|
|
| (7 intermediate revisions by 4 users not shown) |
| Line 1: |
Line 1: |
| {{draft}}
| | #REDIRECT [[SIGs/Security]] |
| | |
| == Mission ==
| |
| To create a training program that creates competent, trusted members of the [[Security Team]] that can handle most every situation that could come their way.
| |
| | |
| == Background ==
| |
| When the [[Security Team]] was created we were forced to guess at what skills were needed and who would be right to work on potentially sensitive cases. That was a bad way to start ''but'' I believe we're now beyond guessing.
| |
| | |
| == Requirements to be met ==
| |
| === Skills ===
| |
| * [[Using security tracking features in Bugzilla]] and [[Security Bugs]]
| |
| * [[Understand CVEs]]
| |
| * [[Understanding Packaging Process]] and [[Packaging Policies]]
| |
| * [[Basic Understanding of Software and System Security Principles]]
| |
| | |
| === Time in Service ===
| |
| | |
| === Trustworthiness ===
| |
| | |
| == Completing the requirements ==
| |
| | |
| == Resources ==
| |
| | |
| === Security Training ===
| |
| * [https://fedoraproject.org/wiki/Information_Security_Training Information Security Training]
| |
| === Packaging Policies and Procedures ===
| |
| * [https://fedoraproject.org/wiki/Join_the_package_collection_maintainers?rd=PackageMaintainers/Join Becoming a Packager]
| |
| * [http://fedoraproject.org/wiki/Policy_for_nonresponsive_package_maintainers Non-Responsive Maintainer Policy]
| |
| === CVE Description and Use ===
| |
| * [https://cve.mitre.org/ CVE Central]
| |
