Andrew Stephen andrew.stephen at
Tue Sep 23 22:53:46 CEST 2008

On Wed, Sep 24, 2008 at 3:05 AM, Angus Ainslie <angus.ainslie at> wrote:
> On Mon, Sep 22, 2008 at 6:51 PM, Rod Whitby <rod at> wrote:
>> Didier Raboud wrote:
>> > Russell Hay wrote:
>> >
>> >> I'm assuming they're not intending to release the full code? Certainly
>> >> cant see any mentions of license or downloads on their site.
>> >
>> > Formally, they only have to release the source code to their buyers...
>> ... and then that buyer can release it publicly for everyone else under
>> the terms of the GPL.  Who's going to volunteer to buy one?
>> [In reality, I'm expecting they will make the source code available at
>> the same time they start shipping their first units.  A security testing
>> system without source code available for security review would not fly
>> with most people ...]
> So far they've either redirected or ignored my requests for their "custom
> kernel" changes.
> They also claim all of the source code for the security apps can be
> downloaded from their software page.

Their software page provides links to the upstream homepages.

This is not sufficient to comply with GPL requirements.  Under GPLv2,
and possibly GPL v3, you must distribute all source code yourself,
whether or not it has been modified.  You cannot rely solely upon
upstream source.

A quick look for references on the FSF website has not revealed the
relevant info, but this issue bit MEPIS back in 2006 and had
widespread media coverage:


More information about the community mailing list