Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-12-26 06:59:25 -05:00
Code Issues Packages Projects Releases Wiki Activity

added development philosophy

Browse Source 
https://github.com/Kicksecure/security-misc/issues/154
This commit is contained in:
Patrick Schleizer 2023-12-04 10:58:16 -05:00
parent feab1432f9
commit c4e21ca5f4
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@ -462,6 +462,8 @@ See:
### project scope of application-specific hardening ### project scope of application-specific hardening
Added in December 2023.
Before sending pull requests to harden arbitrary applications, please note the scope of security-misc is limited to default installed applications in Kicksecure, Whonix. This includes: Before sending pull requests to harden arbitrary applications, please note the scope of security-misc is limited to default installed applications in Kicksecure, Whonix. This includes:
* Thunderbird, VLC Media Player, KeepassXC * Thunderbird, VLC Media Player, KeepassXC
@ -476,6 +478,16 @@ The main objective of security-misc is to harden Kicksecure and its derivatives,
Discussion: Discussion:
https://github.com/Kicksecure/security-misc/issues/154 https://github.com/Kicksecure/security-misc/issues/154
### development philosophy
Added in December 2023.
"Maintainability is a key priority [1]. Before modifying settings in the downstream security-misc, it's essential to first engage with upstream developers to propose these changes as defaults. This step should only be bypassed if there's a clear, prior indication from upstream that such changes won't be accepted. Additionally, before implementing any workarounds, consulting with upstream is necessary to future unmaintainable complexity.
If debugging features are disabled, pull requests won't be merged until there is a corresponding pull request for the debug-misc package to re-enable these. This is to avoid configuring the system into a corner where it can be no longer debugged.
[1] https://www.kicksecure.com/wiki/Dev/maintainability
## Opt-in hardening ## Opt-in hardening
Some hardening is opt-in as it causes too much breakage to be enabled by Some hardening is opt-in as it causes too much breakage to be enabled by