On 2010-11-11 03:45:43 PM, Mike McGrath wrote: > Sure there's a difference between using 'normal' software improperly. > But if left up to a jury, of which probably none has a clue what the likes > of nmap or sql even are, would you let them decide if you, Behdad > Esfahbod, should be held to legal and financial damages should someone > misuse that software? > > Because that's what people are asking Red Hat to do. And yes, there is > certainly some very not-illegal uses for sqlninja. But would you be > willing to sit in a court room, with your money sitting on the chair next > to you, while some high paid prosecutor tries to get it by showing a jury > the huge lettering on their website that says: > > "SQLNINJA ... a SQL Server injection & takeover tool" - > http://sqlninja.sourceforge.net/ > > I'm just saying this one doesn't seem as clean cut to me as it did when I > first heard it. I'd really like to have some more solid idea of the risk of something like this actually happening to the distributor of a package before deciding that we need to reject the package. Is it really a serious legal threat that the Linux distro used to perform an attack would get in trouble for carrying this package, despite the valid legal uses of the software? Thanks, Ricky
Attachment:
pgpik6FF58VX3.pgp
Description: PGP signature
_______________________________________________ advisory-board mailing list advisory-board@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/advisory-board
