[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PATCH[1/1] Linux Security Guide



I'm sorry if I came off a bit rude, it wasn't my intent.
Also, I'm sorry for not being constructive, I'll try not and e-mail during rush our in the future :-)

About a more wide spread flora of security references. My thought was that the more known universities around the world
must have written kilometers of papers on Linux Security. Finding freely available papers describing general security on
Linux was easier said than done. I found some references during a quick scan this evening.

I guess it's a matter of trust. Of course the US Government and the NSA has excellent and trustworthy security people,
and that information in this subject is collaborative.. but at least I feel more secure seeing that it's not only
the US Government and secret service that approves and advocates the security issues brought out in this security guide.

Universities:
http://www.princeton.edu/~essweb/linux/linuxsecurity.html
http://www.yale.edu/its/secure-computing/
http://www.yale.edu/its/security/sysadmin/server-guidelines.html
http://www.yale.edu/its/security/network/unix.html
http://www-uxsup.csx.cam.ac.uk/security/unix-box.html

Other:
http://www.tldp.org/HOWTO/Security-HOWTO/
http://tldp.org/HOWTO/Security-Quickstart-HOWTO/
http://en.tldp.org/HOWTO/Secure-Programs-HOWTO/open-source-security.html
http://www.puschitz.com/SecuringLinux.shtml
http://en.wikipedia.org/wiki/Linux_Security_Modules

Vendors:
http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/en-US/Security_Guide/

I'll try and find some more / better references as soon as I have some more free time.

//M


sön 2009-01-04 klockan 12:00 -0500 skrev Message: 8
Date: Sun, 4 Jan 2009 09:44:55 -0500
From: "Paul W. Frields" <stickster gmail com>
Subject: Re: PATCH[1/1] Linux Security Guide
To: fedora-docs-list redhat com
Message-ID: <20090104144455 GB18821 localhost localdomain>
Content-Type: text/plain; charset="utf-8"

On Sun, Jan 04, 2009 at 09:07:16PM +1000, Murray McAllister wrote:
> On Sun, Jan 4, 2009 at 7:20 PM, Magnus Glantz <mg hacka net> wrote:
> > My 5 as an non US citizen.
> >
> > I do not feel comfortable with a guide that seems almost completely
> > ripped off published US military/government documents.
> I only looked at the English. I was not aware of the origins of the
content.
> 
> I will be more careful in future.
> 
> Thanks! :-)

"Ripped off" seems unnecessarily harsh to me, and incorrectly implies
that somehow the content was lifted without permission, when in fact
the references in question are freely available to everyone (USA
domestic or foreign).  The principles embodied in most of those
references are fairly universal and you'll find them echoed in most
high-level infosec materials.  In fact, some foreign governments use
these references themselves.

The Security Guide continues to be a collaborative, participatory
project, so anyone who is unhappy with the content -- or completely
satisfied, too, for that matter -- is free to get involved! :-)  You
could start by providing equivalent or comparable non-US references,
for example.

-- 
Paul W. Frields                                http://paul.frields.org/
  gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233  5906 ACDB C937 BD11 3717
  http://redhat.com/   -  -  -  -   http://pfrields.fedorapeople.org/
  irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url :
https://www.redhat.com/archives/fedora-docs-list/attachments/20090104/0496c929/attachment.bin



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]