One would think that when a company’s proprietary source code leaks out to the public, an organizational crises might ensue in which the company attempts to trace the leaker, repair any damages that may or may not have occurred, and prepare the PR team to handle “damage control.” According to Ars Technica, this has not been the case for Oracle, whose Oracle's Solaris 11 source code has been unintentionally released.

Sean Gallagher writes that Oracle has done nothing as of yet to address the leak, and the question remains as to whether a disgruntled employee released the code, or if “this is the strangest open-source code-drop in history.”

From Ars Technica: First flagged on December 19 by an anonymous poster to the forums of the Linux tech site Phoronix, the 108MB tarball appears to contain most or all of the source for the kernel of Solaris 11, based on our review of the code. While the majority of the code in the archive is marked with the licensing header for the Common Development and Distribution License, there is also a significant amount of code and makefiles covered by Oracle and other companies' copyrights that did not carry the CDDL, as well as older code bearing Sun Microsystem's copyright in a directory of the archive named "closed."

That proprietary code includes the source for Solaris' kernel-level cryptographic framework daemon, logical link control driver, and code for mounting NFS filesystems. A significant portion of the code in "closed," however, also carried the CDDL header; it's not clear if Oracle intended to make this previously open code closed or not.

The code drop is being given a wide berth by developers associated with two of the open development projects that have forked from OpenSolaris, the open-source kernel effort that contributed much of the new technology in Solaris 11. Oracle essentially killed the OpenSolaris project after its acquisition of Sun. Developers on the OpenIndiana discussion group were concerned about whether it was safe to even look at code marked with the CDDL license because of the nature of the release; some believed it was potentially harmful to the open-source community because it presented the possibility of future legal claims by Oracle over intellectual property against open-source versions of the kernel that resembled the copyrighted code.

The article also states that legal issues could arise if a developer were to use this leaked code, because even though the code was once apart of the open-sourced OpenSolaris (killed by Oracle as a result of the company’s acquisition of Sun Microsystems), “Oracle has not issued an official code drop of changes it made to the CDDL code subsequent to the euthanization of OpenSolaris.”