RFC: creating a security team

From: Vincent Untz <vuntz gnome org>
To: gnome-hackers gnome org
Subject: RFC: creating a security team
Date: Tue, 20 Mar 2007 20:49:11 +0100

Hi,

In a discussion I had at FOSDEM, it was mentioned that it was not clear
what should be done when someone finds a security hole in GNOME. We
don't have a central point of contact for this.

Would it make sense to create a small security team? I guess it wouldn't
be a lot of work, since it'd be mainly contacting the relevant
maintainers. We would probably create a private security gnome org
mailing list. And also, we could add a small checkbox in bugzilla to
mention that a bug is security-related, so it should be hidden by
default (and the security team would be cc'ed).

Thoughts?

Vincent

-- 
Les gens heureux ne sont pas pressés.

Follow-Ups:
- Re: RFC: creating a security team
  - From: Jeff Waugh
- Re: RFC: creating a security team
  - From: Federico Mena Quintero

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]