Description
Hi @ufrisk,
First of all, thank you for maintaining and sharing the LeechCore and related tools, it's incredibly impressive and valuable work, especially in the memory acquisition and analysis space. I’ve been exploring and learning a lot from your ecosystem of tools like PCILeech, LeechAgent, and MemProcFS.
I wanted to ask for some clarification regarding the licensing terms under the GPL for LeechCore, particularly in the context of plugin development and orchestration tooling.
1. Plug-ins using the LeechCore API
If someone writes a standalone plugin or script (for example, in Python or C#) that uses the LeechCore libraries via the provided bindings, and that plugin is dynamically loaded by a host application (e.g., via scripting), would that plugin also need to be licensed under GPL due to its dependency on the LeechCore library? Or does it depend on how it's structured or distributed?
In other words, is any software that calls into the LeechCore library (even via dynamic loading or plugin architecture) necessarily required to adopt GPL as well?
2. Separate orchestration tool calling LeechCore-based tools externally
As a follow-up question, imagine a hypothetical orchestration binary — let’s call it orchestrator-tool — that doesn’t link against or import LeechCore at all, but rather executes other binaries from the command line as separate processes.
Here’s a simplified example:
orchestrator-toolis a standalone binary.- It executes the
pcileechtool from the command line. pcileechcommunicates withLeechAgent, which itself uses the LeechCore library to acquire a memory dump via PCIe/FPGA.- The dump is saved to disk.
- Then,
orchestrator-toolrunsmemprocfsvia the command line to mount the memory dump. - Finally,
orchestrator-toolperforms higher-level operations on the mounted memory volume.
At no point does orchestrator-tool directly link to or import LeechCore, PCILeech, or MemProcFS. All interaction occurs at the process level, treating these tools as external executables.
In this kind of design, where the orchestration layer is entirely separated from GPL components and merely interacts with them as if they were standard CLI tools, would the GPL licensing of LeechCore (or other components) impose any requirements on the orchestration binary’s license or source code availability?
I'm also curious if your perspective changes depending on whether this kind of orchestration tooling is used in a personal, research, or commercial setting.
Appreciate any insights you’re willing to share! I just want to make sure I understand the boundaries clearly and respect the licensing terms you've applied to this great work.
Best regards,
Shehzade