[OWASP-LEADERS] RE: License question

Adrian Wiesmann awiesmann at swordlord.org
Sat Nov 29 09:33:02 EST 2003

> The question and discussions that I refer to were along the lines of "If I
> am running a modified GPL web application on my webserver, am I
> distributing the *program*, or am I just distributing the *output*?"

Well strictly speaking you are not releasing anything with providing a web
application or otherwise you would have to put every binary you compile
with gcc under the GPL as well. (Or think about PHP/Tomcat and all those
which at least would request us to put a notice onto every webpage we

To make a long sentence short, this discussion and the complexity of the
whole theme (and the question if the GPL is enforceable anyway over here)
was one of the reasons for us at SwordLord to release our Public Source
software under an Apple Public Source Licence alike licence. The SwordLord
Public Source Licence has mostly everything in it which was said before on
this list: nobody making money out of it, copyright belongs to an
organisation which can not turn unethical, being OSI compliant etc pp.

This means for OWASP that I definitely would think about crosslicencing
the products and results as it is done by MySQL and others. Perhaps it
would also be good to start a discussion on the OSI licence maillist some
day about which licence would be best for a project like us.


More information about the OWASP-Leaders mailing list