[OWASP-GUIDE] Going on with the Guide

Adrian Wiesmann awiesmann at swordlord.org
Fri Feb 13 02:56:50 EST 2004


Hey Andrew,

> I'd suggest using the nightly build process through CVS check-ins, so
> people can contribute (or edit) after reviewing the changes in the
> nightly build PDF.

This is actually one of the things I have in mind to do after the general
houskeeping. I am currently building up the guides structure in CVS and my
idea after that is to contact the oPortal developers to see how we can
have a nightly rendering to PDF on the OWASP system.


> One change I'd like to see is more information regarding *how to fix*
> rather than just the why and how to exploit the problem.

I generally agree with what you say, but I also agree with what Ray
answered to this point. We need to find a way which is not that expensive
(in ressources to write) and which is not to specific or the guides
readers will think they are save after adding the given configurations
without thinking about the general thread they want to guard themselfs
from.

Hint to Mark: This could be a fun project: Configurations for different
software products following the OWASP rules.

Best regards,
Adrian





More information about the Owasp-guide mailing list