Re: Binary only module overview

From: Crispin Cowan (
Date: Tue Sep 25 2001 - 18:09:02 EST

Alan Cox wrote:

>>ever be permitted to be proprietary. Some feel that all LSM modules
>>should be OSD-compliant Open Source software, while others feel that LSM
>>should continue the existing Linux module policy of permitting
>>proprietary modules only if they do not require changes to the Linux
>>kernel (which would make them a derived work of the kernel).
>With the current lunatic US congress proposals on security, crypto and
>building big brother into all PC's I'd say allowing non GPL security modules
>is positively dangerous to the well being of non US citizens
Alan made a very interesting point in this post back in June that the Linux kernel is
all fundamentally GPL licensed. Because the kernel is a composite work
of many authors, and all that code was contributed under the GPL 2. It
would require the unanimous consent of all the copyright holders to
change the license.

That it is GPL licensed in turn has implications. One of them is that
you are not allowed to impose additional constraints on distribution:

    * Clause 4: "You may not copy, modify, sublicense, or distribute the
      Program except as expressly provided under this License."
    * Clause 6: "... You may not impose any further restrictions on the
      recipients' exercise of the rights granted herein."

Therefore, any additional constraints people may wish to impose, such as
Greg's comment in security.h, are invalid. When someone receives a copy
of the Linux kernel, the license is pure, vanilla GPL, with no funny

The question of whether proprietary (non-GPL) modules are permitted is a
matter of opinion. As Alan states in the June post above, Linus has
given his opinion (that binary modules are ok, so long as it doesn't
require kernel changes to run) but that is *only* Linus' opinion. Others
may have different opinions, but they are all just opinions until the
courts eventually rule on how the GPL is to be interpreted in this matter.

In light of all that, I propose that the LSM project take a strictly
neutral stance on the question of binary modules. LSM imposes no new
restrictions (which would be invalid anyway) and makes no judgment on
whether binary modules are appropriate. As such, we would replace Greg's
comment in security.h (and in all other LSM-specific files) with a
comment that says "Copyright 2001 <authors>, Licensed under the GPL. See
the Linux Kernels COPYING file for details."

How does that sound to folks?


[*] The singular exception is the rider that Linus prepended to the
Linux COPYING file, scoping what the GPL applies to. Presumably this
rider was added before multiple authors got involved. If you wanna
challenge Linus's exception and insist that all Linux applications are
GPL'd, that's another thread :-)

Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Security Hardened Linux Distribution:
Available for purchase:

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to More majordomo info at Please read the FAQ at

This archive was generated by hypermail 2b29 : Sun Sep 30 2001 - 21:00:38 EST