>No religious objection. The problem for me with GPLv3 is that it is not compatible with (privately) signed code. If it is possible to run unsigned code on my appliance then my proprietary code would not be secure, putting the entire business in jeopardy. If you can square this circle then I'd love to use it.
Your code is still under the full protection of the law. And no signing mechanism will prevent a competitor from simply dumping the flash and reading your code off there, if they really want to - if anything this is probably easier than running their own code on the system. So I don't see what using the GPLv3 changes.
If you're really paranoid, how about running samba in a chroot/jail/etc. where it has access to the data files it needs to serve/store, but not your code? (Your code can operate on the same data from outside the chroot). As long as you make it possible for the user to upgrade samba (which should be fine - you don't care what code runs inside this chroot, because it only has access to the same files the user could access via samba anyway, so the samba that runs in the chroot doesn't have to be signed) you're compliant with the GPL but haven't exposed the rest of your system.
If it is a straight rip-off then the law should protect (at least in the west), but if it were just used (for learning or adapting from) then it could be exceedingly hard to prove or even know about. I suppose what I would be most worried about is if it were leaked such that anyone could use it on any platform without paying. Who would buy an apple TV if you could run it off your raspberry pi? (I know the analogy doesn't quite work-- aTV is decent value as hardware-- but as a start up I will have higher costs so higher prices).
>flash dump
This is why you encrypt the private data on your flash :) Decryption codes can be stored in the processor (it's been a while since I looked at the system- I'll have to look again, but it seemed solid). So that means they'd have to either de-solder the RAM while somehow keeping it freezing cold too, or use an electron microscope or something on the CPU. If they are that capable then I'm sure they could just rewrite the code themselves without my 'help'. I'm not sure how much security compilation would offer, and if the details of that matter, that's something I should look into further. But the above seems pretty solid AFAICT.
>samba in a chroot/jail/etc
Thanks! This is a great idea. IIRC it is possible to break out of a chroot, but (IIRC again) not BSD jails.. so that could be a great option down the line if I am able to use BSD. It adds a fair amount of complexity legally (although it seems sound at first thought) and technically though (can they be hacked?), so perhaps one for later.
Your code is still under the full protection of the law. And no signing mechanism will prevent a competitor from simply dumping the flash and reading your code off there, if they really want to - if anything this is probably easier than running their own code on the system. So I don't see what using the GPLv3 changes.
If you're really paranoid, how about running samba in a chroot/jail/etc. where it has access to the data files it needs to serve/store, but not your code? (Your code can operate on the same data from outside the chroot). As long as you make it possible for the user to upgrade samba (which should be fine - you don't care what code runs inside this chroot, because it only has access to the same files the user could access via samba anyway, so the samba that runs in the chroot doesn't have to be signed) you're compliant with the GPL but haven't exposed the rest of your system.