I work at a large defense contractor.  There are two levels of shareware licensing that need to be addressed for any product that is used:

1) Will the product be used in the field, in a production environment?

2) Will the product be used on the corporate LAN?

Any new product has to go through a rigorous review by legal staff to review the exact license involved in a product.  They are looking for the clause that says “We own your company after 12 days of use”.  Surprisingly, there are some open licenses that have such clauses.  Pretty gutsy – just count on coders not actually reading the legaleeze.

Use on the LAN means the product must also be reviewed for security breaches.  While a defense contractor has real security levels that conform to government standards, I think this is a reasonable test for any corporate tool.  Again, some products fail the security test by either including silliness (such as Google toolbar poking back at google.com on a regular basis) or outright virus/spam.

Use in production means the software will reside on a defense product in the field.  Whole new levels of pain to evaluate the product for holes.  Not surprisingly, there is a lot of Not Invented Here coding that goes on just to avoid such a review.