Comments on Documentation Idea

Paul W. Frields stickster at gmail.com
Thu Apr 28 00:02:51 UTC 2005 

> On Wed, 27 Apr 2005, Thomas Jones wrote:
> > What about a documentation suite entitled --- Fedora Security Series?
> > 
> > Here's a brief vision statement.
> > 
> > The purpose of the series is to provide a security-related orientation 
> > of a great multitude of topics and how they relate to the Fedora 
> > distribution and its role in a network infrastructure.
> > 
> > For instance, the first couple topics that I would like to write would be:
> > - Risk Assessment of a Fedora Core Installation Scheme
> > - Risk Analysis of an Desktop Installation
> > - Risk Analysis of an Server Installation
> > - Policy Development in a Multiuser System
> > - etc......
> > 
> > As you can see, the topics are sequential in structure. Which alleviates 
> > any issues due to end-user initiated problems.
> > 
> > i.e. in order to develop a complete operating system risk analysis and 
> > determine a control solution(s); you must first perform the risk 
> > assessment to determine probable threat agents, and safeguards
> > 
> > The intended audience would be Power-Users, and individuals with
> > Information Technology experience. However, with a good content model it
> > should be easily understood by the general user.
> >
> > This series should be authored by individuals with relevant security
> > experience. They don't need to be CISSP certified; just have first hand
> > knowledge of the topic.
> >
> > I am inclined to get the series started in the right direction; so I
> > would like to write the first few topics for a good base. Then it's up
> > to the community!
> >
> > These should all be included in a series of related themes.
> >
> > I can start the first topic as soon as the community accepts the idea. I 
> > personally think this is great idea (of source I would!); but don't want 
> > to work on this idea; if it undermines the ideas of other team members.

On Wed, 2005-04-27 at 19:28 -0400, Elliot Lee wrote:
> You don't need any approval from anyone - if it is something you are
> excited about, just go ahead and do it! :-) If turns out to be valuable to
> others, that will be self-evident when you publicize the results of your
> writing to the Fedora community.
> 
> As far as continuing the project goes, I'm not sure how many people out
> there would be willing to do the work besides yourself (it's not just
> something you can drop on people's laps and expect them to keep
> maintaining). But don't let that stop you from taking on the challenge and
> seeing where things go - there's little downside :)

Charles Heselton (tuxxer) on this list has begun a "Fedora Hardening"
tutorial with which you might be inclined to assist.  He is working on
at least a couple documents, and may appreciate the help!  I think
having a team of security writers would be a great thing, provided the
work can be scoped to do the following:

(1) accommodate frequent maintenance based on Fedora Core's rapid
release schedule; 

(2) be Fedora-specific enough to give value over some of the other more
standardized security guides; and 

(3) survive contributor churn.

Regardless of whether you choose to work on the Fedora Hardening
document, why don't you choose one of the topics you list for a tutorial
(article format), and begin with a barebones draft.  That would be a
great way to introduce your vision for the series.  Once you're happy
enough with it to bring it on-list, just post a link for comments.

You will probably want to read the current Quick Start Guide:

  http://fedora.redhat.com/participate/documentation-quick-start/

There's a bit of dust while we make building improvements, but this
should help you get your feet wet.  (Pardon the mixed metaphor, I have
to go put the kids to bed!)  Thanks, and we're looking forward to your
participation.

-- 
Paul W. Frields, RHCE                          http://paul.frields.org/
  gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233  5906 ACDB C937 BD11 3717
 Fedora Documentation Project: http://fedora.redhat.com/projects/docs/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/docs/attachments/20050427/11dbd25e/attachment.bin

More information about the docs mailing list