From Fedora Project Wiki
(→Skills) |
No edit summary |
||
Line 11: | Line 11: | ||
* [[Using security tracking features in Bugzilla]] and [[Security Bugs]] | * [[Using security tracking features in Bugzilla]] and [[Security Bugs]] | ||
* [[Understand CVEs]] | * [[Understand CVEs]] | ||
* [[Understanding Packaging Process]] and [[Packaging Policies]] | |||
* [[Basic Understanding of Software and System Security Principles]] | |||
=== Time in Service === | === Time in Service === | ||
Line 17: | Line 19: | ||
== Completing the requirements == | == Completing the requirements == | ||
== Resources == | |||
=== Security Training === | |||
* [https://fedoraproject.org/wiki/Information_Security_Training Information Security Training] | |||
=== Packaging Policies and Procedures === | |||
* [https://fedoraproject.org/wiki/Join_the_package_collection_maintainers?rd=PackageMaintainers/Join Becoming a Packager] | |||
* [http://fedoraproject.org/wiki/Policy_for_nonresponsive_package_maintainers Non-Responsive Maintainer Policy] | |||
=== CVE Description and Use === | |||
* [https://cve.mitre.org/ CVE Central] |
Revision as of 15:08, 31 December 2015
Mission
To create a training program that creates competent, trusted members of the Security Team that can handle most every situation that could come their way.
Background
When the Security Team was created we were forced to guess at what skills were needed and who would be right to work on potentially sensitive cases. That was a bad way to start but I believe we're now beyond guessing.
Requirements to be met
Skills
- Using security tracking features in Bugzilla and Security Bugs
- Understand CVEs
- Understanding Packaging Process and Packaging Policies
- Basic Understanding of Software and System Security Principles