Security Team Apprenticeship: Difference between revisions

This page was last edited on 18 February 2021, at 15:24.

From Fedora Project Wiki

Latest revision as of 15:24, 18 February 2021

This page is a draft only
It is still under construction and content may change. Do not rely on the information on this page.

Requirements to be met

Introduction

Send the following information to the Security Team mailing list.

Name (pseudonym) and FAS ID
GPG Key Fingerprint (attach GPG public key to email)
Interests
Why do you want to join the Security Team?

Reading

Security Team Mission
Security Team Goals
Security Team Work Flow
Non-Responsive Maintainer Policy
Packaging Guidelines (You don't need to read all of this, but you need to know how to find it)

Training

On-the-job Training

Shadow mentor through a ticket and patch process.
Lead ticket and patch process with mentor shadowing.

Retrieved from "https://fedoraproject.org/w/index.php?title=Security_Team_Apprenticeship&oldid=605380"

Categories:

The Fedora Project is maintained and driven by the community and sponsored by Red Hat. This is a community maintained site. Red Hat is not responsible for content.

@@ Line 1: / Line 1: @@
 {{draft}}
-== Mission ==
+== Requirements to be met ==
-To create a training program that creates competent, trusted members of the [[Security Team]] that can handle most every situation that could come their way.
+=== Introduction ===
+Send the following information to the [https://lists.fedoraproject.org/mailman/listinfo/security Security Team mailing list].
+* Name (pseudonym) and FAS ID
+* GPG Key Fingerprint (attach GPG public key to email)
+* Interests
+* Why do you want to join the [[Security Team]]?
-== Background ==
+== Reading ==
-When the [[Security Team]] was created we were forced to guess at what skills were needed and who would be right to work on potentially sensitive cases.  That was a bad way to start ''but'' I believe we're now beyond guessing.
+* [[Security Team Mission]]
+* [[Security Team Goals]]
+* [[Security Team Work Flow]]
+* [[Policy_for_nonresponsive_package_maintainers|Non-Responsive Maintainer Policy]]
+* [[Packaging:Guidelines| Packaging Guidelines]] (You don't need to read all of this, but you need to know how to find it)
-== Requirements to be met ==
+== Training ==
-=== Skills ===
-* [[Using security tracking features in Bugzilla]] and [[Security Bugs]]
-* [[Understand CVEs]]
-=== Time in Service ===
+* [https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/ RHEL 7 Security Guide]
+* [https://access.redhat.com/security/updates/classification Red Hat Security Classification]
+* [https://cve.mitre.org/about/faqs.html CVE FAQ]
+* [http://www.candlepinproject.org/presentations/pki-crash-course PKI Course]
-=== Trustworthiness ===
+== On-the-job Training ==
+* Shadow mentor through a ticket and patch process.
+* Lead ticket and patch process with mentor shadowing.
-== Completing the requirements ==
+[[Category:Security Team]]

Search