SQLninja denial
Máirín Duffy
duffy at fedoraproject.org
Mon Nov 15 15:19:34 UTC 2010
On Mon, 2010-11-15 at 10:09 -0500, Eric "Sparks" Christensen wrote:
> > Do you use SQLninja for penetration testing? Had you heard of it before?
> > What penetration testing tools do you use? Is the language they use to
> > explain & advertise their tools similar to that used for SQLninja? How
> > do you find out about penetration testing tools? How many of the ones
> > you use are GPL?
>
> So the problem is that it can be used to hack into a system and isn't
> passive like Nessus (is this really passive?), nmap, telnet (the
> client), airsnort, and wireshark, just to name a few?
I asked a series of questions; I didn't assert anything.
> >> 2) Some board members appear to have raised legal concerns. However
> >> those were not made explicit in the minutes and it looks like there has
> >> not been an analysis or ruling from Fedora Legal. Before the board
> >> ruled, the add package request (bug #63402) was blocked on FE-LEGAL,
> >> but it looks like the board voted to deny the request before hearing
> >> from FE-LEGAL. Moreover, I cannot find any place where the legal
> >> concerns are articulated, let alone reference to particular statute or
> >> justification for a concern.
> >
> > I took the meeting minutes. Generally sensitive discussion is excluded
> > from meeting minutes.
>
> So are you saying this was a legal issue?
I am saying what I am saying.
~m
More information about the advisory-board
mailing list