Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 27 Sep 1999 12:15:30 -0400 (EDT)
From:      "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com>
To:        Cy.Schubert@uumail.gov.bc.ca (Cy Schubert - ITSD Open Systems Group)
Cc:        cjclark@home.com, dillon@apollo.backplane.com (Matthew Dillon), freebsd-security@FreeBSD.ORG
Subject:   Re: dump(8) Insecurity/Misconfiguration
Message-ID:  <199909271615.MAA92288@cc942873-a.ewndsr1.nj.home.com>
In-Reply-To: <199909271359.GAA53200@cwsys.cwsent.com> from Cy Schubert - ITSD Open Systems Group at "Sep 27, 1999 06:59:17 am"

next in thread | previous in thread | raw e-mail | index | archive | help
Cy Schubert - ITSD Open Systems Group wrote,
> Running dump as root isn't as big a security problem than the firewall 
> issues that this rsh issue raises, not to mention cleartext.  Due to 
> it's copyright restrictions use of the SSH protocol may not be too 
> wise, however various VPN solutions do help.

OK, you are the second person to mention this about SSH. I've always
thought using SSH (/not/ SSH2) at a commercial site was fine
providedit falls within the following limits (from the COPYING file
that comes with the SSH tarball), 

"Companies are permitted to use this program as long as it is not used for
revenue-generating purposes. For example, an Internet service provider is
allowed to install this program on their systems and permit clients to use
SSH to connect; however, actively distributing SSH to clients for the
purpose of providing added value requires separate licensing.  Similarly,
a consultant may freely install this software on a client's machine for
his own use, but if he/she sells the client a system that uses SSH as a
component, a separate license is required."

I'm no lawyer, but it seems like using SSH for helping with dumps
would fall well within this license since backing up files does not
really generate much revenue for us.

Is there something in the licese I've missed? You all have me nervous
now.
-- 
Crist J. Clark                           cjclark@home.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909271615.MAA92288>