I've prepared the following Scope Statement to help those involved in the
project to update the RHEL5 Security Documentation. Please feel free to offer
any suggestions, ask questions or get clarification. As we move forward there
may be minor changes, but this should be pretty close.
Apologies for the cross-post and to those who receive multiple copies. Please
forward this to interested parties who may not be on any of these lists.
----
The RHEL5 Security Guide integrates two previously separate guides: The Red
Hat Enterprise Linux 4 Security Guide and the Red Hat Enterprise Linux 4
SELinux Guide. These guides are being integrated and updated to provide a
single source of information for all security-related topics for Red Hat
Enterprise Linux.
The RHEL5 Security Guide provides a general introduction to security, and from
the perspective of Red Hat Linux in particular. It provides conceptual
information in the areas of security assessment, common exploits, and
intrusion and incident response. It also provides conceptual and specific
configuration information for hardening Workstation, Server, VPN, firewall
and other implementations using SELinux. A Troubleshooting section provides
information on common problems and how to resolve them.
The RHEL5 Security Guide assumes a basic knowledge of IT security, and
consequently provides only minimal coverage of common security practices such
as controlling physical access, sound account-keeping policies and
procedures, auditing, etc. Neither does it cover the intricacies of SELinux
in detail, such as writing policies for certain 3rd party applications. Where
appropriate, reference is made to external resources for this and related
information.
----
regards,
David O'Brien
Red Hat Asia Pacific Pty Ltd
Tel: +61-7-3514-8189
Fax: +61-7-3514-8199
email: daobrien(a)redhat.com
web:
http://apac.redhat.com/