[OWASP-FILTERS] Re: license for filters? / CALL FOR VOTE

Ingo Struck ingo at ingostruck.de
Wed Oct 30 17:17:41 EST 2002


> LGPL is probably a good choice for the filters, however we must reiterate
> to users of the library that if they choose to use it, they MUST provide
> access to the source of the library (not their own code) when they
> distribute it. Also, "static linking" or "compiling in" filters code under
> the LGPL would invoke the "viral" clauses, requiring that developers ship
> source with distributed copies of their own code. Therefore, developers
> will probably want to stick to dynamic linking (or inclusion in the case of
> interpreted languages) against the filters lib.
>  Asside from these 2 minor caveats, LGPL seems a good fit. The LGPL can be
> viewed at:
> http://www.opensource.org/licenses/lgpl-license.php
> Anyone else have thoughts on the topic?

I think this is a rather political question. :o)
If you are fed up with closed source software, then you should strictly adhere 
to the GPL (which is my personal favourite).
On the other hand you loose a large potential of "users" for your library if 
you forbid usage in a closed source environment.
The only question is: do we want to support such "potential users" or don't 
we. Some of them could be sponsors as well, but we have to balance if it's 
worth poisoning the opensource character of our projects.
IMHO the only way to answer your question is a vote of all active owasp 
contributors: strict GPL for everything or LGPL for libraries.
My vote would be for strict GPL.

Any other thoughts / votes?

Kind regards


More information about the Owasp-filters mailing list