Re: Security categories according to Debian
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Guido Heumann wrote:
> lharnish@harnishfamily.com schrieb:
>> Hello,
>>
>> I am taking a information security class and was posed this as an
>> assignment question:
>>
>> Describe the broad security categories according to Debian.
>
> I'm not really a "security expert", but I'd say this question is quite
> difficult to answer because its not very precise. The term "security"
> has so many meanings and aspects, just as the Debian project. Security
> of what? Against what? Perhaps it's just me and my buzzword-aversion,
> but it annoys me that people forget to add this info all the time when
> they speak about "security" (same thing with "protection". And btw can
> anybody explain to me as a native german-speaker the difference between
> security and safety?)
>
>> I have been unable to find a reference to anything that states that Debian
>> has a different thought on securityt and categorizes security into needs,
>> rrequirements, or any groupings what so ever. I have checked several
>> different websites to include the Debian site itself and a lot of search
>> engines to no avail.
>>
>> Any links to documentation or papers which indicate Debians thoughts on
>> security and the categories they have set would be greatly appreciated.
>
> Anyways, I think the most general approach to security issues is written
> in the "Securing Debian Howto", perhaps the page "2.3 How does Debian
> handle security?" might be similar to what your class teacher means:
>
> http://www.debian.org/doc/manuals/securing-debian-howto/ch2.en.html#s2.3
>
> This relates to all kind of "problems", including bug reporting,
> packaging policy or security updates.
<nitpicking>
Being cautious about the definition of words, did you really mean to
claim that the howto covers _all_ ?
</nitpicking>
;-)
- Jonas
- --
* Jonas Smedegaard - idealist og Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
- Enden er nær: http://www.shibumi.org/eoti.htm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFo2W/n7DbMsAkQLgRAgvPAJ9kxAGn+sBrA6kUsrfxRuG+xbGKNACdFwZ7
vjC+MDNQv2XDdIpS84yiiJ4=
=HkYH
-----END PGP SIGNATURE-----
Reply to: