Answer in whatever length necessary for completeness.
First Name
Last Name
E-mail address
Date
Please take a few minutes to fill out the following
questionnaire so that our team may be able to better understand
about your possible future relationship with our herd. This
basic questionnaire should not take long to complete. Space is
also provided for open-ended responses, should you wish to tell
us more. We encourage you to share with us anything you think
might be useful or important for us to know, in terms of
supporting yours and our security efforts.
------------------------------------------------------------------------
These 10 questions are directly related to portage and the
gentoo way of doing things its important that you the developer
have a good understanding of these things.
1. You change a package's ebuild to install an init script. Previously,
the package had no init script at all.
Is a revision bump necessary?
2. A user submits a "live" CVS ebuild. What would be a preferable
alternative to such an ebuild?
3. A user submits a brand-new ebuild for a new package. What are the
proper steps (including cvs commands) to take to add
this ebuild to the tree?
4. A user submits an ebuild that has numerous technical problems and
violates policy. How would you handle that situation?
5. You have a set of new ebuilds that could potentially benefit
from a global USE flag. What steps should be taken before
such a USE flag is implemented?
6. You're creating an ebuild. Unfortunately, the ebuild's 'make install'
target causes numerous access violations. What is the best
course of action to take to have a clean, straightforward
ebuild?
7. You're creating an ebuild that needs a patch. The patch is
nontrivially large - bigger than 20kbytes. Where should
the patch be kept?
8. You're creating an ebuild that has its own license - one that
doesn't exist in /usr/portage/licenses/. What is the proper
course of action?
9. (a) You wish to mark an ebuild "stable," taking it out of ~ARCH
KEYWORDS. It's a critical system library. What steps should
be taken to do so?
(b) You wish to mark an ebuild "testing," putting it into ~ARCH
KEYWORDS. It was previously hard-masked in package.mask.
What should be done prior to doing so?
(c) You wish to mark an ebuild "stable." It is a popular
application, but no other ebuilds depend on it.
What should be done first?
10. You're committing a user-submitted ebuild. What should be in the
initial ChangeLog?
------------------------------------------------------------------------
* Do you routinely monitor or participate in any security
oriented newsgroups, mailing lists, etc.? If so, please tell us
which.
* What do you see as the most significant security related
issues for the next year or two?
* Do you work well independently?
* Do you work well with others?
* Are you currently now or in the past been a participating
member of another open source projects if so which?
* Initially what would you like to do with gentoo?
* Please use this field to share with us anything you wish on
the subject of IT security.
* What other information would be useful for you to tell us
about your security practices, ideas, needs, and capabilities?
* Please tell us a little bit about the following that you have
may have experience or a passion with.
- auditing
- cryptography
- firewalls
- forensics
- hacking
- honeypots
- host security
- incident handling
- intrusion detection
- intrusion prevention
- law
- miscellaneous
- network security
- news
- operating systems
- penetration testing
- privacy
- projects
- secure programming
- security basics
- security events
- security papers
- security tools
- trusted operating systems
- viruses
- vpn
- vulnerability development
- vulnerability assessments
- web application security
------------------------------------------------------------------------
Thank you for completing this questionnaire. The information you
have provided will help us to design resources and activities
that try match your abilities. [Team GentooHardened]
------------------------------------------------------------------------