Re: Call to participate: GNessUs security scanner

[Tim Brown <timb () gnessus org>]

On Tue, 11 Oct 2005, MadHat wrote:

> Not all of 2.2 is GPL.  Many of the NASL scripts are not, and this includes 
> ALL of the SMB stuff.  Only the engine is GPL.  All of the SMB stuff (meaning 
> the functions to connect to Windows shares and query the registry and check 
> SMB specific "stuff") is implemented in NASL code, not in the engine.  When 
> 2.2 came out, the shift to non-GPL scripts changed more than just the checks, 
> some of the inner workings of NASL through include scripts and dependancies 
> also became non-GPL, though I don't think most people noticed this.

It has been observed.  This is one reason we chose the GNU/Debian code 
base rather than a straight copy from CVS.  If anyone is likely to have 
cleaned non-GPLd code, it will be them.  That being said, one of the first 
jobs I have pencilled in, is to carry out a full source code review to 
ensure the code we distribute is GPL.

Cheers,
Tim
--
Tim Brown, GNessUs
<mailto:timb () gnessus org>
<http://www.gnessus.org/>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/