Documentation work from the OpenStack Security Group (OSSG)
Go to file
Luke Hinds 5743c87dc7 Adding OSSN-0066
MongoDB guest instance allows any user to connect

Change-Id: I40b6aa68436b58e11099617abf61b9b64be71eef
Closes-Bug: #1507841
2016-09-14 15:51:51 +01:00
common Updated from openstack-manuals 2016-09-08 12:05:48 +00:00
security-guide [sec-guide] Consistent the 'Nginx' term 2016-09-07 15:46:26 +00:00
security-notes Adding OSSN-0066 2016-09-14 15:51:51 +01:00
security-threat-analysis Added templates for security review notes and findings 2016-08-09 14:51:16 +01:00
tools Build Security Threat Analysis 2016-05-03 10:02:01 +09:00
.gitignore Adding documentation for security threat analysis 2016-04-24 08:55:44 -05:00
.gitreview Added .gitreview 2014-05-22 00:51:40 +00:00
bindep.txt Move other-requirements.txt to bindep.txt 2016-08-12 21:17:57 +02:00
doc-tools-check-languages.conf Build Security Threat Analysis 2016-05-03 10:02:01 +09:00
README.rst Build Security Threat Analysis 2016-05-03 10:02:01 +09:00
test-requirements.txt Update to openstack-doc-tools 1.0 2016-08-23 16:55:43 +02:00
tox.ini Adding OSSN-0068 2016-07-13 21:47:55 +09:00

OpenStack Security Documentation

This repository contains the OpenStack Security documentation.

For more details, see the OpenStack Documentation Contributor Guide.

It includes these manuals:

  • Security Guide
  • Security Notes
  • Security Threat Analysis

The Security Notes are published by the OpenStack Security Project (OSSP) to advise users of security related issues. For more information refer https://wiki.openstack.org/wiki/Security_Notes and https://wiki.openstack.org/wiki/Security/Security_Note_Process.

Security Advisories are issued by the Vulnerability Management Team (VMT). For more information about OpenStack's Vulnerability Management Team (VMT) refer https://security.openstack.org/vmt-process.html.

Directory Structure

Security Guide is in the directory security-guide, which source files in RST format in the directory security-guide/source.

Security Threat Analysis is in the directory security-guide, which source files in RST format in the directory security-threat-analysis/source.

The security notes are in the directory security-notes.

Testing of changes and building of the guides

Install the python tox package and run tox from the top-level directory to use the same tests that are done as part of our Jenkins gating jobs.

tox

Contributing

Our community welcomes all people interested in open source cloud computing, and encourages you to join the OpenStack Foundation.

The best way to get involved with the community is to talk with others online or at a meet up and offer contributions through our processes, the OpenStack wiki, blogs, or on IRC at #openstack on irc.freenode.net.

We welcome all types of contributions, from blueprint designs to documentation to testing to deployment scripts.

If you would like to contribute to the documents, please see the OpenStack Documentation contributor guide.

Bugs

Bugs should be filed on Launchpad, not GitHub:

https://bugs.launchpad.net/openstack-manuals

If you find a security issue in OpenStack, not in the contents of the Security Guide, please see How to Report Security Issues to OpenStack.

Installing

Refer to http://docs.openstack.org/security-guide to see where these documents are published and to learn more about the OpenStack Security Guide.