Meego Wiki
From MeeGo wiki
(Difference between revisions)
Jump to: navigation, search
m
 
(9 intermediate revisions not shown)
Line 1: Line 1:
-
This page is a placeholder for the MeeGo Security related info
+
This page is a placeholder for MeeGo Security related information.
__TOC__
__TOC__
-
= MeeGo Security Framework =
+
Other portions of MeeGo Security shall be here soon.
-
== Architecture Overview ==
+
== MeeGo Security Architecture ==
-
* Mobile Simplified Security Framework, Linux Symposium paper
+
The [[Security/Architecture|MeeGo Security Architecture]] is documented here in the wiki.
-
* Mobile Simplified Security Framework, Linux Symposium slides
+
 
 +
== MeeGo Security Bug Policy ==
 +
 
 +
* All MeeGo security defects are private to the Security_Group by default in addition to the submitter and the CC list.
 +
** This is standard practice for Linux distributions and other operating systems
 +
** The reason for this is that information in security bugs can be used as a road map to exploit MeeGo systems.
 +
* To request addition to the Security_Group, please send mail to [mailto:security@meego.com?Subject=MeeGo%20Security%20Bug%20Access%20Request security@meego.com] explaining your need.
 +
** People who want addition to this group will need to ''demonstrate'' that they need generic access to security bugs, not just access to specific security bugs.
 +
*** People who need access to specific security bugs can request access to get added to the CC list.
 +
* The list of members in the Security_Group will be audited by the MeeGo Security Lead every quarter.
 +
* Once a security defect is resolved (by making a patch available or marking the bug as closed), it will also be made public by removing the Security_Group restrictions.
 +
 
 +
=== Security advisories ===
 +
 
 +
See the [http://meego.com/downloads/releases/security-advisories security advisories] page for more details.
 +
 
 +
== Security interest group ==
 +
 
 +
There is an informal group of community members with an interest in security, the [[Security interest group]].

Latest revision as of 13:01, 21 March 2011

This page is a placeholder for MeeGo Security related information.

Contents


Other portions of MeeGo Security shall be here soon.

MeeGo Security Architecture

The MeeGo Security Architecture is documented here in the wiki.

MeeGo Security Bug Policy

  • All MeeGo security defects are private to the Security_Group by default in addition to the submitter and the CC list.
    • This is standard practice for Linux distributions and other operating systems
    • The reason for this is that information in security bugs can be used as a road map to exploit MeeGo systems.
  • To request addition to the Security_Group, please send mail to security@meego.com explaining your need.
    • People who want addition to this group will need to demonstrate that they need generic access to security bugs, not just access to specific security bugs.
      • People who need access to specific security bugs can request access to get added to the CC list.
  • The list of members in the Security_Group will be audited by the MeeGo Security Lead every quarter.
  • Once a security defect is resolved (by making a patch available or marking the bug as closed), it will also be made public by removing the Security_Group restrictions.

Security advisories

See the security advisories page for more details.

Security interest group

There is an informal group of community members with an interest in security, the Security interest group.

Retrieved from "http://wiki.meego.com/Security"
Personal tools