.uspto.gov/netacgi/nph-Parser?Sect1=
The most interesting part is the images. There you can actually see the Gnome logo. (There is an extra karma bunus for the first who find the KDE logo;)
So Microsoft have already begun patenting Linux.
It is true that M$ cannot buy GPL code, but it can buy the coders.
Now, guess what will happen after the fiaSCO is over.
And people say MSFT doesn't invest in R&D. Brilliant!
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
HELLO? When was FAT patented...NEVER. Microsoft didn't even invent fat. Please think before you post.
Ignorant people shouldn't yak.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
I don't think there's an out this time. Usually, when you get posts saying "Microsoft patents clicking!!" there's usually something in the patent that says "clicking on an icon by using a joystick, underwater, over the internet" or something ridiculous that means the patent doesn't have prior art, but the idea itself does, and will probably be used to try and stretch the patent as far as the courts will let it.
But this time, it looks like they are doing exactly what sudoes. Maybe finally all the anti-Slashdot-stereotype trolls will be wrong.
Here's my read:
CLAIMS:
1. Processing a request from a non-admin user to do admin tasks. check.
2. Determining if the user can do such a request. Check.
3. Checking a data source to do #2. Check. (etc/passwd, others)
4. Checking a data source to see which one of many admin tasks the user can do. This might be a bit iffy, because I'm not incredibly familiar with sudo. I would assume it's possible to restrict the usage of sudo for different tasks, and if so, Check.
5. Multiple users. Check.
6. Groups. Check.
7. Using it for Methods. I think the Linux kernel might allow only certain system calls to be done by an administrator. If so, check.
8. Groups for #7. Check-maybe.
9,10. Combining classes and methods. Here it seems they get really specific, and it doesn't look like they define "class" or "method." Maybe.
11-13. Passwords. Check.
14-23. A computer to do the above. Check.
24-34. A security framework to do the above. Check.
35-49. Doing it over a network. Check. Now, here, a network seems to involve "hyperlinked documents creating a user interface." Certainly this idea is older than 2000. Check.
50-62. Again, having a computer to do 1-49.
63-end. Yeesh. Having a computer to do everything from 1-62. I guess they are covering every single combination.
So there's the claims. There's nothing in there that sudo really doesn't do, because I think the vauge language MS is using can be applied to a lot of different methods of unix-style security.
So who's going to care? No one, especially not at the Patent Office.
--Stephen
Did you ever notice that *nix doesn't even cover Linux?
I get the feeling more and more that Microsoft is doing something like this:
Manager 1: Wow! They accepted that patent! The USPTO is crazy! Even with a year or so of prior art!
Manager 2: Yeah, no kidding!
Manager 1: Let's try this one next. It's got 3 years prior art.
Manager 2: Wow! They accepted that one too! What morons!
Manager 1: Man...let's see just how crazy we can get here...let's go with 20 years prior art, and see if the dopes accept it!
Manager 2: LOL HAHA ROFLMAO! They took it! What planet do these guys live on?!?!
"City hall" in German is "Rathaus" Kinda explains a few things......
It would probably read more like:
But specifically, they'd be patenting C:\> .
End of Line.
What an auspicious start. Maybe M$ will decide to patent some of the new features.
If the summary is correct, sudo doesn't count.
At least, normal sudo use doesn't count.
This looks more like a daemon that will accept
commands to run. With sudo, you don't have a
privileged process performing actions on behalf
of a user process. It's a privileged process all
by itself, plain and simple.
Maybe xcdroast+cdrecord would count, if cdrecord
is setuid and xcdroast is not. That's key. You
have to have two processes, one of which is not
privileged. Knowing the way Windows would likely
do things though, a daemon may be required.
M1: Alright, pay up.
M2: I can't believe this. (pays)
M3: Hey guys, 3 to 1 odds I don't get the patent on the 'long rectangular button which inserts a space character when pressed'. Who's in?
M1: $50 you don't get it.
M2: $200 for.
Error 404 - Sig Not Found
Microsoft: hello I want to fill a patent request...
...but don't you first want to...
...well but there's this thing called prior...
Patent office employee: ok, granted!
Microsoft:
Patent office employee: NO NO NO I said granted!!
Microsoft:
Patent office employee: I SAID GRANTED!!
Microsoft: yeah but there was another pate...
Patent oggice employee: KNOCK IT OFF ALREADY!!! GRANTED YOU BIG-POCKET COMPANY!!!
That's not what su or sudo do (say that five times fast). They use no separate root process waiting to receive and proxy privileged calls.
The patent specifically says that the request comes from a non-root user and goes to a root process; that the data sent across particularly describes an OS call and its arguments; and that the root process makes that precise call on behalf of the user.
Now, I'm not going to claim that no one has ever done this in the history of the universe. But it's not what sudo does, and the RPC based utilities that I can think of don't fit this exact pattern.
A bunch of comments here are exclaiming that
1) This patent is identical to sudo! Prior art!
2) Microsoft will use its patent on sudo to attack Linux.
Obviously both statements cannot be true. If Microsoft ever attempted to enforce this patent on distributors & users of sudo or a sudo-like device, they would have no case. They would have proven that the patent is invalid, because the product that they are attempting to block is considerably older than the patent.
1) This is like sudo, but different enough to merit a patent.
2) Microsoft will never attempt to enforce this patent on something that is older than the patent.
And I don't even have to read the patent. Keep in mind that "different enough to merit a patent" is barely different at all. Even the dumbest programmer does 200 patentable things per day. If you're the first person to do any of them, you can file. If you're the second person to do any of them, you're liable. That's the problem, not that Microsoft has gotten away with patenting some existing feature of Unix (and Windows, for that matter).
There are no trails. There are no trees out here.
Wondering.
This "prior Art" of which everyone is speaking.
Would it apply to a full-form patent application posted publicly?
Meaning, if I present here the idea of a type of list-browsing method where the user is presented with newest added or scanned items inserted into the next selected cursor position in an updateable or actively updating list as they browse arbitrarily sorted or ordered items or values, that this declaration itself constitutes prior art (if, theoretically, the language was legally sound)?
Even if it's not prior art it's still a good idea huh?
I digress.
Is the concept of an "open patent" even applicable legally? I hope so, because I have some ideas that I would like to open up (and I have the feeling i'm not the only one).
It would be great, having this huge database of ideas that any designer or engineer could feel free to impliment or incorporate or merely look into for inspiration.
Competition is good in practice, but cooperation is better in play.
Ugly and insecure I know but my choices were to get off my ass every time the server bogged (not bloody likely), give every bozo with enough rank to work overtime for free admin and show them how (even less likely, I'd quit first) or implement an ugly kludge that could screw things up royal if used by morons.
I also realize upgrading to a OS that did'nt leak memory in it's network service was a long term option.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
ssh allows (via authorized_keys) to execute selective remote/local actions by certain authenticated entities. And it is all highly configurable:
- who can execute remote (or local) commands
- what operations (commands) can be executed
- using what privileges (via setuid/setgid bits and command owner/group)
And since the agent (sshd) is a permanently running process, there's really nothing new in this patent as decribed.Am I missing something?
It really angers me that anyone should get patents on such an obvious thing.. how in the world can the USPTO possibly pretend to know that no one in the world of software has ever done this before? Software differs from making airliner parts, in that anyone with a computer has all the pieces required to produce any piece of software they can think of. There have been probably millions of programs written over the last 50 years, and since software wasn't considered patentable during the vast majority of that time, there's an enormous corpus of prior art that should rightfully be extremely difficult to discount.
When the average cost of patent litigation is on the order of $3 million dollars, it's way too much to Microsoft's advantage (yes, even taking the Eolas patent into account) for the USPTO to allow any but the most extremely novel software patents to be granted.
Gah!
- jon
Ganymede, a GPL'ed metadirectory for UNIX
So, I guess the prior art will be easy to show... right?
Absolutely,
however, if you want the prior art to have any legal meaning, you will have to affort a costly legal process with the evil empire's lawyers.
You see, it doesn't matter so much who is *right* any more. It costs a awful lot of money just to have your case heard.
echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc
Software patents are turning the USPO into a laughing stock. I can understand the USPO not being able to thoroughly examine patents for some esoteric science. Sudo is not an esoteric science. If the USPO is going to issue software patents they should have somebody who knows something about software. This sort of patent should have been caught by anybody who has any knowlege of Unix-like operating systems.