Re: nmap license

To: Debian-legal <debian-legal@lists.debian.org>
Subject: Re: nmap license
From: Anthony DeRobertis <asd@suespammers.org>
Date: Thu, 2 Sep 2004 19:37:58 -0400
Message-id: <[🔎] 1F3AF464-FD39-11D8-8F3A-00039317863E@suespammers.org>
In-reply-to: <1092096421.10676.450.camel@banks>
References: <1092096421.10676.450.camel@banks>

Sorry for the late response; I'll avoid re-hashing points. Assume for amoment that this 'clarification' is sensical and valid:


 * o Integrates source code from
Nmap                                      *

I think we'd generally consider that restriction free, and it would bein line with how we normally interpret the GPL.

 * o Reads or includes Nmap copyrighted data files, such
as                *
 *   nmap-os-fingerprints or
nmap-service-probes.                          *


"Includes" would be the same as above.

"Reads" is, IMO, not OK, as that would not normally be considered aderived work, and thus this restriction would contaminate othersoftware.

As a side note, under Feist, it's questionable if a fingerprint file iscopyrightable (in the US, again).

 * o Executes
Nmap                                                         *

I don't believe this would normally be a derived work, either,especially in the US considering Lotus v. Borland.

 * o Integrates/includes/aggregates Nmap into an executable
installer      *

"integrates" is probably a derivative work normally, but aggregates maynot be (and is explicitly excluded by the GPL...).


So, can we not put nmap on a d-i disc?

 * o Links to a library or executes a program that does any of the
above   *


The executes is again questionable.

**

 * The term "Nmap" should be taken to also include any portions or
derived *
 * works of Nmap.  This list is not exclusive, but is just meant
to        *
 * clarify our interpretation of derived works with some common
examples.  *

This sentence ("just meant to clarify our interpretation") is confusingme. I'm not sure how it should be read (or how a court would read it).I suspect a court may attempt to use these clarifications, and treat itas part of the license grant.... After all, it is clearly the intentionof the granting party.

 * These restrictions only apply when you actually redistribute Nmap.
For *
 * example, nothing stops you from writing and selling a
proprietary       *
 * front-end to Nmap.  Just distribute it by itself, and point people
to   *
 * http://www.insecure.org/nmap/ to download
Nmap.

Most interesting, because if these were truly derivative works of nmapthe GPL would not allow this.

Reply to:

Prev by Date: Re: cdrecord: weird GPL interpretation
Next by Date: Re: GPL-licensed packages with depend-chain to OpenSSL
Previous by thread: Re: cdrecord: weird GPL interpretation
Next by thread: Re: GPL-licensed packages with depend-chain to OpenSSL
Index(es):
- Date
- Thread