GettingInvolved
|
Size: 2407
Comment: flesh out page
|
← Revision 18 as of 2022-01-05 18:30:02 ⇥
Size: 3311
Comment: remove the reference for the whitehat team/project as it is frozen since 2008
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| [[Include(ServerTeam/Header)]] | <<Include(SecurityTeam/Header)>> |
| Line 3: | Line 3: |
| ||<tablestyle="float:right; font-size: 0.9em; width:40%; background:#F1F1ED; margin: 0 0 1em 1em;" style="padding:0.5em;">'''Contents'''[[BR]][[TableOfContents(3)]]|| | ||<tablestyle="float:right; font-size: 0.9em; width:40%; background:#F1F1ED; margin: 0 0 1em 1em;" style="padding:0.5em;"><<TableOfContents(3)>>|| |
| Line 9: | Line 9: |
| === Help on the mailing list and the IRC channel === | == Help on the mailing list and the IRC channel == |
| Line 11: | Line 11: |
| * subscribe to [https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened ubuntu-hardened mailing list]. * hang out in #ubuntu-hardened on the Freenode IRC. |
* subscribe to [[https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened|ubuntu-hardened mailing list]]. * hang out in #ubuntu-security (aka #ubuntu-hardened) on the Libera Chat IRC. * participate in IRC workshops on security during UbuntuDeveloperWeek |
| Line 14: | Line 15: |
| === Write documentation === [:SecurityTeam/FAQ FAQ] items and [:SecurityTeam/KnowledgeBase KnowledgeBase] areas need to be written. See the [:SecurityTeam/Roadmap Roadmap] for details. |
== Write documentation == [[SecurityTeam/FAQ| FAQ]] items and [[SecurityTeam/KnowledgeBase|KnowledgeBase]] areas need to be written. See the [[SecurityTeam/Roadmap| Roadmap]] for details. |
| Line 17: | Line 18: |
| === Test security features === Testing the existing security features of Ubuntu can done to improve both documentation and to help find bugs. |
== Test security features == Testing the existing security features of Ubuntu can done to improve both documentation and to help find bugs. You can also [[SecurityTeam/Specifications|test and participate in the development of new security features]] that are being developed. |
| Line 20: | Line 21: |
| === Find security bugs === Find new security issues in existing Ubuntu software. |
== Find security bugs == Find new security issues in existing Ubuntu software. If you find something, [[https://wiki.ubuntu.com/DebuggingSecurity#How%20to%20File|file a bug]]. |
| Line 23: | Line 24: |
| === Fix security bugs === Review open security bugs, find/write patches, build and test the fixes. |
== Triage security bugs == Go through the list of security bugs in Ubuntu, and [[SecurityTeam/BugTriage|triage]] them. |
| Line 26: | Line 27: |
| === Develop new security features === The Wishlist section of the [:SecurityTeam/Roadmap Roadmap] has many great ideas for new improvements to be made to Ubuntu's security. [[Anchor(becomemember)]] |
== Fix security bugs == Review open security bugs, find/write patches, build and test the fixes. Providing patches for security vulnerabilities is an excellent way to learn about Ubuntu processes and develop the skills necessary to become an [[UbuntuDevelopment|Ubuntu developer]]. Please see [[SecurityTeam/UpdateProcedures|UpdateProcedures]] for details. |
| Line 30: | Line 30: |
| = How to become an member of the Ubuntu Security Team = | Ubuntu shares many of the same source packages as Debian, so in addition to applying patches to Ubuntu from upstream sources, people can also get involved by performing merges from Debian. A list of potential candidates can be found in the [[http://people.canonical.com/~ubuntu-security/d2u/|D2U CVE tracker]]. For more information on merging, see [[UbuntuDevelopment/Merging|UbuntuDevelopment/Merging]]. |
| Line 32: | Line 32: |
| The Ubuntu Security Team really consists of four sub-teams: | <<Include(SecurityTeam/HighlightedPackages, ,to="Last updated:")>> |
| Line 34: | Line 34: |
| * [https://launchpad.net/~motu-swat motu-swat]: this team creates and tests security updates in Universe packages | == Develop new security features == The Wishlist section of the [[SecurityTeam/Roadmap|Roadmap]] has many great ideas for new improvements to be made to Ubuntu's security. <<Anchor(becomemember)>> = How to become a member of the Ubuntu Security Team = The Ubuntu Security Team really consists of three sub-teams: * [[https://launchpad.net/~motu-swat|motu-swat]]: this team creates and tests security updates in Universe packages |
| Line 36: | Line 44: |
| * [https://launchpad.net/~ubuntu-hardened ubuntu-hardened]: this team develops and tests proactive security features in Ubuntu. * to become a member, just [https://launchpad.net/~ubuntu-hardened/+join apply for membership] * [https://launchpad.net/~ubuntu-whitehat ubuntu-whitehat]: this team is dedicated to "do not harm" while auditing and testing Ubuntu software and infrastructure, looking for new security issues * to become a member, see the [:UbuntuWhiteHat UbuntuWhiteHat] wiki pages. * [https://launchpad.net/~ubuntu-security ubuntu-security]: this is a closed team responsible for performing security update publications |
* [[https://launchpad.net/~ubuntu-hardened|ubuntu-hardened]]: this team develops and tests proactive security features in Ubuntu. * to become a member, just [[https://launchpad.net/~ubuntu-hardened/+join|apply for membership]] * [[https://launchpad.net/~ubuntu-security|ubuntu-security]]: this is a closed team responsible for performing security update publications |
| Line 43: | Line 49: |
| [:CategorySecurityTeam][[BR]] | [[CategorySecurityTeam]]<<BR>> |
What can I do to help ?
There are different areas where you can help the Ubuntu Security Team.
Help on the mailing list and the IRC channel
You can lend a hand with people's questions and problems on the mailing list and the IRC channel:
subscribe to ubuntu-hardened mailing list.
- hang out in #ubuntu-security (aka #ubuntu-hardened) on the Libera Chat IRC.
participate in IRC workshops on security during UbuntuDeveloperWeek
Write documentation
FAQ items and KnowledgeBase areas need to be written. See the Roadmap for details.
Test security features
Testing the existing security features of Ubuntu can done to improve both documentation and to help find bugs. You can also test and participate in the development of new security features that are being developed.
Find security bugs
Find new security issues in existing Ubuntu software. If you find something, file a bug.
Triage security bugs
Go through the list of security bugs in Ubuntu, and triage them.
Fix security bugs
Review open security bugs, find/write patches, build and test the fixes. Providing patches for security vulnerabilities is an excellent way to learn about Ubuntu processes and develop the skills necessary to become an Ubuntu developer. Please see UpdateProcedures for details.
Ubuntu shares many of the same source packages as Debian, so in addition to applying patches to Ubuntu from upstream sources, people can also get involved by performing merges from Debian. A list of potential candidates can be found in the D2U CVE tracker. For more information on merging, see UbuntuDevelopment/Merging.
Highlighted packages:
The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.
Develop new security features
The Wishlist section of the Roadmap has many great ideas for new improvements to be made to Ubuntu's security.
How to become a member of the Ubuntu Security Team
The Ubuntu Security Team really consists of three sub-teams:
motu-swat: this team creates and tests security updates in Universe packages
- to become a member, help with Universe security updates for a while, and then get the approval of one of the team administrators.
ubuntu-hardened: this team develops and tests proactive security features in Ubuntu.
to become a member, just apply for membership
ubuntu-security: this is a closed team responsible for performing security update publications
SecurityTeam/GettingInvolved (last edited 2022-01-05 18:30:02 by rodrigo-zaiden)