Proposed legal guidelines change re "illegal" packages
Ricky Zhou
ricky at fedoraproject.org
Thu Nov 11 23:58:23 UTC 2010
On 2010-11-11 03:45:43 PM, Mike McGrath wrote:
> Sure there's a difference between using 'normal' software improperly.
> But if left up to a jury, of which probably none has a clue what the likes
> of nmap or sql even are, would you let them decide if you, Behdad
> Esfahbod, should be held to legal and financial damages should someone
> misuse that software?
>
> Because that's what people are asking Red Hat to do. And yes, there is
> certainly some very not-illegal uses for sqlninja. But would you be
> willing to sit in a court room, with your money sitting on the chair next
> to you, while some high paid prosecutor tries to get it by showing a jury
> the huge lettering on their website that says:
>
> "SQLNINJA ... a SQL Server injection & takeover tool" -
> http://sqlninja.sourceforge.net/
>
> I'm just saying this one doesn't seem as clean cut to me as it did when I
> first heard it.
I'd really like to have some more solid idea of the risk of something
like this actually happening to the distributor of a package before
deciding that we need to reject the package. Is it really a serious
legal threat that the Linux distro used to perform an attack would get
in trouble for carrying this package, despite the valid legal uses of
the software?
Thanks,
Ricky
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/advisory-board/attachments/20101111/7349307f/attachment.bin
More information about the advisory-board
mailing list