Re: Securing Debian HOWTO

To: debian-devel@lists.debian.org
Subject: Re: Securing Debian HOWTO
From: Matt Zimmerman <mdz@debian.org>
Date: Mon, 18 Nov 2002 12:33:35 -0500
Message-id: <[🔎] 20021118173335.GD6861@mizar.alcor.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20021118154634.GA25789@dat.etsit.upm.es>
References: <[🔎] 1037261286.10232.49.camel@localhost> <[🔎] 20021114093622.GD10740@dat.etsit.upm.es> <[🔎] 20021115200103.GD6996@mizar.alcor.net> <[🔎] 20021118133854.GC18857@dat.etsit.upm.es> <[🔎] 20021118150254.GA6861@mizar.alcor.net> <[🔎] 20021118154634.GA25789@dat.etsit.upm.es>

On Mon, Nov 18, 2002 at 04:46:34PM +0100, Javier Fernández-Sanguino Peña wrote:

> On Mon, Nov 18, 2002 at 10:02:54AM -0500, Matt Zimmerman wrote:
> > Why?  And why did you decide to fork it instead of just linking to it?
> 
> ¿So that people don't have to dig in the website? Com'on. You cannot
> expect harden-doc (for example) to provide an incomplete manual for
> offline reading (PDF,HTML,whatever). What if the person doesn't have an
> inet connection? (i.e. has only obtained Debian through CDs).

People don't have to dig on the website if you provide a link; they just
follow it.  If you want to package the security team FAQ to provide a copy
for offline reading, I see no problem with that.  But please don't copy it
into another document and create a fork.

> I'm reluctant to have web-only documentation (such as the security FAQ).
> People want: 
> 
> 1.- documentation that can be read offline
> 2.- documentation that can be pretty-printed
> 
> 	I'm not forking the security-FAQ I'm copying it into a document
> 	format that provides both. We are not giving our web-site on the
> 	CD-ROMs (maybe we should) but we are providing harden-doc as a
> 	package with this documentation. 
> 
> I'ts a pity that people think that bandwith is un-expensive all over the
> world or that everyone has free-Internet access. Even if it's common, and
> a plus, we don't have to take for granted that users have both.

There is nothing about the security team FAQ which makes it unable to be
read offline, any more than your document.  That argument is nonsensical.

Printing is a different matter, and if that is your concern, then perhaps
you could offer to reformat the FAQ so that it can generate both HTML and
printed documentation.  But I do not think that it belongs as part of this
HOWTO (or harden-doc for that matter).

> > > 	Will do. Feel free to submit a patch.
> > 
> > Two patches are attached, one for the security team FAQ and one for the
> > Debian Developer's Reference.
> 
> 	I had already linked to the DD's reference before you sent the patch
> 	BTW.  The Securing Debian section was introduced *before* it was
> 	written in the DD's reference. 

Thanks.

> 	I will sync with the Security's FAQ, but I will *not* remove it. I
> 	will add a link refering to the main (approved) document. But it
> 	makes much more sense to have a FAQ in the Manual that *includes*
> 	the Security Team's. And it's not a fork.

You are copying it and modifying it.  That is a fork.  It is better that you
are synching it, but it seems better to have a single authoritative source.

-- 
 - mdz

Reply to:

Follow-Ups:
- Re: Securing Debian HOWTO
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>

References:
- Re: [RFH] The need for signed packages and signed Releases (long, long)
  - From: Thomas Hood <jdthood@yahoo.co.uk>
- Re: [RFH] The need for signed packages and signed Releases (long, long)
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Securing Debian HOWTO
  - From: Matt Zimmerman <mdz@debian.org>
- Re: Securing Debian HOWTO
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Securing Debian HOWTO
  - From: Matt Zimmerman <mdz@debian.org>
- Re: Securing Debian HOWTO
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>

Prev by Date: Re: Discussion - non-free software removal
Next by Date: Re: Debian Development
Previous by thread: Re: Securing Debian HOWTO
Next by thread: Re: Securing Debian HOWTO
Index(es):
- Date
- Thread