PATCH[1/1] Linux Security Guide
Magnus Glantz
mg at hacka.net
Tue Jan 6 13:50:49 UTC 2009
I've started writing a draft for such a chapter. I'll get back to you
when I have something to present.
https://fedoraproject.org/w/index.php?title=Docs/Drafts/SecurityGuide/Security_for_home_users
//M
tis 2009-01-06 klockan 11:33 +0100 skrev Magnus Glantz:
> What I feel is perhaps missing is not content, but structure or presentation of content.
>
> This guide seems focused on administrators working in SME or large enterprises.
> I guess that would be natural, if the base of the guide is the RHEL Security Guide.. ( Thank you Karsten for pointing this out :-> )
>
> As a new or a not very security interested Fedora user, I would say this guide is much too big and complex to make proper use of.
> It's like facing the worlds biggest all-you-can-eat buffet, when you to the best of your knowledge haven't tasted any of the food on display. And on second thought
> your too lazy and uninterested of food to try and find the essential good stuff.
>
> What I'm looking for is perhaps a chapter for regular home users with focus on usability rather than security.
> People that like Fedora but who doesn't know or care much about security.
>
> "Security for Home Users"
>
> I would volunteer to write such a chapter.
>
> //M
>
>
> tis 2009-01-06 klockan 03:00 -0500 skrev
> > Message: 5
> > Date: Mon, 05 Jan 2009 23:24:36 -0500
> > From: Eric Christensen <eric at christensenplace.us>
> > Subject: Re: PATCH[1/1] Linux Security Guide
> > To: For participants of the Documentation Project
> > <fedora-docs-list at redhat.com>
> > Message-ID: <4962DD04.80709 at christensenplace.us>
> > Content-Type: text/plain; charset=ISO-8859-1
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > I agree, in part, with your overview. A completely secure system is one
> > that is unplugged and that isn't exactly useful. I would dare say that
> > you don't want the same level of security as I do or as anyone else
> > might which is why it is important to give as much information as
> > possible and let people pick and choose what they feel is important to
> > their specific needs.
> >
> > Case in point, admin A has a server in a cave that is physically highly
> > protected. Disk encryption and securing single user mode might not be
> > as important as securing the network connection. So that admin might
> > only care about the VPN, SSH, IPTables, and related chapters and not so
> > much on the LUKS Disk Encryption.
> >
> > I feel that it is important to give admins and users as much information
> > as possible so they can make an educated decision on mitigating their
> > systems down to an acceptable level of risk. Users should know that
> > their systems are NOT secure as soon as they install Fedora or any other
> > operating system.
> >
> > If we are missing something you think should be addressed please feel
> > free to develop a chapter.
> >
> > Thanks,
> > Eric Christensen
> > E-Mail: sparks at fedoraproject.org
> > GPG Key: BD0C14C1
> >
> >
> >
> >
> >
> > Magnus Glantz wrote:
> > > This e-mail is about security and user friendliness, and how I think this guide perhaps may be modified into something better.
> > > This may also be me misunderstanding the purpose of this guide. Be aware.
> > >
> > > I agree that Government Security Agencies and Banks has more to loose than a lot of other people :-)
> > >
> > > Last night I couldn't get to sleep, due to my big mouth, so I thought a bit more about the security guide.
> > > I guess this guide aims to the users of Fedora. This may be a huuge misconception on my part, but, I though
> > > regular home users are the main users of Fedora. So.. this guide should perhaps to be focused on that kind of usage and
> > > that kind of knowledge levels.
> > >
> > > My experience, working with security in highly secure government/telco environments is that security
> > > and ease of use/user friendliness is two most important main counter parts.
> > >
> > > On one hand, it's "pretty easy" to make something extremely secure, but extremely secure systems is a total drag to be in
> > > - because they are difficult to access, use and communicate to and from, due to all restrictions and security related administration.
> > > I believe the standard Fedora user never would want such a system. In a system like that security has compromised to much user friendliness for it to be fun.
> > > If security isn't your definition of happy-happy joy-joy :-)
> > >
> > > I had a thought that perhaps this guide should mainly not focus on different things that makes a system secure as a bank.
> > > Instead perhaps it should focus on covering techniques that allows ones home computer to operate in a secure
> > > _and_ user friendly manner.
> > >
> > > Here's what I wrote on my phone last night, trying to kill demons of guilt and shame spawned out of my nonconstructive mail yesterday.
> > > I tried to sort them in order of positive impact on security weighed against user friendliness.
> > >
> > > 1) Keep your system up-to-date.
> > > 1.1) Perhaps advocacy that users should prefer "Yum installed software", as it automatically will get updated via Yum.
> > > 2) Keep backups of your data.
> > > 2.1) Some easy ways of backing up data. Burn on CD/DVD, put on external storage, backup hard drive, etc. S/W recommendations.
> > > 3) Running a firewall.
> > > 3.1) Using the shipped Fedora firewall setup tools, enabling the firewall at install.
> > > 4) Use SE-Linux
> > > 5) Use common sense
> > > 5.1 Do not accept unknown stuff/software from unknown people. If a stranger walked up to you in real life and offered you an unidentifiable object.. and you at the same time
> > > constantly heard and read stories of people accepting unidentifiable objects from strangers - finding out the object was a bomb / robotic miniature robber - YOU WOULD RUN AWAY!
> > > 5) Do not run server software that you do not use (as web, mail, ftp, nfs or even a ssh server (if it's a desktop))
> > > 6) Advanced topics - Here one may cover more "user unfriendly" stuff for the paranoid government spy user types :-)
> > > 6.1 Encryption of different kinds (files, file systems, e-mail, etc)
> > > 6.2 Advanced hardening techniques and tools.
> > > 6.3 Advanced auditing techniques and tools
> > > 6.4 Security policy and/or paranoid thinking
> > >
> > > Some more links.
> > >
> > > Organizations:
> > > http://www.cert.org/archive/pdf/aia-handbook.pdf
> > > http://www.first.org/resources/guides/
> > > http://www.sans.org/reading_room/
> > >
> > > //M
> > >
> > > mn 2009-01-05 klockan 12:00 -0500
> > >> Message: 2
> > >> Date: Sun, 04 Jan 2009 22:23:45 -0500
> > >> From: Eric Christensen <eric at christensenplace.us>
> > >> Subject: Re: PATCH[1/1] Linux Security Guide
> > >> To: For participants of the Documentation Project
> > >> <fedora-docs-list at redhat.com>
> > >> Message-ID: <49617D41.5040205 at christensenplace.us>
> > >> Content-Type: text/plain; charset=ISO-8859-1
> > >>
> > > Good resources. Thanks for sending them. My reasoning for building
> > > that part of the Security Guide based on US Government documents and not
> > > documents from Universities or commercial sources has a simple
> > > explanation. Government computers HAVE to be secure. I've seen way too
> > > many universities and businesses run a half-way security mindset. They
> > > are too interested in the bottom line than a secure system even though a
> > > secure system will help the bottom line in the long run.
> > >
> > > The only other industry that I would like to pull from is the banking
> > > industry. They are generally notorious for their secure systems (I'm
> > > talking about the larger banks). They could stand to loose billions of
> > > dollars if they are "broken into". Of course most of the banks make
> > > their documentation secret as to not tip off anyone with a possible
> > > documented flaw.
> > >
> > > I agree that we should be looking at multiple sources and that will come
> > > in time. Please feel free to add information into the guide. I'll be
> > > happy to read any patches that you, or anyone else, has to offer to the
> > > guide. If you have any specific interests, please let me know!
> > >
> > > Thanks,
> > > Eric Christensen
> > > E-Mail: sparks at fedoraproject.org
> > > GPG Key: BD0C14C1
> > >
> > >
> > >
> > > Magnus Glantz wrote:
> > >>>> I'm sorry if I came off a bit rude, it wasn't my intent.
> > >>>> Also, I'm sorry for not being constructive, I'll try not and e-mail during rush our in the future :-)
> > >>>>
> > >>>> About a more wide spread flora of security references. My thought was that the more known universities around the world
> > >>>> must have written kilometers of papers on Linux Security. Finding freely available papers describing general security on
> > >>>> Linux was easier said than done. I found some references during a quick scan this evening.
> > >>>>
> > >>>> I guess it's a matter of trust. Of course the US Government and the NSA has excellent and trustworthy security people,
> > >>>> and that information in this subject is collaborative.. but at least I feel more secure seeing that it's not only
> > >>>> the US Government and secret service that approves and advocates the security issues brought out in this security guide.
> > >>>>
> > >>>> Universities:
> > >>>> http://www.princeton.edu/~essweb/linux/linuxsecurity.html
> > >>>> http://www.yale.edu/its/secure-computing/
> > >>>> http://www.yale.edu/its/security/sysadmin/server-guidelines.html
> > >>>> http://www.yale.edu/its/security/network/unix.html
> > >>>> http://www-uxsup.csx.cam.ac.uk/security/unix-box.html
> > >>>>
> > >>>> Other:
> > >>>> http://www.tldp.org/HOWTO/Security-HOWTO/
> > >>>> http://tldp.org/HOWTO/Security-Quickstart-HOWTO/
> > >>>> http://en.tldp.org/HOWTO/Secure-Programs-HOWTO/open-source-security.html
> > >>>> http://www.puschitz.com/SecuringLinux.shtml
> > >>>> http://en.wikipedia.org/wiki/Linux_Security_Modules
> > >>>>
> > >>>> Vendors:
> > >>>> http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/en-US/Security_Guide/
> > >>>>
> > >>>> I'll try and find some more / better references as soon as I have some more free time.
> > >>>>
> > >>>> //M
> > >>>>
> > >>>>
> > >>>> sn 2009-01-04 klockan 12:00 -0500 skrev Message: 8
> > >>>> Date: Sun, 4 Jan 2009 09:44:55 -0500
> > >>>> From: "Paul W. Frields" <stickster at gmail.com>
> > >>>> Subject: Re: PATCH[1/1] Linux Security Guide
> > >>>> To: fedora-docs-list at redhat.com
> > >>>> Message-ID: <20090104144455.GB18821 at localhost.localdomain>
> > >>>> Content-Type: text/plain; charset="utf-8"
> > >>>>
> > >>>> On Sun, Jan 04, 2009 at 09:07:16PM +1000, Murray McAllister wrote:
> > >>>>> On Sun, Jan 4, 2009 at 7:20 PM, Magnus Glantz <mg at hacka.net> wrote:
> > >>>>>> My 5 as an non US citizen.
> > >>>>>>
> > >>>>>> I do not feel comfortable with a guide that seems almost completely
> > >>>>>> ripped off published US military/government documents.
> > >>>>> I only looked at the English. I was not aware of the origins of the
> > >>>> content.
> > >>>>> I will be more careful in future.
> > >>>>>
> > >>>>> Thanks! :-)
> > >>>> "Ripped off" seems unnecessarily harsh to me, and incorrectly implies
> > >>>> that somehow the content was lifted without permission, when in fact
> > >>>> the references in question are freely available to everyone (USA
> > >>>> domestic or foreign). The principles embodied in most of those
> > >>>> references are fairly universal and you'll find them echoed in most
> > >>>> high-level infosec materials. In fact, some foreign governments use
> > >>>> these references themselves.
> > >>>>
> > >>>> The Security Guide continues to be a collaborative, participatory
> > >>>> project, so anyone who is unhappy with the content -- or completely
> > >>>> satisfied, too, for that matter -- is free to get involved! :-) You
> > >>>> could start by providing equivalent or comparable non-US references,
> > >>>> for example.
> > >>>>
> > >>
> > >>
> > >>
> > - ------------------------------
> > >>
> > Message: 3
> > Date: Mon, 05 Jan 2009 10:12:20 +0530
> > From: Rahul Sundaram <sundaram at fedoraproject.org>
> > Subject: curl instead of wget
> > To: For participants of the Documentation Project
> > <fedora-docs-list at redhat.com>
> > Message-ID: <49618FAC.30400 at fedoraproject.org>
> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> > >>
> > Hi,
> > >>
> > In documentation, wherever we are using wget, it is probably better to
> > use curl instead since wget is not installed by default on the Live CD
> > while curl is. Just a thought.
> > >>
> > Rahul
> > >>
> > >>
> > >>
> > - ------------------------------
> > >>
> > Message: 4
> > Date: Mon, 05 Jan 2009 07:01:54 +0200
> > From: Basil Mohamed Gohar <abu_hurayrah at hidayahonline.org>
> > Subject: Re: curl instead of wget
> > To: For participants of the Documentation Project
> > <fedora-docs-list at redhat.com>
> > Message-ID: <1231131714.3714.7.camel at localhost.localdomain>
> > Content-Type: text/plain
> > >>
> > On Mon, 2009-01-05 at 10:12 +0530, Rahul Sundaram wrote:
> > >>> Hi,
> > >>>
> > >>> In documentation, wherever we are using wget, it is probably better to
> > >>> use curl instead since wget is not installed by default on the Live CD
> > >>> while curl is. Just a thought.
> > >>>
> > >>> Rahul
> > >>>
> > I ran into this problem (missing wget) after installing from the F10
> > LiveCD, so I can relate. However, I've no experience with curl, and I
> > must say, curl --help is somewhat intimidating. Is it as
> > straightforward to use as wget, especially for someone that may be new
> > (e.g., the majority of those using documentation on a new installation
> > of Fedora)?
> > >>
> > ________________________________________________________________________
> > >>
> > Basil Mohamed Gohar
> > abu_hurayrah at hidayahonline.org
> > www.basilgohar.com
> > >>
> > >>
> > >>
> > - ------------------------------
> > >>
> > Message: 5
> > Date: Sun, 4 Jan 2009 23:04:11 -0600
> > From: Ian Weller <ianweller at gmail.com>
> > Subject: Re: curl instead of wget
> > To: For participants of the Documentation Project
> > <fedora-docs-list at redhat.com>
> > Message-ID: <20090105050411.GA3404 at gmail.com>
> > Content-Type: text/plain; charset="us-ascii"
> > >>
> > On Mon, Jan 05, 2009 at 07:01:54AM +0200, Basil Mohamed Gohar wrote:
> > >>> On Mon, 2009-01-05 at 10:12 +0530, Rahul Sundaram wrote:
> > >>>> Hi,
> > >>>>
> > >>>> In documentation, wherever we are using wget, it is probably better to
> > >>>> use curl instead since wget is not installed by default on the Live CD
> > >>>> while curl is. Just a thought.
> > >>>>
> > >>>> Rahul
> > >>>>
> > >>> I ran into this problem (missing wget) after installing from the F10
> > >>> LiveCD, so I can relate. However, I've no experience with curl, and I
> > >>> must say, curl --help is somewhat intimidating. Is it as
> > >>> straightforward to use as wget, especially for someone that may be new
> > >>> (e.g., the majority of those using documentation on a new installation
> > >>> of Fedora)?
> > >>>
> > Then shouldn't wget be installed by default?
> > >>
> > - --
> > Ian Weller <ianweller at gmail.com> http://ianweller.org
> > GnuPG fingerprint: E51E 0517 7A92 70A2 4226 B050 87ED 7C97 EFA8 4A36
> > "Technology is a word that describes something that doesn't work yet."
> > ~ Douglas Adams
> > - -------------- next part --------------
> > A non-text attachment was scrubbed...
> > Name: not available
> > Type: application/pgp-signature
> > Size: 197 bytes
> > Desc: not available
> > Url :
> > https://www.redhat.com/archives/fedora-docs-list/attachments/20090104/db4785c8/attachment.bin
> > >>
> > - ------------------------------
> > >>
> > Message: 6
> > Date: Mon, 5 Jan 2009 00:07:10 -0500
> > From: Matthew Daniels <danielsmw at gmail.com>
> > Subject: Re: curl instead of wget
> > To: For participants of the Documentation Project
> > <fedora-docs-list at redhat.com>
> > Message-ID: <E5D39042-AD6E-4915-A4B1-5B6EEF320481 at gmail.com>
> > Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
> > >>
> > >>>> I ran into this problem (missing wget) after installing from the F10
> > >>>> LiveCD, so I can relate. However, I've no experience with curl,
> > >>>> and I
> > >>>> must say, curl --help is somewhat intimidating. Is it as
> > >>>> straightforward to use as wget, especially for someone that may be
> > >>>> new
> > >>>> (e.g., the majority of those using documentation on a new
> > >>>> installation
> > >>>> of Fedora)?
> > >>>>
> > >>> Then shouldn't wget be installed by default?
> > I would think so. Can we call that a bug/enhancement and see if
> > they'll do that for F11? I mean... what's the size of wget? I can't
> > be more than a few hundred KB.
> > >>
> > - - Matthew
> > >>
> > >>
> > >>
> > - ------------------------------
> > >>
> > Message: 7
> > Date: Mon, 05 Jan 2009 07:28:57 +0200
> > From: Basil Mohamed Gohar <abu_hurayrah at hidayahonline.org>
> > Subject: Re: curl instead of wget
> > To: fedora-docs-list at redhat.com
> > Message-ID: <1231133338.3714.10.camel at localhost.localdomain>
> > Content-Type: text/plain
> > >>
> > On Sun, 2009-01-04 at 23:04 -0600, Ian Weller wrote:
> > >>> Then shouldn't wget be installed by default?
> > I was fearful of making the same suggestion myself, since this is the
> > Docs list, but that's what I think is best as well. Frankly, I'm quite
> > surprised it was never included in the first place. I actually thought
> > it was part of the core utilities needed to admin a system.
> > >>
> > >>
> > ________________________________________________________________________
> > >>
> > Basil Mohamed Gohar
> > abu_hurayrah at hidayahonline.org
> > www.basilgohar.com
> > >>
> > >>
> > >>
> > - ------------------------------
> > >>
> > Message: 8
> > Date: Mon, 05 Jan 2009 15:35:33 +1000
> > From: Christopher Curran <ccurran at redhat.com>
> > Subject: Re: curl instead of wget
> > To: For participants of the Documentation Project
> > <fedora-docs-list at redhat.com>
> > Message-ID: <49619C25.9020804 at redhat.com>
> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> > >>
> > Rahul Sundaram wrote:
> > >>> Hi,
> > >>>
> > >>> In documentation, wherever we are using wget, it is probably better to
> > >>> use curl instead since wget is not installed by default on the Live CD
> > >>> while curl is. Just a thought.
> > >>>
> > >>> Rahul
> > >>>
> > Sure I can update future docs if you can point me at the thread where
> > they decided to drop it.
> > >>
> > Chris
> > >>
> > >>
> > >>
> > - ------------------------------
> > >>
> > Message: 9
> > Date: Mon, 5 Jan 2009 00:21:13 -0600
> > From: Ian Weller <ianweller at gmail.com>
> > Subject: Re: curl instead of wget
> > To: For participants of the Documentation Project
> > <fedora-docs-list at redhat.com>
> > Message-ID: <20090105062113.GB5608 at gmail.com>
> > Content-Type: text/plain; charset="us-ascii"
> > >>
> > On Mon, Jan 05, 2009 at 12:07:10AM -0500, Matthew Daniels wrote:
> > >>> I would think so. Can we call that a bug/enhancement and see if they'll
> > >>> do that for F11? I mean... what's the size of wget? I can't be more
> > >>> than a few hundred KB.
> > >>>
> > It's 1.5 MB, according to rpm -qi wget, but the .rpm file itself is
> > 600kB. IIRC, the former would be on the Live distribution, while the
> > latter is on the mirrors and the install media.
> > >>
> > - --
> > Ian Weller <ianweller at gmail.com> http://ianweller.org
> > GnuPG fingerprint: E51E 0517 7A92 70A2 4226 B050 87ED 7C97 EFA8 4A36
> > "Technology is a word that describes something that doesn't work yet."
> > ~ Douglas Adams
> > - -------------- next part --------------
> > A non-text attachment was scrubbed...
> > Name: not available
> > Type: application/pgp-signature
> > Size: 197 bytes
> > Desc: not available
> > Url :
> > https://www.redhat.com/archives/fedora-docs-list/attachments/20090105/cb59213d/attachment.bin
> > >>
> > - ------------------------------
> > >>
> > Message: 10
> > Date: Mon, 05 Jan 2009 11:55:15 +0530
> > From: Rahul Sundaram <sundaram at fedoraproject.org>
> > Subject: Re: curl instead of wget
> > To: For participants of the Documentation Project
> > <fedora-docs-list at redhat.com>
> > Message-ID: <4961A7CB.6080704 at fedoraproject.org>
> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> > >>
> > Basil Mohamed Gohar wrote:
> > >>> On Mon, 2009-01-05 at 10:12 +0530, Rahul Sundaram wrote:
> > >>>> Hi,
> > >>>>
> > >>>> In documentation, wherever we are using wget, it is probably better to
> > >>>> use curl instead since wget is not installed by default on the Live CD
> > >>>> while curl is. Just a thought.
> > >>>>
> > >>>> Rahul
> > >>>>
> > >>> I ran into this problem (missing wget) after installing from the F10
> > >>> LiveCD, so I can relate. However, I've no experience with curl, and I
> > >>> must say, curl --help is somewhat intimidating. Is it as
> > >>> straightforward to use as wget, especially for someone that may be new
> > >>> (e.g., the majority of those using documentation on a new installation
> > >>> of Fedora)?
> > The basic usage is simple.
> > >>
> > curl <url>
> > >>
> > If you want to suggest wget be (re-)added, that is a fedora-desktop list
> > discussion.
> > >>
> > Rahul
> > >>
> > >>
> > >>
> > - ------------------------------
> > >>
> > Message: 11
> > Date: Mon, 5 Jan 2009 07:21:57 -0800
> > From: Karsten Wade <kwade at redhat.com>
> > Subject: Wed. 07 Jan planning meeting
> > To: fedora-docs-list at redhat.com
> > Message-ID: <20090105152157.GI5819 at calliope.phig.org>
> > Content-Type: text/plain; charset="us-ascii"
> > >>
> > We have a chance to get some important work moved forward, and
> > important information spread, at the upcoming FUDCon this week.
> > >>
> > Let's use the meeting this Wednesday to finalize plans for FUDCon;
> > discussions here in advance.
> > >>
> > https://fedoraproject.org/wiki/DocsProject/SteeringCommittee/Meetings#Wednesday.2C_07_January_2008
> > >>
> > Please add to that any FUDCon planning activities you think of.
> > >>
> > - - Karsten
> > - --
> > Karsten 'quaid' Wade, Community Gardener
> > http://quaid.fedorapeople.org
> > AD0E0C41
> > - -------------- next part --------------
> > A non-text attachment was scrubbed...
> > Name: not available
> > Type: application/pgp-signature
> > Size: 189 bytes
> > Desc: not available
> > Url :
> > https://www.redhat.com/archives/fedora-docs-list/attachments/20090105/18f56d87/attachment.bin
> > >>
> > - ------------------------------
> > >>
> > Message: 12
> > Date: Mon, 5 Jan 2009 10:37:03 -0500
> > From: "Paul W. Frields" <stickster at gmail.com>
> > Subject: Re: Wed. 07 Jan planning meeting
> > To: fedora-docs-list at redhat.com
> > Message-ID: <20090105153703.GQ25582 at localhost.localdomain>
> > Content-Type: text/plain; charset="us-ascii"
> > >>
> > On Mon, Jan 05, 2009 at 07:21:57AM -0800, Karsten Wade wrote:
> > >>> We have a chance to get some important work moved forward, and
> > >>> important information spread, at the upcoming FUDCon this week.
> > >>>
> > >>> Let's use the meeting this Wednesday to finalize plans for FUDCon;
> > >>> discussions here in advance.
> > >>>
> > >>> https://fedoraproject.org/wiki/DocsProject/SteeringCommittee/Meetings#Wednesday.2C_07_January_2008
> > >>>
> > >>> Please add to that any FUDCon planning activities you think of.
> > Not trying to be confusing -- on the contrary, making sure I can keep
> > my schedule clear, be there, and pay attention purely to our meeting.
> > We're meeting at 1900 UTC / 2:00pm EST / 11:00am PST?
> > >>
> > - --
> > Paul W. Frields http://paul.frields.org/
> > gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717
> > http://redhat.com/ - - - - http://pfrields.fedorapeople.org/
> > irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug
> > - -------------- next part --------------
> > A non-text attachment was scrubbed...
> > Name: not available
> > Type: application/pgp-signature
> > Size: 189 bytes
> > Desc: not available
> > Url :
> > https://www.redhat.com/archives/fedora-docs-list/attachments/20090105/35aa1cbf/attachment.bin
> > >>
> > - ------------------------------
> > >>
> > - --
> > fedora-docs-list mailing list
> > fedora-docs-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-docs-list
> > >>
> > End of fedora-docs-list Digest, Vol 59, Issue 6
> > ***********************************************
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.9 (GNU/Linux)
> > Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
> >
> > iEYEARECAAYFAkli3QEACgkQfQTSQL0MFMFyjgCg0a1oNi23Zp4eH0gNu9SPWaO7
> > MC8An20TiT0Cy33jlQqElHqM74s/n9uD
> > =Xp0Z
> > -----END PGP SIGNATURE-----
> >
> >
> >
> > ------------------------------
> >
> > Message: 6
> > Date: Mon, 05 Jan 2009 23:36:05 -0500
> > From: Eric Christensen <eric at christensenplace.us>
> > Subject: Submitting patches or bugs for the Security Guide
> > To: security-guide-list at redhat.com, Fedora Docs List
> > <fedora-docs-list at redhat.com>
> > Message-ID: <4962DFB5.40805 at christensenplace.us>
> > Content-Type: text/plain; charset=ISO-8859-1
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > If anyone has any patches or bugs for the Security Guide please submit
> > them at the Trac site [1]. We'll be using that to maintain a running
> > record of everything. Each section and guide has it's own component so
> > we can make it easier to distribute the work.
> >
> > Also, if you would like to maintain a particular chapter or section
> > please let me know and we'll put you in the system.
> >
> > [1] https://fedorahosted.org/securityguide
> >
> > Thanks,
> > Eric Christensen
> > E-Mail: sparks at fedoraproject.org
> > GPG Key: BD0C14C1
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.9 (GNU/Linux)
> > Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
> >
> > iEYEARECAAYFAkli37MACgkQfQTSQL0MFMFp3wCgjb2OIdqqmH1bV9cc6GUex9w8
> > md4AoLR4DDOi0+0W/SJ50A8coumEIZs2
> > =8nP4
> > -----END PGP SIGNATURE-----
> >
> >
> >
> > ------------------------------
> >
> > Message: 7
> > Date: Tue, 6 Jan 2009 00:00:16 -0800
> > From: Karsten Wade <kwade at redhat.com>
> > Subject: Re: PATCH[1/1] Linux Security Guide
> > To: fedora-docs-list at redhat.com
> > Message-ID: <20090106080016.GI8094 at calliope.phig.org>
> > Content-Type: text/plain; charset="us-ascii"
> >
> > On Sun, Jan 04, 2009 at 11:34:53PM +0100, Magnus Glantz wrote:
> >
> > > Vendors:
> > > http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/en-US/Security_Guide
> >
> > Just a note for the historical record. The above content is in fact
> > the basis for the 'Linux Security Guide' being discussed here.
> >
> > Just thought it was an ironic reference. ;-D
> >
> > - Karsten
More information about the fedora-docs-list
mailing list