-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On Tue, Jul 09, 2013 at 01:16:32PM -0700, Izar Tarandach wrote:
On Tue, Jul 9, 2013 at 6:33 AM, Eric H. Christensen <
sparks(a)fedoraproject.org> wrote:
> Our secure coding mission is primarily educational. Writing software is
> really hard, writing secure software is even harder. There's no way any
> software will ever be written without bugs, but we can try to avoid some of
> the most common mistakes. Our first steps are to document the common causes
> for security vulnerabilities in software and provide information on
> preventing these vulnerabilities from happening.
SAFECode has recently come out with a training initiative putting secure
development material in the public domain:
https://training.safecode.org/ -
the courses come as templates that may be used/adapted to whatever needs.
The licensing on these courses are *not* public domain but rather a non-free CC-BY-NC
license.
There's some good content there - some generic, some
Linux-specific - and
more coming out soon. They're open to requests and suggestions, perhaps the
Fedora SIG would be interested in participating.
Due to the license being non-free Fedora wouldn't be able to take part.
I think this underlines the problem that I've seen while doing research about this
type of training. Most of the works available are not available under a free[0] license.
I've already been working to release what I can from within Red Hat into the public
arena using the CC-BY-SA license (via Fedora) and I hope to have more coming. I'd
like to see more training and information become available under a similar free license.
[0]
https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing#Overview
- -- Eric
- --------------------------------------------------
Eric "Sparks" Christensen
Red Hat, Inc - Product Security Team
sparks(a)redhat.com - sparks(a)fedoraproject.org
097C 82C3 52DF C64A 50C2 E3A3 8076 ABDE 024B B3D1
- --------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iQGcBAEBCgAGBQJR3JI+AAoJEB/kgVGp2CYv2igL/RvjbiaJaD70JerlEaexZzho
k+lWmj75lHgKkwD/8x80UTPil+1jwD1+gtF2n0mpi5xp1g/NVOhVSWDBsDuSe6D1
z7ZabYD0mvhGaw7/TA26OaSUIHpIR3hRrSBZnUCtiXwC4ubxIpnlUi+tqHzHg3ee
YTXq0kilmrLAQioUw7c2Q1gtZLIxse5GT/l4vH2duYHAWY/eURAXbjB5Lldw4JXs
nwG3wZCaU/vWsTJliUKNNcvTah0+EYIvv9dhYd3iKgXnyzUdj4PD3UOfRuu7HQ6C
SAg/yyHVWfcuWIpk2y4Vbl5NqL3tlt3eDu7YjErCbgMNxpHULn7IN86iQUJSMJlu
5s8hjAvldlPAxtYBDwYiV0dZGwg3KupLQa5s5hbVfjzlauT7Vobq8YtTu320a//o
hTQY5HH1jGBjNZIkeGyIANnnI+Sl/aA/2F1KmBP+6LOdHXzvErSIUIru5UtnbTGT
xX+vXQNRx3bA4+nHadh6UfGKSXEexSF0gpT4dYbEkw==
=5nvw
-----END PGP SIGNATURE-----