On Sun 16/Jul/2017 17:17:21 +0200 Martin Read wrote: > On 16/07/17 12:47, Alessandro Vesely wrote: >> May I ask, in passing, why Debian (for packages like apt, say) as well as >> Linux >> did not switch to GPLv3? Would such switch ease enforcement? > > Switching a project over from GPLv2-only to GPLv3-only or GPLv3-or-later > requires either (a) the consent of all copyright holders who made non-trivial > contributions or (b) the wholesale replacement of all material written by the > non-consenting copyright holders.
Back to GRSecurity, which is our source of reality in this discussion, they complain that large corps use their product but fail to return revenues to the market. In an attempt to force payments, they withdraw GPL terms and step back to close-source EULA marketing. Except that they don't hold the kernel copyright. Hmm... Quite different from double licensing. One my wonder why GRSecurity is not (optionally) included in Linux. In fact, there are kernel features, such as trusted path execution (TPE) whose origin seems to be related to GRSecurity. Avoiding feature-creep is a perfectly legitimate reason to leave some other patches alone. That way, however, Linux lets particularly sensitive users experiment --and pay-- for the development of some patches, which may possibly be introduced in later kernel releases, according to their popularity. That's a well known pattern of development of closed-source stuff. How are free software developers supposed to go through it? I thought that GPLv3's section 7 "additional permissions" could ease such kind of mutual acknowledgments, but IANAL... Ale
