You can subscribe to this list here.
2005 |
Jan
|
Feb
|
Mar
(1) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
2009 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(1) |
From: Javier <jf...@co...> - 2005-03-09 11:13:59
|
Just in case you guys want to jump to the wagon too. Sorry for not adding= =20 you initially to the mail. Regards Javier ----- Forwarded message from Javier Fern=E1ndez-Sanguino Pe=F1a <jfs@debian= =2Eorg> ----- =46rom: Javier Fern=E1ndez-Sanguino Pe=F1a <jf...@de...> Date: Fri, 4 Mar 2005 19:48:53 +0100 To: deb...@sh..., te...@se..., sec...@li... Subject: "Improving Security in Debian" Paper for Debconf5 Hi guys, Even though I'm not yet sure if I'll be able to attend, I have submitted a= =20 paper to Debconf5 related to security work at Debian. Oriented towards=20 helping maintainers keep their packages in shape (security-speaking),=20 showing some data of how the security team and the security-audit team are= =20 working out and suggesting things that should be improved. It would be great if other members of the Security Team and the Debian=20 Security Team could contribute to the paper and help with the conference (again, I'm not sure if I will attend) I believe that having a paper outline the current status of security=20 support in Debian and what things need to be improved both in the Debian=20 operating system and the project to improve it would be a big eye-opener to= =20 some of the issues the Security Team is having. Also, providing (in a=20 workshop) some basic knowledge so that maintainers can security-audit their= =20 packages would save a lot of issues in the long term. This is the abstract I have proposed: ------------------------------------------------------------------------- Improving Debian Security ------------------------- =BFHow can we improve the security of the Debian distribution to improve it= =20 both to protect the Debian project and our end users? This presentation will try to analyse what are the major concerns related= =20 to the security in the Debian operating system, including the current trend= =20 of vulnerabilities and time to fix (an update of the one presented in=20 Debconf3), a look on the work conducted by the Debian Security and Security= =20 Audit teams and what steps can maintainers, release managers and end-users= =20 take in order to help keep the distribution secure. The analysis will=20 include a brief presentation of the impact of several security-enhancing=20 technologies (SElinux, PaX, SPP..) on the distribution and what needs to be= =20 changed in order to provide these for end users. The presentation will also try to feed some discussion including proposals= =20 related to the overall management of software quality (and how this affects= =20 the security of the released distribution) as well as to what additional=20 work can be conducted in order for the project to provide a distibution=20 with an enterprise-level of security that could be, at some point, Common= =20 Criteria certified for government use. ------------------------------------------------------------------------- Does anyone want to help out with this? Regards Javier ----- End forwarded message ----- --=20 |