Let's break down the License, and see where we fall. ...
Definitions ... c. "Enhancement" means any bug fix, error correction, patch, or other addition to the Software that are independent of the Software and do not require modification of the Software of the Software itself. ... 3. The license granted in Section 2 is expressly made subject to and limited by the following restrictions: a. You may only distribute, publicly display, and publicly perform unmodified Software. Without limiting the foregoing, You agree to maintain (and not supplement, remove, or modify) the same copyright, trademark notices and disclaimers in the exact wording as released by Developer. ... 4. You may develop Enhancements to the Software and distribute Your Enhancements, provided that You agree to each of the following restrictions on this distribution: a. Enhancements may not modify, supplement, or obscure the user interface or output of the Software such that the title of the Software, the copyrights and trademark notices in the Software, or the licensing terms of the Software are removed, hidden, or made less likely to be discovered or read. b. If you release any Enhancement to the Software, You agree to distribute the Enhancement under the terms of this License (or any other later-issued license(s) of Developer for the Software). Upon such release, You hereby grant and agree to grant a non-exclusive royalty-free right, to both (i) Developer and (ii) any of Developer's later licensees, owners, contributors, agents or business partners, to distribute Your Enhancement(s) with future versions of the Software provided that such versions remain available under the terms of this License (or any other later-adopted license(s) of Developer). ... Online Updates The Software includes the ability to download updates (i.e., additional code) from Developer's server(s). These updates may contain bug fixes, new functionality, updated Documentation, and/or Extensions. When retrieving these updates, the Software may transmit the Software version and operating system information from Your computer to the update server. The server may record (store) this information, in conjunction with the IP (global Internet Protocol) address of the user, in order to attempt to maintain accurate end user and version statistics. By using the online update feature, You hereby agree to allow this information to be transmitted, recorded, and stored in any nation by or for Developer. I pulled out only the parts that are important to the matter at hand. An unedited version of the license can be found, attached above or from the metasploit website. I have not modified any content of the license and have only "copied&pasted" the parted needed for discussion. ----- 1) Definitions, entry "c" - Indicates that bug fixes are considered an "Enhancement" (this includes patches). 2) Section 3 - a indicates that only unmodified versions of the software can be distributed. 3) Section 4 grants the right to create "Enhancements" (or patches) 4) Section 4 - a enforces that the patches do not alter, the user-interface, license, or output etc. 5) Section 4 - b states we must release the patch under the same license (The Metasploit Framework License v1.2) 6) Online Updates Section notes that some user information may be recorded I am no lawyer by here is my feedback on the above statements: 1 - The Ruby patch, and "permissions correction" would fall under an "Enhancement" 2 - This would indicate that we cannot "distribute" the code, however when you get right down to it, Debian policies do not allow this anyway, and we instead "patch" the unmodified source. Either way this state makes it seem as if no modifications are allowed. 3 - However, this section gives the right to "patch" the code. Therefore distributing the unmodified source, and the patches should be fine. 4 - Our patches are only bug fixes, and in no way alter any of these items 5 - Ubuntu packages are released as GPL, we could in theory release the patch under The Metasploit Framework License v1.2, but currently it is included in the package, with no restrictions. This is something we should look into. 6 - I really think this should be relayed to the client, as some would want to know this up front. ----- Maybe I am reading into this the wrong way, I am not sure, any comments? Thanks, Justin M. Wray -- [needs-packaging] Metasploit Framework 3.0 https://bugs.launchpad.net/bugs/102212 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
