(add Security Intereset Group section) |
|||
| (4 intermediate revisions not shown) | |||
| Line 1: | Line 1: | ||
| - | This page is a placeholder for | + | This page is a placeholder for MeeGo Security related information. |
__TOC__ | __TOC__ | ||
| Line 5: | Line 5: | ||
Other portions of MeeGo Security shall be here soon. | Other portions of MeeGo Security shall be here soon. | ||
| - | = MeeGo Security Architecture = | + | == MeeGo Security Architecture == |
The [[Security/Architecture|MeeGo Security Architecture]] is documented here in the wiki. | The [[Security/Architecture|MeeGo Security Architecture]] is documented here in the wiki. | ||
| - | = MeeGo Security Bug Policy = | + | == MeeGo Security Bug Policy == |
| - | * All MeeGo security defects are private to the Security_Group by default in addition to the submitter and the | + | * All MeeGo security defects are private to the Security_Group by default in addition to the submitter and the CC list. |
** This is standard practice for Linux distributions and other operating systems | ** This is standard practice for Linux distributions and other operating systems | ||
** The reason for this is that information in security bugs can be used as a road map to exploit MeeGo systems. | ** The reason for this is that information in security bugs can be used as a road map to exploit MeeGo systems. | ||
| - | * To request addition to the Security_Group, please send mail to security@meego.com explaining your need. | + | * To request addition to the Security_Group, please send mail to [mailto:security@meego.com?Subject=MeeGo%20Security%20Bug%20Access%20Request security@meego.com] explaining your need. |
** People who want addition to this group will need to ''demonstrate'' that they need generic access to security bugs, not just access to specific security bugs. | ** People who want addition to this group will need to ''demonstrate'' that they need generic access to security bugs, not just access to specific security bugs. | ||
| - | *** People who need access to specific security bugs can request access | + | *** People who need access to specific security bugs can request access to get added to the CC list. |
* The list of members in the Security_Group will be audited by the MeeGo Security Lead every quarter. | * The list of members in the Security_Group will be audited by the MeeGo Security Lead every quarter. | ||
* Once a security defect is resolved (by making a patch available or marking the bug as closed), it will also be made public by removing the Security_Group restrictions. | * Once a security defect is resolved (by making a patch available or marking the bug as closed), it will also be made public by removing the Security_Group restrictions. | ||
| + | |||
| + | === Security advisories === | ||
| + | |||
| + | See the [http://meego.com/downloads/releases/security-advisories security advisories] page for more details. | ||
| + | |||
| + | == Security interest group == | ||
| + | |||
| + | There is an informal group of community members with an interest in security, the [[Security interest group]]. | ||
This page is a placeholder for MeeGo Security related information.
Contents |
Other portions of MeeGo Security shall be here soon.
The MeeGo Security Architecture is documented here in the wiki.
See the security advisories page for more details.
There is an informal group of community members with an interest in security, the Security interest group.