vsftpd (GPL) and openssl?

Rui Miguel Seabra rms at 1407.org
Wed Sep 8 11:13:38 UTC 2004


On Wed, 2004-09-08 at 14:02 +0300, Pekka Savola wrote:
> On Wed, 8 Sep 2004, Rui Miguel Seabra wrote:
> > On Tue, 2004-09-07 at 23:28 -1000, Warren Togami wrote:
> > > I just noticed this in cvs-commits.  Another new instance of GPL linking 
> > > with openssl.  Problematic?
> > > 
> > > Even if the vsftpd authors wont sue us for any possible GPL violation, 
> > > does this possibly open a weak link in vsftpd's supposedly "very 
> > > secure"ness?  Even if ssl is disabled by default in our config?  Please 
> > > be sure...
> > 
> > I think the case is beggining to grow for inclusion of GNUtls.
> 
> Replacing OpenSSL with GNUtls would very likely increase, not 
> decrease, the security implications.

Inclusion. Not replacement. The inclusion would be specifically intended
to solve...

> >From the license/policitical/religious point of view, it might be 
> closer in spirit to the vsftpd though.

Anyway, do you have any data to backup your defamatory statement?
OpenSSL hasn't exactly been void of serious issues...

Rui

-- 
+ No matter how much you do, you never do enough -- unknown
+ Whatever you do will be insignificant,
| but it is very important that you do it -- Gandhi
+ So let's do it...?

Please AVOID sending me WORD, EXCEL or POWERPOINT attachments.
See http://www.fsf.org/philosophy/no-word-attachments.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20040908/97a279e0/attachment.sig>


More information about the fedora-devel-list mailing list