Förderverein Informationstechnik und Gesellschaft

Quicker than you can say Hagebuttentee ...

SCO reveals 'stolen code'

Ancient code from before the dawn of Unix

By Rick Reroy: Friday 22 August 2003, 10:46

IF YOU'VE been having trouble keeping the latest developments in the SCO vs. Linux saga straight, here's a quick(ish) summary.


Quicker than you can say Hagebuttentee, Erich Bonnert from German publishers Heise whipped out his camera and photographed the slides, thus providing the Linux community with the first concrete examples of the alledged million-line larceny.

Open Source experts like Bruce Perens, his good friend Eric S. Raymond and Greg Lehey descended on the snippets, eager to tear apart SCO's attack on their beloved operating system.


After several revisions, and a set of text analyses worthy of the best of the Bible researchers a concensus seems to be emerging, at least on the Open Source side of the debate. The first example is a memory allocation routine from the somewhat obscure Itanic section of the Linux kernel, contributed by SGI.

According to these analyses, it's a version of an ancient piece of code, dating back to at least 1973, and published in a half dozen contexts and under just as many licenses, some of them Open Source. So far so good for the Linux community; unfortunately the DNA fingerprinting implies that it is a descendent of the version in SCO's proprietary System V Unix, a version that on the face of it can't be used for Open Source projects. Another sticky point is that the Copyright ownership is listed in the file in question as being SGI's, yet it's pretty clear that the Copyright belongs to SCO: Regardless of what Open Source license SCO licensed its code under, you can't normally delete someones Copyright notice and substitute your own.

So at the very least, SGI has some explaining to do. Perhaps it has the right to do what it wants with that code, perhaps it messed up.

And the Linux community? You would think that they would be rushing to remove the incriminating code, so that the upcoming Linux 2.6 release could at least be free of this "living fossil" of the software world. But as it turns out it was already removed because a) the copyright situtation was unclear and b) it wasn't very good code, and Linux already had some code that did the same thing and was better.

Whether this is an indication that one of the people who signed the NDA indirectly tipped off the kernel developers, or whether this is an indication that the thousand eyeballs of Linux kernel development tend to spot problems like this automatically is hard to say.