Date: Fri, 19 Nov 2004 21:00:01 -0600 From: Tillman Hodgson <tillman@seekingfire.com> To: freebsd-doc@freebsd.org Subject: Re: Proposal regarding security chapter Message-ID: <20041120030001.GI61766@seekingfire.com> In-Reply-To: <200411200335.56638.max@love2party.net> References: <419E4747.6070001@FreeBSD.org> <419E510B.6020800@elvandar.org> <20041119203338.GF61766@seekingfire.com> <200411200335.56638.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Nov 20, 2004 at 03:35:49AM +0100, Max Laier wrote: > On Friday 19 November 2004 21:33, Tillman Hodgson wrote: > > > > Nope, I agree with you. I was proposing to have a network and a host > > (or local, which Tom suggested for a name) chapter. Firewalling > > would be in the network chapter, MAC would be in the local chapter. > > This is now my second-best ideal, though, after the new Section V > > idea. > > MAC is not strictly local or host, it has it's fingers in the netstack > as well. True enough. The Section V idea seems to manage this by avoiding the issue. I often find that good solutions don't solve a problem, they make it no longer relevent ;-) > Since MAC is a complete system to look at security I think it's good > to keep all documentation regarding it in one chapter under the TBD > Security top level chapter. The same is true for Firewalls. Though a > firewall *is* a vital part of "III. System Administration" as well as > "IV. Network Communication" the firewall itself is as system to serve > on purpose: "V. Security". > > I strongly support your point that security is an important topic. > Hence, it should be really easy for new and especially advanced users > to find the information that relates to security. Moreover, it should > be easy to go to a specific subtopic within the security scope - such > as Firewalls->PF ;) or MAC->Biba. It's not effective to go through > several pages just to find these information. I think you're agreeing with me, but I'm not sure ;-) Currently we have: III System Administration -> Security -> MAC -> Biba III System Administration -> Security -> Firewalls -> PF III System Administration -> Security -> Kerberos5 (I'm the Kerberos guy, so I used that as one of the examples ... I have selfish motives too, yanno ;-)). The proposal is to turn this into this: V System Administration -> MAC -> Biba V System Administration -> Firewalls -> PF V System Administration -> Kerberos5 Basically putting all of the security topics on equal footing. This highlights the importance of security, makes individual topics easier to find (and less "deep" in level), I think that you're saying the same thing but I figured it was worthwhile to spell it out explicitly just in case I'm not the only one who was unclear. -T -- Freedom is an elusive concept. Some men hold themselves prisoner even when they have the power to do as they please and go where they choose, while others are free in their hearts, even as shackles restrain them. - Zensunni Wisdom from the Wandering
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041120030001.GI61766>