[CentOS-gsoc] Extendable system hardening tool - Proposal

Thu Mar 12 21:38:36 UTC 2015
vladiksonic@mail.ru <vladiksonic at mail.ru>

 Hello everyone!

I wrote earlier 

Here is a link to my schedule:
https://github.com/hotab/CentOS-application/blob/master/README.md
I did not add personal info there just yet. I am planning to spend around 20-30 hours per week on this in summer. 
I might also start early (see previous message)
Did I miss anything? Did I make correct time estimation there? 
I am open for criticism.

Looking forward to hearing from you, 
Vladislav Babkin

P.S. Adding the message I send earlier to make it simpler to find :)
P.S.2 While I was writing the proposal, I also answered my questions 1 (sh scripts are too good) 
and 3 (it should work internally and allow external audit)

> Good day there!
> My name is Vladislav Babkin, I am from Ukraine, and I want to contribute by helping developing this tool
>  I have some questions:
>  1) Aren't sh scripts good enough to audit a policy? Well, we will need some additional tooling, like a tool to try and open a connection to a port, etc.
>  2) Should auditing tool be able to try and fix the problems? For example, if it connects to web-server as root - maybe it should connect to it and close that possibility (if the user adds a flag to do so)?
>  2) When ensuring a policy, should this tool autoinstall software as well if is not present, or should it just fail?
>  3) Should it work internally on the server, or can it be run somewhere on the outside with access to the machine through ssh or alike?
>  4) I am right now working on a starup (and will do so in summber), and I will have my exams in June, so I probably will start working earlier, Hope that is not a problem :)
>  I'm looking forward to hearing from you,
>  Vladislav Babkin

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos-gsoc/attachments/20150313/8476aa76/attachment-0005.html>