[personal profile] mjg59
The Linux Foundation is an industry organisation dedicated to promoting, protecting and standardising Linux and open source software[1]. The majority of its board is chosen by the member companies - 10 by platinum members (platinum membership costs $500,000 a year), 3 by gold members (gold membership costs $100,000 a year) and 1 by silver members (silver membership costs between $5,000 and $20,000 a year, depending on company size). Up until recently individual members ($99 a year) could also elect two board members, allowing for community perspectives to be represented at the board level.

As of last Friday, this is no longer true. The by-laws were amended to drop the clause that permitted individual members to elect any directors. Section 3.3(a) now says that no affiliate members may be involved in the election of directors, and section 5.3(d) still permits at-large directors but does not require them[2]. The old version of the bylaws are here - the only non-whitespace differences are in sections 3.3(a) and 5.3(d).

These changes all happened shortly after Karen Sandler announced that she planned to stand for the Linux Foundation board during a presentation last September. A short time later, the "Individual membership" program was quietly renamed to the "Individual supporter" program and the promised benefit of being allowed to stand for and participate in board elections was dropped (compare the old page to the new one). Karen is the executive director of the Software Freedom Conservancy, an organisation involved in the vitally important work of GPL enforcement. The Linux Foundation has historically been less than enthusiastic about GPL enforcement, and the SFC is funding a lawsuit against one of the Foundation's members for violating the terms of the GPL. The timing may be coincidental, but it certainly looks like the Linux Foundation was willing to throw out any semblance of community representation just to ensure that there was no risk of someone in favour of GPL enforcement ending up on their board.

Much of the code in Linux is written by employees paid to do this work, but significant parts of both Linux and the huge range of software that it depends on are written by community members who now have no representation in the Linux Foundation. Ignoring them makes it look like the Linux Foundation is interested only in promoting, protecting and standardising Linux and open source software if doing so benefits their corporate membership rather than the community as a whole. This isn't a positive step.

[1] Article II of the bylaws
[2] Other than in the case of the TAB representative, an individual chosen by a board elected via in-person voting at a conference

Re: Not surprising

Date: 2016-04-23 01:31 am (UTC)
From: (Anonymous)
You know the things you say make a lot of sense. You are writing it as a criticism, and I'm like "hey not a bad idea at all".

I think you misinterpret people wanting a "back-door". They don't want a back-door, they want a user to be able to install his own software, mostly. Or, they want there to be an intermediate between administrator (root) and regular user, but in Linux land this is a deep schism. This is a wide gap, and enormous split.

You should for fun write a little small script to list all files owned by the various users/groups in your system. You will find that 99% of all files not created by or for a user (ie. user home directory) are all owned by root and virtually nothing else. The files not owned by root, you can count them on about 2 hands.

Unless you have something specific such as www-data or something of the kind.

Just loop through /etc/passwd or /etc/group and do a find for that user or group across the filesystem ex. boundaries (normally) using -xdev.

It might surprise you, just like seeing earth from space (they way they report that).

The thing you mention here is a very valid concern. A true backdoor, of course, would not be. I bicker about constantly about being able to do stuff without being root. I hate having to be root as much as I do. You cannot even normally specify the target for some logging (using syslog) without being root. Doing something as non-root is so unusual that you rather avoid having to choose that. And I can understand that someone might want that.

But that's not, that's nothing like the idiocy that we see today in mostly systemd. That rhymes.


Matthew Garrett

About Matthew

Power management, mobile and firmware developer on Linux. Security developer at Google. Ex-biologist. @mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer.

Page Summary

Expand Cut Tags

No cut tags