[Dshield] Remote incident handling tool

Valdis.Kletnieks@vt.edu Valdis.Kletnieks at vt.edu
Thu Dec 1 17:27:52 GMT 2005


On Thu, 01 Dec 2005 04:04:14 PST, Mark said:

> If this is a "for profit" effort, you may want to
> check the license on the distros before going forward
> - e.g. GPL. If the distro is released under GPL you
> may want to take a hard look at how it would be used.

Actually, the GPL doesn't care *how* a GPL'ed package is used:

"Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope.  The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does."

(the part about "work based on the program" is intended for programs like
bison/yacc, where the program generates code that is itself a derivative
work, since it needs the program libraries in order to actually function).

The GPL only matters when you start making *copies* and distributing them.  And
even *there*, if you're using the program unmodified, all you need to do is
remember "grab the source when you grab the binary, and pass along both source
and binary".  If you modified it, you pass along the binary and the source *as
you modified it*.  The only way to actually get yourself into trouble is to use
GPL source in your product, and then refuse to ship the required sources on
request (you don't even have to ship it *with* the product).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20051201/f63d8746/attachment.bin


More information about the list mailing list