-
-
Notifications
You must be signed in to change notification settings - Fork 619
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Please add references #2
Comments
It's a great idea! This project is still, hmm... at an early stage of development. There are a lot of things to add and improve. I'll certainly take your suggestion into this. Thank you very much for every support and criticism. |
A bit of a newbie to open source, but I wouldn't mind looking into this and starting to add some references. Do I have your clearance to proceed? |
@EternalLearner42 : yes please 👍 |
Alright, I'll get to work. As this is my first issue, I might take a while to get a hang of git. Please be patient |
There. As I state in the PR, I was unsure what exactly to reference in the later stages of the document. I submit this more as a way to see if these changes are to your liking than as definitive addition to this project. Go ahead and tell me what you think and what you'd like to change in the future. |
I always think that checklists such as this -i.e. especially security-oriented ones- would be much more useful, as they would let you learn the why behind the how, if they provided authoritative references to their assertions.
Let's take a concrete example: https://github.com/trimstray/the-practical-linux-hardening-guide/blob/daf846aab98f0bdafd32acf398589b7468c42a74/README.md#eight_pointed_black_star-secure-proc-filesystem
When I read this, I immediately have the following questions:
I'm not arguing you should provide an explicit answer to all of the above (it wouldn't be a checklist anymore...). I am just arguing such a checklist would become much more useful and credible if it at least included links to authoritative sources that justify[1] the items on the checklist.
Just my 2 cents, keep up the good work!
[1] at least for non-obvious points; e.g. I don't think you need to justify "forcing the use of strong passwords"
The text was updated successfully, but these errors were encountered: