questions regarding new plugin policy
Renaud Deraison
deraison at nessus.org
Fri Dec 10 19:02:51 EST 2004
On Fri, Dec 10, 2004 at 03:42:43PM -0800, Eijiro Matsumoto wrote:
> call me chop suey, but if i read the following legal
> snippet on nessus.org correctly:
>
> "SUBMISSIONS (http://www.nessus.org/privacy)
This is the policy of the website (and mailing lists,
submitted white papers, and on-line resources in general).
>
> does this mean if i contribute a new NASL script,
> Tenable owns it?
No. If you submit a script, it belongs to you but has to be under the
GPL.
> what if i contribute a NASL script 1 day after tenable
> creates a proprietary one? does tenable holds on to
> the rule for later release?
Yes.
> what kind of checks and balances exist to prevent
> Tenable from taking a GPL NASL submission and using it
> to create their proprietary one? It would be easy for
> Tenable to say: "we had one first, so we are delaying
> this for 7 days" -- how does anyone know for sure but
> tenable?
You can submit a plugin to plugins-writers@ for the plugin to see.
The list of the plugins written on our side will be publically
available through http://www.nessus.org/scripts.php.
Of course there's a small window of potential submission conflicts
(ie: a plugin is submitted while we're working on it), but in the
past there has been very little conflicts.
-- Renaud
More information about the Nessus
mailing list