[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#337086: [BPP] Best practices for security design and review

tags 337086 + moreinfo

On 02/11/05 at 16:59 +0100, Javier Fernández-Sanguino Peña wrote:
> Package: developers-reference
> Version: 3.3.6
> Tags: patch
> Attached is a patch that provides a list of best practices for security
> review and designed. If there is no intention to add this to the Developer
> Reference please say so, if that is the case, I will simply create a new
> section in the "Securing Debian Manual" oriented towards package developers.

Hi Javier,

What's the status of this patch? Are you still interested in getting
this into developers-reference?

I generally agree that such a section would be a good idea, at least the
first part (Best practices for security review and design). I'm not
quite sure about the second part (System users and groups for software
daemons), because it's quite long, and if we take that path, there are
other things that should be documented in the same way.
| Lucas Nussbaum
| lucas@lucas-nussbaum.net   http://www.lucas-nussbaum.net/ |
| jabber: lucas@nussbaum.fr             GPG: 1024D/023B3F4F |

Attachment: signature.asc
Description: Digital signature

Reply to: