[Secure-testing-commits] r17234 - hardening

Michael Gilbert gilbert-guest at alioth.debian.org
Tue Sep 13 23:55:28 UTC 2011 

Author: gilbert-guest
Date: 2011-09-13 23:55:28 +0000 (Tue, 13 Sep 2011)
New Revision: 17234

Modified:
   hardening/subgoal-dsa.txt
   hardening/subgoal-important.txt
Log:
add some instructions for hardening work

Modified: hardening/subgoal-dsa.txt
===================================================================
--- hardening/subgoal-dsa.txt	2011-09-13 22:42:29 UTC (rev 17233)
+++ hardening/subgoal-dsa.txt	2011-09-13 23:55:28 UTC (rev 17234)
@@ -1,10 +1,13 @@
 Hardening subgoal for Wheezy:
 All packages, which had a DSA since 2006. 
 
+Instructions:
+- After checking a package, add it to the "Candidates:" or "Non-candidates:" list
+- After NMUing a candidate, add it to the "Resolved/fixed:" list
 
-This needs to cleaned up
-further:
-- Software written in PHP etc. need to be removed
+This lists needs cleaned up further:
+- Software written in non-C/C++ languages (PHP, etc.) should be added to 
+  the "Non-candidates:" list
 - Some packages have been removed/superceded by newer srcpkg (I did
   some cursory cleanup, but needs more work)
 
@@ -584,6 +587,10 @@
 zope-ldapuserfolder
 zoph
 
+Non-candidates:
+
+Candidates:
+
 Resolved/fixed:
 
 

Modified: hardening/subgoal-important.txt
===================================================================
--- hardening/subgoal-important.txt	2011-09-13 22:42:29 UTC (rev 17233)
+++ hardening/subgoal-important.txt	2011-09-13 23:55:28 UTC (rev 17234)
@@ -4,9 +4,13 @@
 aptitude search '~prequired' | sed 's/\ A//' '{print$2}' 
 aptitude search '~pimportant' | sed 's/\ A//' '{print$2}
 
-This needs to cleaned up further:
-- Some all packages need to be removed (e.g. locales etc)
+Instructions:
+- After checking a package, add it to the "Candidates:" or "Non-candidates:" list
+- After NMUing a candidate, add it to the "Resolved/fixed:" list
 
+This list needs cleaned up further:
+- Packages not written in C/C++ should to be removed (e.g. locales etc)
+
 To check:
 
 base-files
@@ -129,7 +133,10 @@
 wget
 whiptail
 
+Non-candidates:
 
+Candidates:
+
 Resolved/fixed:

More information about the Secure-testing-commits mailing list