From nobody@FreeBSD.org  Wed Feb 27 07:02:04 2002
Return-Path: <nobody@FreeBSD.org>
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 522F837B400
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 27 Feb 2002 07:02:04 -0800 (PST)
Received: (from nobody@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g1RF24723852;
	Wed, 27 Feb 2002 07:02:04 -0800 (PST)
	(envelope-from nobody)
Message-Id: <200202271502.g1RF24723852@freefall.freebsd.org>
Date: Wed, 27 Feb 2002 07:02:04 -0800 (PST)
From: Bob Johnson <bob88@garbonzo.hos.ufl.edu>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Handbook has inaccurate description of  freebsd-security list
X-Send-Pr-Version: www-1.0

>Number:         35378
>Category:       docs
>Synopsis:       Handbook has inaccurate description of  freebsd-security list
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    ceri
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          wish
>Submitter-Id:   current-users
>Arrival-Date:   Wed Feb 27 07:10:01 PST 2002
>Closed-Date:    Tue Oct 15 10:41:44 PDT 2002
>Last-Modified:  Tue Oct 15 10:41:44 PDT 2002
>Originator:     Bob Johnson
>Release:        N/A
>Organization:
>Environment:
FreeBSD Handbook page at
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/eresources.html
and web page at 
http://www.freebsd.org/search/search.html#mailinglists
>Description:
Handbook description of freebsd-security mailing list is "Security issues".
Mailing list is flooded with questions about how to use ssh, how 
to log in, how to configure IPFW, etc.	Problem is multiplied by 
three responses telling them they should have posted their question 
on freebsd-questions.
>How-To-Repeat:
Subscribe to freebsd-security mailing list and expect technical 
discussion of security issues.
>Fix:
On 
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/eresources.html
change description of freebsd-security mailing list to read

freebsd-security    Security aspects of proposed changes to FreeBSD

or 

freebsd-security    Discussion of security aspects of proposed changes

or similar wording.

Similar change required for 
http://www.freebsd.org/search/search.html#mailinglists

I believe the proposed phrasing accurately summarizes the 
security list charter, which limits it to strictly 
technical discussion.
>Release-Note:
>Audit-Trail:

From: Tom Rhodes <darklogik@pittgoth.com>
To: Bob Johnson <bob88@garbonzo.hos.ufl.edu>
Cc: freebsd-gnats-submit@FreeBSD.ORG
Subject: Re: docs/35378: Handbook has inaccurate description of  freebsd-security list
Date: Fri, 01 Mar 2002 11:15:53 -0500

 Bob Johnson wrote:
 
 
 >>
 > Handbook description of freebsd-security mailing list is "Security issues".
 > Mailing list is flooded with questions about how to use ssh, how 
 > to log in, how to configure IPFW, etc.	Problem is multiplied by 
 > three responses telling them they should have posted their question 
 > on freebsd-questions.
 
 Indeed the Handbook does not cover the use and configuration of ipfw(8) 
 as it should.  I have already started writing a section for the use and
 configuration of ipfw(8).  As for ssh(1), we have a nice section that 
 has been written by Chern Lee in the security section of the handbook, 
 so it need not be touched unless a large update is needed.
 
 
 -- 
 Tom (Darklogik) Rhodes
 www.Pittgoth.com Gothic Liberation Front
 www.FreeBSD.org  The Power To Serve
 

From: Tom Rhodes <darklogik@pittgoth.com>
To: freebsd-gnats-submit@FreeBSD.org, bob88@garbonzo.hos.ufl.edu
Cc:  
Subject: Re: docs/35378: Handbook has inaccurate description of  freebsd-security list
Date: Mon, 25 Mar 2002 13:35:15 -0500

 I reread this pr, and feel strongly that it can be closed.
 Any objections?  I have been personally lurking the FreeBSD-security
 mailing list for about 2-3 weeks, and the only thing I have read about
 are security questions in general, mainly things like if I get this
 error.  I feel that the security mailing list is fine how it is, as
 the stated problems do not seem to be occuring right now...
 
 Opions?
 
 -- 
 Tom (Darklogik) Rhodes
 www.Pittgoth.com Gothic Liberation Front
 www.FreeBSD.org  The Power To Serve
 

From: Giorgos Keramidas <keramida@freebsd.org>
To: Bob Johnson <bob88@garbonzo.hos.ufl.edu>
Cc: bug-followup@freebsd.org
Subject: Re: docs/35378: Handbook has inaccurate description of  freebsd-security list
Date: Fri, 29 Mar 2002 01:58:32 +0200

 Adding to audit trail:
 |
 | Date: Tue, 26 Mar 2002 14:58:04 -0500
 | From: Bob Johnson <bob@eng.ufl.edu>
 | To: darklogik@pittgoth.com
 |
 | Tom Rhodes wrote:
 | >
 | > I reread this pr, and feel strongly that it can be closed.
 | > Any objections?  I have been personally lurking the FreeBSD-security
 | > mailing list for about 2-3 weeks, and the only thing I have read about
 | > are security questions in general, mainly things like if I get this
 | > error.  I feel that the security mailing list is fine how it is, as
 | > the stated problems do not seem to be occuring right now...
 | >
 |
 | Well, I object.  The list charter clearly states, "This is a
 | technical mailing list for which strictly technical content
 | is expected."  So in addition to the original PR, it would be
 | appropriate to move -security from the general lists section
 | to the technical lists section.  I know the word "technical"
 | gets thrown around a lot without definition, but a little
 | consistency would be nice.
 |
 | The threads in -security on Saturday (digest #464) were: a long
 | rambling speculative discussion about how to provide remote root
 | login without a password (I don't know what the original question
 | was); someone who needed help reading the su(1) man page; a
 | question about how to configure maildrop and whether maildrop or
 | procmail has better security; the usual FAQ about "microuptime
 | went backwards"; and a question about file permissions in /tmp.
 | Of these, only the last is both FreeBSD-specific and security-specific
 | and thus clearly within the list charter (although it was probably
 | resolved by reading a man page somewhere and is probably a FAQ).
 | All of the rest either clearly belong on -questions or are
 | arguably more appropriate there.
 |
 | In other words, the stated problem IS occuring now.
 |
 | All of that is, in my opinion, only marginally relevant.  The
 | issue at hand is that the Handbook description of -security does
 | not accurately summarize the list charter (however vague it may
 | be), and should be refined to do so.  Perhaps "Technical discussion
 | of FreeBSD-specific security issues" would do it.
 |
 | I'll be happy to post the issue on the -security list and
 | see what people think, but I believe it is clear that either
 | the list charter or the Handbook description needs to be changed
 | so they are consistent with each other.
 |
 | And it may be that there should be another list: -security-questions,
 | which would absorb most of the questions now posted on -security,
 | and allow it to return to technical discussions of FreeBSD-specific
 | security issues, and what to do about them.
 |
 | > Opions?
 |
 | Now you have mine.  I'll post the issue on -security and see if
 | there is a clear consensus.  I'll probably regret it, since it
 | doesn't fall within the list charter 8)
 |
 | - Bob
Responsible-Changed-From-To: freebsd-doc->ceri 
Responsible-Changed-By: ceri 
Responsible-Changed-When: Mon Sep 30 11:28:33 PDT 2002 
Responsible-Changed-Why:  
I'll take this. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=35378 
State-Changed-From-To: open->closed 
State-Changed-By: ceri 
State-Changed-When: Tue Oct 15 10:37:21 PDT 2002 
State-Changed-Why:  
I've moved the description of the security list to the technical section 
and reworded the description. 

I think the search page is ok. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=35378 
>Unformatted:
