Hi, Looking at the Open Source Hardening Project sponsored by the department of Hoemland Security-it says on http://news.com.com/Open-source+hunt+digs+up+more+flaws/2100-1002_3-6068190.... "The bug hunt is part of a three-year "Open Source Hardening Project," dedicated to helping make such software as secure as possible. In January, the U.S. Department of Homeland Security awarded $1.24 million to Stanford University, Coverity and Symantec to find vulnerabilities in open-source projects. Developers have been quick to fix many bugs found as part of the program. More than 900 flaws were repaired in the two weeks after Coverity announced the results of its first scan of 32 open-source projects. " But it appears that the money is spent only in hunting down the bugs but not in fixing them. It says on http://news.com.com/Homeland+Security+helps+secure+open-source+code/2100-100... "It is regrettable that DHS has decided once more to ensure that private enterprise profits from the funding, while the open-source developers are left to beg for the scraps from the table," he said. "Why does the DHS think it is worthwhile to pay for bugs to be found, but has made no provision to pay for them to be fixed?" Since Free/Open source software is widely used on public infrastructure which is probably why the Department of Homeland Security is funding it(to secure it), I am wondering about the follwing - Will an open source developer be forced to maintain the code(with or without funds) and fix the bugs if his code runs on public infrastructure citing reasons such as national security? - Is the authour responsible to fix bugs in the code (free of cost/paid) citing he is responsible to ensure public safety? - What does this means to licenses like the GPL. Will it be rendered void? Thankyou for your time. Sarad. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com