Greetings Fedora Docs Peoples,
Red Hat Product Security is looking to liberate several documents from our repositories and get them into the community's hands. The source is already in ASCIIDoc so they should be ready to go (although they may need a little touching up). If you guys are interested, here are the titles we have:
- GCC Fortify - Securing the Source - Security Benefits of RPM Packaging - several 'recommended practices' documents (this might be better going to the wiki, depending on how you want to organize your information).
Unfortunately, all of this information is currently internal to Red Hat and, thus, not even available to customers.
I guess the question right now is, does Fedora Docs even want these bits?
Thanks, Eric Christensen Technical Writer, Product Security Red Hat Inc sparks@redhat.com IRC: Sparks
Hey Eric,
Yes, we'd definitely like the sources - while they might not fit as is into the documentation (I'll let others decide), I'd definitely like parts of it for the container-related documentation within the Fedora docs. I'll write you a follow-up email off-list.
Thanks, Sanja
On Wed, Jan 16, 2019 at 4:27 PM Eric Christensen sparks@redhat.com wrote:
Greetings Fedora Docs Peoples,
Red Hat Product Security is looking to liberate several documents from our repositories and get them into the community's hands. The source is already in ASCIIDoc so they should be ready to go (although they may need a little touching up). If you guys are interested, here are the titles we have:
- GCC Fortify
- Securing the Source
- Security Benefits of RPM Packaging
- several 'recommended practices' documents (this might be better going to
the wiki, depending on how you want to organize your information).
Unfortunately, all of this information is currently internal to Red Hat and, thus, not even available to customers.
I guess the question right now is, does Fedora Docs even want these bits?
Thanks, Eric Christensen Technical Writer, Product Security Red Hat Inc sparks@redhat.com IRC: Sparks _______________________________________________ docs mailing list -- docs@lists.fedoraproject.org To unsubscribe send an email to docs-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/docs@lists.fedoraproject.org
Hello,
Speaking of, the Defensive Coding guide [1] is waiting for about a year for one final step.
Kind regards,
--Mirek
[1] https://pagure.io/defensive-coding-guide/commits/master
On 01/16/2019 05:49 PM, Sanja Bonic wrote:
Hey Eric,
Yes, we'd definitely like the sources - while they might not fit as is into the documentation (I'll let others decide), I'd definitely like parts of it for the container-related documentation within the Fedora docs. I'll write you a follow-up email off-list.
Thanks, Sanja
On Wed, Jan 16, 2019 at 4:27 PM Eric Christensen <sparks@redhat.com mailto:sparks@redhat.com> wrote:
Greetings Fedora Docs Peoples, Red Hat Product Security is looking to liberate several documents from our repositories and get them into the community's hands. The source is already in ASCIIDoc so they should be ready to go (although they may need a little touching up). If you guys are interested, here are the titles we have: - GCC Fortify - Securing the Source - Security Benefits of RPM Packaging - several 'recommended practices' documents (this might be better going to the wiki, depending on how you want to organize your information). Unfortunately, all of this information is currently internal to Red Hat and, thus, not even available to customers. I guess the question right now is, does Fedora Docs even want these bits? Thanks, Eric Christensen Technical Writer, Product Security Red Hat Inc sparks@redhat.com <mailto:sparks@redhat.com> IRC: Sparks _______________________________________________ docs mailing list -- docs@lists.fedoraproject.org <mailto:docs@lists.fedoraproject.org> To unsubscribe send an email to docs-leave@lists.fedoraproject.org <mailto:docs-leave@lists.fedoraproject.org> Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/docs@lists.fedoraproject.org
docs mailing list -- docs@lists.fedoraproject.org To unsubscribe send an email to docs-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/docs@lists.fedoraproject.org
Hi, I'm all for it and I can convert the docs so they're publishable through Antora (it requires a certain file/directory structure and some configs on top of plain asciidoc). I want to ask - is anyone in security anyone willing to update them after we get them published for the first time?
Also, can you send me a link to the sources (off list if they're internal)? I'd like to take a look.
Cheers,
Petr
On 1/16/19 5:26 PM, Eric Christensen wrote:
Greetings Fedora Docs Peoples,
Red Hat Product Security is looking to liberate several documents from our repositories and get them into the community's hands. The source is already in ASCIIDoc so they should be ready to go (although they may need a little touching up). If you guys are interested, here are the titles we have:
- GCC Fortify
- Securing the Source
- Security Benefits of RPM Packaging
- several 'recommended practices' documents (this might be better going to the wiki, depending on how you want to organize your information).
Unfortunately, all of this information is currently internal to Red Hat and, thus, not even available to customers.
I guess the question right now is, does Fedora Docs even want these bits?
Thanks, Eric Christensen Technical Writer, Product Security Red Hat Inc sparks@redhat.com IRC: Sparks _______________________________________________ docs mailing list -- docs@lists.fedoraproject.org To unsubscribe send an email to docs-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/docs@lists.fedoraproject.org
Greetings Fedora Docs Peoples,
Red Hat Product Security is looking to liberate several documents from our repositories and get them into the community's hands. The source is already in ASCIIDoc so they should be ready to go (although they may need a little touching up). If you guys are interested, here are the titles we have:
- GCC Fortify
- Securing the Source
- Security Benefits of RPM Packaging
- several 'recommended practices' documents (this might be better going to the
wiki, depending on how you want to organize your information).
Unfortunately, all of this information is currently internal to Red Hat and, thus, not even available to customers.
I guess the question right now is, does Fedora Docs even want these bits?
I have just moved the documents that were discussed, several months ago, to Pagure. I still need to clean up the repos a bit but the data (and git history) is there.
https://pagure.io/securing-the-source https://pagure.io/gcc-fortify https://pagure.io/recommended-practices-authentication https://pagure.io/recommended-practices-building-from-source https://pagure.io/recommended-practices-postgresql-authentication https://pagure.io/recommended-practices-using-kerberos-with-a-website https://pagure.io/recommended-practices-using-tls-with-http https://pagure.io/security-benefits-of-rpm-packaging
It all needs to be updated as most of it hasn't been looked at since 2017. I want to update the Recommended Practices: Using TLS with HTTP myself.
Anyway, it's all there in ASCIIdoc.
Thanks, Eric Christensen Technical Writer, CEE Product Security Red Hat Inc. sparks@redhat.com IRC: Sparks