From owner-freebsd-security Mon Sep 27 12: 4:18 1999 Delivered-To: freebsd-security@freebsd.org Received: from ns.mt.sri.com (ns.mt.sri.com [206.127.79.91]) by hub.freebsd.org (Postfix) with ESMTP id 481B31542C for ; Mon, 27 Sep 1999 12:04:11 -0700 (PDT) (envelope-from nate@mt.sri.com) Received: from mt.sri.com (rocky.mt.sri.com [206.127.76.100]) by ns.mt.sri.com (8.9.3/8.9.3) with SMTP id NAA27565; Mon, 27 Sep 1999 13:03:10 -0600 (MDT) (envelope-from nate@rocky.mt.sri.com) Received: by mt.sri.com (SMI-8.6/SMI-SVR4) id NAA11566; Mon, 27 Sep 1999 13:03:08 -0600 Date: Mon, 27 Sep 1999 13:03:08 -0600 Message-Id: <199909271903.NAA11566@mt.sri.com> From: Nate Williams MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit To: "Rodney W. Grimes" Cc: cjclark@home.com, Cy.Schubert@uumail.gov.bc.ca (Cy Schubert - ITSD Open Systems Group), dillon@apollo.backplane.com (Matthew Dillon), freebsd-security@FreeBSD.ORG Subject: Re: dump(8) Insecurity/Misconfiguration In-Reply-To: <199909271841.LAA12907@gndrsh.dnsmgr.net> References: <199909271615.MAA92288@cc942873-a.ewndsr1.nj.home.com> <199909271841.LAA12907@gndrsh.dnsmgr.net> X-Mailer: VM 6.34 under 19.16 "Lille" XEmacs Lucid Reply-To: nate@mt.sri.com (Nate Williams) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org [ Rod, you *really* need to get out more ] > > "Companies are permitted to use this program as long as it is not used for > > revenue-generating purposes. For example, an Internet service provider is > > allowed to install this program on their systems and permit clients to use > > SSH to connect; however, actively distributing SSH to clients for the > > purpose of providing added value requires separate licensing. Similarly, > > a consultant may freely install this software on a client's machine for > > his own use, but if he/she sells the client a system that uses SSH as a > > component, a separate license is required." > > > > I'm no lawyer, but it seems like using SSH for helping with dumps > > would fall well within this license since backing up files does not > > really generate much revenue for us. > > I'm not a lawyer either, but I'll play the advocate here and show > you why you are at risk. First, you used the word ``much'' in the > above sentence. _Any_ is _some_ and is _not_ none, henceforth you > voilate ``not used for ...''. Second, since backups are a critical > piece of keeping your business operating No, they are not. Many (most?) businesses are reliably operating *today* without a working backup strategy. Yes, it's stupid, but it doesn't effect their ability to do business. It's just that might not work *as* reliably if a disk goes down, but stuff gets done even without backups, since backups are rarely needed. > A lot of people will say I have overstated the intent of the licence, > I'll simply say that I am applying Blacks Legal dictionary to extract > what _I_ see as the letter of the agreement. Good thing you are aren't a lawyer. > You may also find that the license fee is quite low for what you want to do. NOT! Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message