On Aug 27, 2016 6:49 PM, "Linus Torvalds" <torvalds@linux-foundation.org> wrote:
>
> On Sat, Aug 27, 2016 at 4:30 PM, Matthew Garrett <mjg59@coreos.com> wrote:
> >
> > Can you clarify whether or not you believe that source availability for
> > owners of devices that run Linux (even if the vendor chooses not to
> > participate upstream) is something you consider to be good for the project?
>
> That question makes no sense.
>
> Without an actual case, and without being able to judge the upsides
> *AND* downsides, your question is just silly.

OK. A vendor sells 500,000 network-connected devices running a version of Linux that has a vulnerability in the network driver that's discovered a year later. The hardware is custom, they refuse to release source, and they've discontinued the product line, so nobody else is able to fix it. Is it acceptable to engage in litigation in order to ensure that owners of these devices can receive a security update, even if by doing so we alienate the vendor and cause them to choose another kernel in future?

(other than sales numbers, which I don't have direct insight into, this is not a hypothetical)