oss-sec mailing list archives
Re: charter
From: Josh Bressers <bressers () redhat com>
Date: Tue, 19 Feb 2008 09:04:03 -0500
Josh Bressers wrote: | I just added my current working draft charter: | http://oss-security.openwall.org/wiki/mailinglists/oss-security/charter Good work, thanks :) What do you mean by "Please don't send working vulnerabilities"?
We don't need the heat of people posting vulnerabilities that would allow one to actually compromise a machine. Ideally we want testcases the exercise the flaw, not tools that could be used for malicious purposes.
I'd append "for non-public issues, please contact vendor-sec" to "Public security issues only please"
Done
"Advisories are welcome"? I thought we decided that this was discussion-only?
What do others think? I can see it either way, so I put it in. -- JB
Current thread:
- Re: wiki, (continued)
- Re: wiki Vincent Danen (Feb 17)
- Re: wiki Solar Designer (Feb 18)
- Re: wiki Vincent Danen (Feb 18)
- Re: wiki Solar Designer (Feb 18)
- Re: wiki - e-mail address obfuscation Solar Designer (Feb 18)
- Re: wiki - e-mail address obfuscation Solar Designer (Feb 19)
- Re: wiki - e-mail address obfuscation (GalaxyMaster) (Feb 19)
- Re: wiki Solar Designer (Feb 18)
- Re: wiki Vincent Danen (Feb 19)
- Re: wiki Vincent Danen (Feb 17)
- Re: wiki Josh Bressers (Feb 18)
- charter Jonathan Smith (Feb 18)
- Re: charter Josh Bressers (Feb 19)
- Re: charter Mark J Cox (Feb 19)
- Re: charter Vincent Danen (Feb 19)
- Re: charter - advisories Solar Designer (Feb 19)
- Re: charter - advisories Josh Bressers (Feb 19)
- Re: charter - advisories Vincent Danen (Feb 20)
- Re: charter - advisories Solar Designer (Feb 24)
- Re: charter - advisories Vincent Danen (Feb 24)
- Re: charter - advisories Mark J Cox (Feb 25)
- Re: wiki Vincent Danen (Feb 18)