linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Chris Wright <chrisw@osdl.org>
To: Werner Almesberger <wa@almesberger.net>
Cc: Chris Wright <chrisw@osdl.org>, Jesper Juhl <juhl-lkml@dif.dk>,
	Alan Cox <alan@lxorguk.ukuu.org.uk>,
	Steve Bergman <steve@rueb.com>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: Proper procedure for reporting possible security vulnerabilities?
Date: Mon, 17 Jan 2005 14:52:16 -0800	[thread overview]
Message-ID: <20050117145216.J24171@build.pdx.osdl.net> (raw)
In-Reply-To: <20050117194919.A14107@almesberger.net>; from wa@almesberger.net on Mon, Jan 17, 2005 at 07:49:19PM -0300

* Werner Almesberger (wa@almesberger.net) wrote:
> Chris Wright wrote:
> > +SECURITY CONTACT
> > +P:	Security Officers
> > +M:	kernel-security@{osdl.org, vger.kernel.org, wherever}
> > +S:	Supported
> 
> If you mean this in the sense of "choose one, then put it here",
> this looks good. If you're suggesting multiple choices, to be
> made by the bug reporter, I'm not so sure.

Yeah, "choose one, then put it here."  I've set up
security@kernel.osdl.org.

> A single contact point, preferably with a human being that can
> confirm that the message has been received and understood, and
> indicate that there's now somebody taking care of it who knows
> what to do (which may just be forwarding it to someone else or
> some list, and monitoring the reaction), should be useful.

Agreed.

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net

  reply	other threads:[~2005-01-17 22:59 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-01-10 16:46 Steve Bergman
2005-01-10 18:23 ` Indrek Kruusa
2005-01-10 19:24 ` Alan Cox
2005-01-11  9:32   ` Florian Weimer
2005-01-10 21:31 ` Florian Weimer
2005-01-10 21:42   ` Steve Bergman
2005-01-10 22:08     ` Diego Calleja
2005-01-11  0:19       ` Barry K. Nathan
2005-01-11  0:45         ` Diego Calleja
2005-01-11  9:35         ` Florian Weimer
2005-01-11 16:57         ` Jesper Juhl
2005-01-11 17:05           ` Jan Engelhardt
2005-01-10 22:09     ` linux-os
2005-01-11  0:44       ` Barry K. Nathan
2005-01-10 22:11     ` Jesper Juhl
2005-01-11  0:40       ` Chris Wright
2005-01-11  1:09         ` Diego Calleja
2005-01-11  1:18           ` Chris Wright
2005-01-11 17:05         ` Jesper Juhl
2005-01-11 16:39           ` Alan Cox
2005-01-11 21:25             ` Jesper Juhl
2005-01-11 21:29               ` Chris Wright
2005-01-12 21:05                 ` Jesper Juhl
2005-01-17 22:49                 ` Werner Almesberger
2005-01-17 22:52                   ` Chris Wright [this message]
2005-01-17 23:23                     ` Christoph Hellwig
2005-01-17 23:26                       ` Chris Wright
2005-01-17 23:57                         ` Alan Cox
2005-01-18  1:08                           ` Chris Wright
2005-01-11 17:57           ` Chris Wright
2005-01-12 12:23           ` Florian Weimer
2005-01-11  9:49       ` Florian Weimer
2005-01-11 16:10     ` Alan Cox
2005-01-12 12:33       ` Florian Weimer
2005-01-13 15:36         ` Alan Cox
     [not found] <200501101959.j0AJxUvl032294@laptop11.inf.utfsm.cl>
2005-01-10 21:36 ` Indrek Kruusa

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20050117145216.J24171@build.pdx.osdl.net \
    --to=chrisw@osdl.org \
    --cc=alan@lxorguk.ukuu.org.uk \
    --cc=juhl-lkml@dif.dk \
    --cc=linux-kernel@vger.kernel.org \
    --cc=steve@rueb.com \
    --cc=wa@almesberger.net \
    --subject='Re: Proper procedure for reporting possible security vulnerabilities?' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).