Linux development goes corporate

To ease policy-makers' concerns about potential legal and security trouble from agency use of the open-source Linux operating system, Linux kernel manager Andrew Morton recently told Senate staff members that most kernel modifications now come from corporations, not individuals.

The stereotypical Linux developer 'is a male computer geek writing code in his spare time in the basement, purely for love of his craft,' said Andrew Morton, whose role is maintaining the kernel in stable form. 'Such people were a significant force up until about five years ago.'

Now, however, most code fixes and improvements come from programmers who punch a corporate time clock.

Earlier this year, SCO Group Inc. of Lindon, Utah, sued several Unix vendors and asked the Energy Department, among others, to pay licensing fees for some of SCO's proprietary Unix code, which it argued had been incorporated into Linux source code. A few vendors paid up.

With Linux code coming from many sources, Morton said, users have asked how they can be certain some isn't an illegal copy'or that it doesn't have secret back doors.

Linux is an open-source project, Morton said, and anyone is free to submit changes to the core development team, which approves changes to the kernel. But though anyone can submit changes, rarely does good code come from just anyone, he said.

About 1,000 developers contribute changes on a regular basis. Of those 1,000, about 100 are paid to work on Linux by their employers, he said, and those 100 have contributed about 37,000 of the last 38,000 changes made to the OS. About half of the 37,000 accepted changes came from a core group of just 20 individuals.

Morton spoke at a recent Washington meeting sponsored by the Forum on Technology and Innovation, the Council on Competitiveness, Sen. John Ensign (R-Nev.) and Sen. Ron Wyden (D-Ore.).

Rarely does a significant change come from someone unknown to the core developers, he said. All submitted code is inspected, so it is unlikely a malicious function could be secretly embedded.

IBM Corp., Red Hat Inc., SGI and other companies that sell Linux products increasingly put their top programmers to work on Linux code, Morton said. In most cases, they split their time between in-house projects and work on the Linux kernel.

About the Author

Joab Jackson is the senior technology editor for Government Computer News.

Featured

  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/Shutterstock.com)

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.