Bug 35378

Summary: Handbook has inaccurate description of freebsd-security list
Product: Documentation Reporter: Bob Johnson <bob88>
Component: Books & ArticlesAssignee: Ceri Davies <ceri>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   

Description Bob Johnson 2002-02-27 15:10:01 UTC 
Handbook description of freebsd-security mailing list is "Security issues".
Mailing list is flooded with questions about how to use ssh, how 
to log in, how to configure IPFW, etc.	Problem is multiplied by 
three responses telling them they should have posted their question 
on freebsd-questions.

Fix: 

On 
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/eresources.html
change description of freebsd-security mailing list to read

freebsd-security    Security aspects of proposed changes to FreeBSD

or 

freebsd-security    Discussion of security aspects of proposed changes

or similar wording.

Similar change required for 
http://www.freebsd.org/search/search.html#mailinglists

I believe the proposed phrasing accurately summarizes the 
security list charter, which limits it to strictly 
technical discussion.
How-To-Repeat: Subscribe to freebsd-security mailing list and expect technical 
discussion of security issues.
Comment 1 darklogik 2002-03-01 16:15:53 UTC 
Bob Johnson wrote:


>>
> Handbook description of freebsd-security mailing list is "Security issues".
> Mailing list is flooded with questions about how to use ssh, how 
> to log in, how to configure IPFW, etc.	Problem is multiplied by 
> three responses telling them they should have posted their question 
> on freebsd-questions.

Indeed the Handbook does not cover the use and configuration of ipfw(8) 
as it should.  I have already started writing a section for the use and
configuration of ipfw(8).  As for ssh(1), we have a nice section that 
has been written by Chern Lee in the security section of the handbook, 
so it need not be touched unless a large update is needed.


-- 
Tom (Darklogik) Rhodes
www.Pittgoth.com Gothic Liberation Front
www.FreeBSD.org  The Power To Serve
Comment 2 darklogik 2002-03-25 18:35:15 UTC 
I reread this pr, and feel strongly that it can be closed.
Any objections?  I have been personally lurking the FreeBSD-security
mailing list for about 2-3 weeks, and the only thing I have read about
are security questions in general, mainly things like if I get this
error.  I feel that the security mailing list is fine how it is, as
the stated problems do not seem to be occuring right now...

Opions?

-- 
Tom (Darklogik) Rhodes
www.Pittgoth.com Gothic Liberation Front
www.FreeBSD.org  The Power To Serve
Comment 3 Giorgos Keramidas freebsd_committer freebsd_triage 2002-03-28 23:58:32 UTC 
Adding to audit trail:
|
| Date: Tue, 26 Mar 2002 14:58:04 -0500
| From: Bob Johnson <bob@eng.ufl.edu>
| To: darklogik@pittgoth.com
|
| Tom Rhodes wrote:
| >
| > I reread this pr, and feel strongly that it can be closed.
| > Any objections?  I have been personally lurking the FreeBSD-security
| > mailing list for about 2-3 weeks, and the only thing I have read about
| > are security questions in general, mainly things like if I get this
| > error.  I feel that the security mailing list is fine how it is, as
| > the stated problems do not seem to be occuring right now...
| >
|
| Well, I object.  The list charter clearly states, "This is a
| technical mailing list for which strictly technical content
| is expected."  So in addition to the original PR, it would be
| appropriate to move -security from the general lists section
| to the technical lists section.  I know the word "technical"
| gets thrown around a lot without definition, but a little
| consistency would be nice.
|
| The threads in -security on Saturday (digest #464) were: a long
| rambling speculative discussion about how to provide remote root
| login without a password (I don't know what the original question
| was); someone who needed help reading the su(1) man page; a
| question about how to configure maildrop and whether maildrop or
| procmail has better security; the usual FAQ about "microuptime
| went backwards"; and a question about file permissions in /tmp.
| Of these, only the last is both FreeBSD-specific and security-specific
| and thus clearly within the list charter (although it was probably
| resolved by reading a man page somewhere and is probably a FAQ).
| All of the rest either clearly belong on -questions or are
| arguably more appropriate there.
|
| In other words, the stated problem IS occuring now.
|
| All of that is, in my opinion, only marginally relevant.  The
| issue at hand is that the Handbook description of -security does
| not accurately summarize the list charter (however vague it may
| be), and should be refined to do so.  Perhaps "Technical discussion
| of FreeBSD-specific security issues" would do it.
|
| I'll be happy to post the issue on the -security list and
| see what people think, but I believe it is clear that either
| the list charter or the Handbook description needs to be changed
| so they are consistent with each other.
|
| And it may be that there should be another list: -security-questions,
| which would absorb most of the questions now posted on -security,
| and allow it to return to technical discussions of FreeBSD-specific
| security issues, and what to do about them.
|
| > Opions?
|
| Now you have mine.  I'll post the issue on -security and see if
| there is a clear consensus.  I'll probably regret it, since it
| doesn't fall within the list charter 8)
|
| - Bob
Comment 4 Ceri Davies freebsd_committer freebsd_triage 2002-09-30 19:28:33 UTC 
Responsible Changed
From-To: freebsd-doc->ceri

I'll take this.
Comment 5 Ceri Davies freebsd_committer freebsd_triage 2002-10-15 18:37:21 UTC 
State Changed
From-To: open->closed

I've moved the description of the security list to the technical section 
and reworded the description. 

I think the search page is ok.