[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    Re: [Full-disclosure] INSECT Pro - Free tool for pentest - New
From:       Valdis.Kletnieks () vt ! edu
Date:       2011-08-31 17:51:21
Message-ID: 30949.1314813081 () turing-police ! cc ! vt ! edu
[Download RAW message or body]

[Attachment #2 (multipart/signed)]


On Wed, 31 Aug 2011 14:34:58 -0300, root said:

> That file is under the msf3 tree, if Insect pro is violating GPL,
> Metasploit is also doing it (and everything including it, like 80% of
> security frameworks out there), remember MSF is BSD licensed.

And even the top-level Metasploit HACKING says:

   By submitting code contributions to the Metasploit Project it is
   assumed that you are offering your code under a BSD or similar
   license.  MIT and Ruby Licenses are also fine.  We specifically cannot
   include GPL code. LGPL code is accepted on a case by case basis for
   libraries only and is never accepted for modules.

But it's murkier than that - looking at external/source/tightvnc/README shows
that it includes code from Dave ZImmerman and Jef Poskanzer, with licencing
that I'm not immediately convinced is GPL-compatible. So Metasploit may be
invalidly including GPL code that itself is invalidly including non-GPL code.

I'm gonna go make some popcorn. :)



[Attachment #5 (application/pgp-signature)]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[prev in list] [next in list] [prev in thread] [next in thread]