| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <15912.1317931412@turing-police.cc.vt.edu>
Date: Thu, 06 Oct 2011 16:03:32 -0400
From: Valdis.Kletnieks@...edu
To: secn3t@...il.com
Cc: full-disclosure@...ts.grok.org.uk, Juan Sacco <juansacco@...il.com>
Subject: Re: New open source Security Framework
On Fri, 07 Oct 2011 06:36:51 +1100, xD 0x41 said:
> I am still abit worried though, of the actual NON free prouct, and then,
> what if you add to that, and he adds it to his paid-fopr app, or worse,
> doesnt even put it into the exploit-pack but, rather puts it into ONLY the
> paid product.
One of the good things about the GPL (as opposed to the BSD license), is that
you *can't* take GPL code private - if he's adding it to the proprietary app
and shipping the result under a non-GPL license, he's in violation of the GPL
and could end up in court. A lot of embedded hardware people have gotten
into trouble that way. The *vast* majority have cleaned up their act and complied
with the GPL requirements by either removing the GPL code or releasing source
as required by the GPL. A few have been silly enough to let it get to court,
and have universally been handed their butts by the judge.
http://www.gpl-violations.org/
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists