Date: Sat, 20 Nov 2004 03:35:49 +0100 From: Max Laier <max@love2party.net> To: freebsd-doc@freebsd.org Subject: Re: Proposal regarding security chapter Message-ID: <200411200335.56638.max@love2party.net> In-Reply-To: <20041119203338.GF61766@seekingfire.com> References: <419E4747.6070001@FreeBSD.org> <419E510B.6020800@elvandar.org> <20041119203338.GF61766@seekingfire.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart4352230.lrONRM7I4I Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Friday 19 November 2004 21:33, Tillman Hodgson wrote: > On Fri, Nov 19, 2004 at 09:01:15PM +0100, Remko Lodder wrote: > > Tillman Hodgson wrote: > > >"Firewall", by itself, doesn't feel like an intuitive place to split > > >topics to me (aside from the convenience of its size). However, I > > >can see a natural split between network security and host security. > > >In that scenario, MAC would become the largest portion of the host > > >security chapter. > > > > > >That still leaves security with 2 chapters, unfortunately. It only > > >addressed the page count balance between the two chapters. > > > > Well, i had a tiny little discussion on EFNet on our docs channel > > (#bsddocs) and there is another suggestion to make a section V for > > security and place all security related stuff in there like > > MAC,Firewalls,Secure system stuff (or whatever it should be named). > > I like this idea the best. > > Ok, granted, in one of aspects I'm a security consultant and so I'm a > /little/ biased as to it's importance, but there's a practical benefit > as well: Each topic gets it's own chapter. And, seriously, some of the > Security sub-chapters suffer from too-many-sub-level-itis. This would > alleviate a lot of that. > > > I do not think that it's good to place Firewall and Mac into one > > chapter. But that's perhaps a bit of taste :) > > Nope, I agree with you. I was proposing to have a network and a host (or > local, which Tom suggested for a name) chapter. Firewalling would be in > the network chapter, MAC would be in the local chapter. This is now my > second-best ideal, though, after the new Section V idea. MAC is not strictly local or host, it has it's fingers in the netstack as=20 well. Since MAC is a complete system to look at security I think it's good = to=20 keep all documentation regarding it in one chapter under the TBD Security t= op=20 level chapter. The same is true for Firewalls. Though a firewall *is* a vit= al=20 part of "III. System Administration" as well as "IV. Network Communication"= =20 the firewall itself is as system to serve on purpose: "V. Security". I strongly support your point that security is an important topic. Hence, i= t=20 should be really easy for new and especially advanced users to find the=20 information that relates to security. Moreover, it should be easy to go to = a=20 specific subtopic within the security scope - such as Firewalls->PF ;) or=20 MAC->Biba. It's not effective to go through several pages just to find thes= e=20 information. =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --nextPart4352230.lrONRM7I4I Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQBBnq2MXyyEoT62BG0RAmkAAJ0ch6jru6LxXXl9/I0JP6myGL4WWwCcCoJA 0D+LjnL4StA5HgKSw56eZl8= =6Z3X -----END PGP SIGNATURE----- --nextPart4352230.lrONRM7I4I--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200411200335.56638.max>