In association with heise online

12 November 2009, 15:27

New Microsoft patent may put Linux security components at risk

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Microsoft has been granted a patent on a privilege escalation system which appears to cover the functionality of PolicyKit, which is used for fine grain authorisation on Ubuntu, Fedora, openSUSE and other Linux systems. The patent claims in 7,617,530 appear to be for system software which, when an application needs a higher privilege level, displays a graphical list of users with the privileges required to perform the task. Selecting one of the users and entering that user's password allows the task to be performed with that users privilege.

This behaviour is very similar to that of PolicyKit, with the only apparent difference being that PolicyKit requires applications to request privileges, whereas the 7,617,350 patent allows the operating system to block a privileged action and then offer the user a way to raise their privileges.

Reports that Microsoft had patented sudo, the privilege raising utility which is used by Linux, Unix and Mac OS X operating systems, appear to be incorrect. Microsoft were previously granted a patent on sudo-like functionality in 2004 with the patent 6,775,781. Microsoft has not, to date, brought any infringement cases based on this patent.

When evaluating a patent, it is worth remembering that a patent is not based upon its abstract, but on its claims, differentiated from prior art and other patents by the references cited in the patent. The references are are added by the patent's applicants and examiners.

In the 7,617,350 patent, the references cite the sudo manual pages, Debian manuals, KDE and GNOME utility documentation and various FAQs. The previous 6,775,781 patent is not referenced. As we have been unable to find any patent case where an infringement action was brought against items referenced in the patent itself, this would suggest that any hypothetical action against sudo and users of sudo would fail at the first hurdle.

Software patents such as this one would likely be invalidated or fail in court if the "machine or transformation" test was adopted. This is the test which is at the centre of the Bilski case which is currently before the US Supreme Court.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit