[rsbac] Forum

Amon Ott ao at rsbac.org
Wed Apr 22 10:44:04 CEST 2009

On Friday 17 April 2009 wrote Paul D. Robertson:
> Amon Ott wrote:
> > - The forum is hosted in a virtual server forum.rsbac.org. If Paul is
> > still willing to set it up and maintain it technically, I would gladly
> > accept this offer and support him at the server side. If we feel daring
> > and find more people, we could make it more general and call it
> > forum.kernelsecurity.org with general and RSBAC topics seperated (yes, we
> > own that domain. :).
> I'd think that making it more general would be a good idea.  I generally
> use SMF as I find it to be as good as the commercial forum packages.  It
> needs MySQL and PHP- about the only thing you can't do from the admin
> interface is back up user-submitted images (avatars if allowed and
> images embedded in posts that are uploaded to the server.)  Are you
> proposing hosting it?  I can host it, but all my hosting is on
> Virtuozzo-based VPSes, so they're not RSBAC'd- I can set up a forum on
> one over the weekend, or early next week- or if you wish to host, we can
> coordinate that.
> I'd suggest the following main boards:
> General Trusted Computing Base
> SeLinux
> TrustedBSD/Darwin
> Other Trusted Operating Systems

After some team discussions and more consideration, we decided that at least 
for the start we do not want to provide dedicated boards for other security 
projects. Also, there is an almost empty http://www.selinuxforum.org/

What we need most is help for RSBAC, and we have little time to spare for 
fruitless discussions with fans of other systems. Please correct me if you 
see this differently.

This leaves the boards

General Trusted Computing Base
Relations to Other Trusted Operating Systems

Main server name should be forum.rsbac.org for the beginning. If we decide to 
expand later, we can always switch over to forum.kernelsecurity.org, which 
can be an alias from the beginning.

> As part of the administration, I'd do regular database backups, deal
> with registration issues/problems, keep the software up to date, make
> any structural changes, ban spammers, and provide any other general
> forum admin tasks.

Backups are automatically done by the server, if configured for the virtual 
server. Everything else is gladly accepted.

> > - Posting is only allowed after registration, read access is free.
> > Condition for registration is that people accept the usual conditions,
> > e.g. that we keep the right to delete inappropiate postings and that all
> > content may be used in the official RSBAC documentation with a free
> > license
> SMF supports this well, and the anti-spammer captcha is generally pretty
> good spammers actually end up having to manually register- I think I had
> about twelve incidents over a two-three year period, and once I'd banned
> the offending user/email/IP a couple of times they gave up.  It also
> supports things like limiting private messages for people who haven't
> made many postings.

We will trust your experience in these matters.

> > - At least one volunteer tracks tipps and solutions in the forum and
> > compiles them into official documentation at www.rsbac.org. Frequent
> > questions go into a FAQ at www.rsbac.org. When the answer is officially
> > in docs, the forum thread is finished with a link to it.
> This is very difficult- even with a commercial client with paid
> employees, meeting this goal wasn't done.  My "solution" to this was to
> have a read-only board that postings could be moved to once they were
> considered dead if they were the kind of thing that was a tip/trick.

Still this is one of the main goals for settings up a forum - information 
should not get lost in the mists of forum postings. We will see what we can 
do here.

> > - If the forum does not work out, I would rather close it down than keep
> > a dead forum. This includes inactive or missing moderators, because we
> > are legally responsible for postings.
> Yep, it takes up to six months to get enough critical mass to make a
> forum work- assuming it's not very active after about six months that's
> where I'd probably put it out of its misery.  I'm not sure what it's

So we will give it at least six months to get going.

> like in the EU, in the US my impression (I'm not a lawyer) is that
> you're generally only responsible for content if you edit postings or
> fail to remove someone else's intellectual property or contraband images
> (reference is a case outcome known generally as "The Prodigy decision.")

It is quite similar here, but sometimes a local court rules differently. I do 
not really expect problematic postings, but we should be careful just in 

http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

More information about the rsbac mailing list