| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <30949.1314813081@turing-police.cc.vt.edu>
Date: Wed, 31 Aug 2011 13:51:21 -0400
From: Valdis.Kletnieks@...edu
To: root <root_@...ertel.com.ar>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: INSECT Pro - Free tool for pentest - New
version release 2.7
On Wed, 31 Aug 2011 14:34:58 -0300, root said:
> That file is under the msf3 tree, if Insect pro is violating GPL,
> Metasploit is also doing it (and everything including it, like 80% of
> security frameworks out there), remember MSF is BSD licensed.
And even the top-level Metasploit HACKING says:
By submitting code contributions to the Metasploit Project it is
assumed that you are offering your code under a BSD or similar
license. MIT and Ruby Licenses are also fine. We specifically cannot
include GPL code. LGPL code is accepted on a case by case basis for
libraries only and is never accepted for modules.
But it's murkier than that - looking at external/source/tightvnc/README shows
that it includes code from Dave ZImmerman and Jef Poskanzer, with licencing
that I'm not immediately convinced is GPL-compatible. So Metasploit may be
invalidly including GPL code that itself is invalidly including non-GPL code.
I'm gonna go make some popcorn. :)
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists