Meego Wiki
From MeeGo wiki
(Difference between revisions)
Jump to: navigation, search
m (fix typo)
(MeeGo Security Bug Policy)
Line 14: Line 14:
** This is standard practice for Linux distributions and other operating systems
** This is standard practice for Linux distributions and other operating systems
** The reason for this is that information in security bugs can be used as a road map to exploit MeeGo systems.
** The reason for this is that information in security bugs can be used as a road map to exploit MeeGo systems.
-
* To request addition to the Security_Group, please send mail to security@meego.com explaining your need.
+
* To request addition to the Security_Group, please send mail to [mailto:security@meego.com?Subject=MeeGo%20Security%20Bug%20Access%20Request security@meego.com] explaining your need.
** People who want addition to this group will need to ''demonstrate'' that they need generic access to security bugs, not just access to specific security bugs.
** People who want addition to this group will need to ''demonstrate'' that they need generic access to security bugs, not just access to specific security bugs.
*** People who need access to specific security bugs can request access to get added to the CC list.
*** People who need access to specific security bugs can request access to get added to the CC list.
* The list of members in the Security_Group will be audited by the MeeGo Security Lead every quarter.
* The list of members in the Security_Group will be audited by the MeeGo Security Lead every quarter.
* Once a security defect is resolved (by making a patch available or marking the bug as closed), it will also be made public by removing the Security_Group restrictions.
* Once a security defect is resolved (by making a patch available or marking the bug as closed), it will also be made public by removing the Security_Group restrictions.

Revision as of 18:07, 2 February 2011

This page is a placeholder for the MeeGo Security related info

Contents


Other portions of MeeGo Security shall be here soon.

MeeGo Security Architecture

The MeeGo Security Architecture is documented here in the wiki.

MeeGo Security Bug Policy

  • All MeeGo security defects are private to the Security_Group by default in addition to the submitter and the CC list.
    • This is standard practice for Linux distributions and other operating systems
    • The reason for this is that information in security bugs can be used as a road map to exploit MeeGo systems.
  • To request addition to the Security_Group, please send mail to security@meego.com explaining your need.
    • People who want addition to this group will need to demonstrate that they need generic access to security bugs, not just access to specific security bugs.
      • People who need access to specific security bugs can request access to get added to the CC list.
  • The list of members in the Security_Group will be audited by the MeeGo Security Lead every quarter.
  • Once a security defect is resolved (by making a patch available or marking the bug as closed), it will also be made public by removing the Security_Group restrictions.
Retrieved from "http://wiki.meego.com/Security"
Personal tools