SecurityTeam
|
Size: 1297
Comment:
|
Size: 3345
Comment: rewrite
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 6: | Line 6: |
| = Introduction = | == Introduction == |
| Line 10: | Line 10: |
| == Projects == To discuss any Security Team projects, send email to the ubuntu-hardened mailing list. |
== Vulnerabilities == A security vulnerability can be defined as '''"a mistake in software that can be directly used by a hacker to gain access to a system or network" -- [[http://cve.mitre.org/about/terminology.html|Mitre]].''' There are many different types of vulnerabilities, some of which are denial of service, gaining user or root privileges, data loss, and information disclosure. The Ubuntu SecurityTeam and Ubuntu community work together to find and correct these mistakes through various activities. |
| Line 13: | Line 13: |
| * CVE handling * tracking: Ubuntu CVE Tracker * fixing: main and universe * [[SecurityTeam/BugTriage|Bug triage]] * Hardening * Mandatory Access Control * [[AppArmor]] (see [[SecurityTeam/KnowledgeBase/AppArmorProfiles | AppArmorProfiles]] for existing default enforcing profiles in Ubuntu) * [[SELinux]] * Compiler flags ([[Security/HardeningWrapper| HardeningWrapper]]) * pbuilder integration * sbuild integration * Network access * [[UbuntuFirewall]] * [[SecurityTeam/Auditing|Auditing]] and Penetration Testing |
=== Auditing === Searching for security vulnerabilities is often referred to as auditing. The Ubuntu SecurityTeam often performs audits on software before it is to be [[MainInclusionProcess|officially supported]]. Once vulnerabilities are found, the SecurityTeam uses [[SecurityTeam/BugTriage#Private%20Bugs|responsible disclosure]] to let others know about the issue. For more information, please view [[SecurityTeam/Auditing|Auditing]]. === Tracking === Most flaws in software are found by security researchers and users of the software. These flaws are tracked globally in the [[http://cve.mitre.org|MITRE CVE database]], and the SecurityTeam will track issues that affect Ubuntu in the [[https://code.launchpad.net/~ubuntu-security/ubuntu-cve-tracker/master|Ubuntu CVE Tracker]]. As new issues come in, they are evaluated, or [[SecurityTeam/BugTriage|triaged]], and added to the CVE Tracker, and as issues are fixed the CVEs are updated and retired. === Fixing === After a flaw is found and assigned a CVE, it must be fixed. Oftentimes the author of the software will provide a patch, or a patch will be developed by other developers, including the Ubuntu SecurityTeam. Details for providing security updates to Ubuntu can be found in SecurityUpdateProcedures. === Testing === Before making the security update available, the update needs to be tested to see if it fixes the flaw and also doesn't introduce any regressions. The SecurityTeam uses the [[https://code.launchpad.net/~ubuntu-bugcontrol/qa-regression-testing/master|QA Regression Testing]] suite when performing testing. QA Regression Testing has information on performing tests, checklists, scripts and various other information to help with testing. == Development == The SecurityTeam also actively develops protections to help keep Ubuntu users safe from new vulnerabilities. Some projects that the Ubuntu SecurityTeam actively develops are: * [[AppArmor]] (see [[SecurityTeam/KnowledgeBase/AppArmorProfiles | AppArmorProfiles]] for existing default enforcing profiles in Ubuntu) * [[SELinux]] * Compiler flags ([[Security/HardeningWrapper|HardeningWrapper]]) * [[UbuntuFirewall]] |
| Line 28: | Line 32: |
| == What You Can Do == |
Introduction
The Ubuntu Security Team represents multiple teams of people dedicated to keeping Ubuntu secure, and contributing to its proactive hardening.
Vulnerabilities
A security vulnerability can be defined as "a mistake in software that can be directly used by a hacker to gain access to a system or network" -- Mitre. There are many different types of vulnerabilities, some of which are denial of service, gaining user or root privileges, data loss, and information disclosure. The Ubuntu SecurityTeam and Ubuntu community work together to find and correct these mistakes through various activities.
Auditing
Searching for security vulnerabilities is often referred to as auditing. The Ubuntu SecurityTeam often performs audits on software before it is to be officially supported. Once vulnerabilities are found, the SecurityTeam uses responsible disclosure to let others know about the issue. For more information, please view Auditing.
Tracking
Most flaws in software are found by security researchers and users of the software. These flaws are tracked globally in the MITRE CVE database, and the SecurityTeam will track issues that affect Ubuntu in the Ubuntu CVE Tracker. As new issues come in, they are evaluated, or triaged, and added to the CVE Tracker, and as issues are fixed the CVEs are updated and retired.
Fixing
After a flaw is found and assigned a CVE, it must be fixed. Oftentimes the author of the software will provide a patch, or a patch will be developed by other developers, including the Ubuntu SecurityTeam. Details for providing security updates to Ubuntu can be found in SecurityUpdateProcedures.
Testing
Before making the security update available, the update needs to be tested to see if it fixes the flaw and also doesn't introduce any regressions. The SecurityTeam uses the QA Regression Testing suite when performing testing. QA Regression Testing has information on performing tests, checklists, scripts and various other information to help with testing.
Development
The SecurityTeam also actively develops protections to help keep Ubuntu users safe from new vulnerabilities. Some projects that the Ubuntu SecurityTeam actively develops are:
AppArmor (see AppArmorProfiles for existing default enforcing profiles in Ubuntu)
Compiler flags (HardeningWrapper)
What You Can Do
Seem like fun? Head to the GettingInvolved page to found out how to contribute to the SecurityTeam.
Sub-pages :
SecurityTeam (last edited 2017-01-25 23:50:10 by emilyr)