List security contacts
We still don't have a security@ alias; listing personal emails is unfortunately the next-best thing.master
parent
da395ac33c
commit
2a9e9f13f6
|
@ -3,6 +3,10 @@ elsewhere. Link items to [[bugs/done]] when done.
|
||||||
|
|
||||||
Also see the [Debian bugs](http://bugs.debian.org/ikiwiki).
|
Also see the [Debian bugs](http://bugs.debian.org/ikiwiki).
|
||||||
|
|
||||||
|
If you are reporting a security vulnerability, please email the maintainers
|
||||||
|
privately, instead of making it public by listing it here. See [[security]]
|
||||||
|
for contact details.
|
||||||
|
|
||||||
There are [[!pagecount pages="bugs/* and !bugs/done and !bugs/discussion and
|
There are [[!pagecount pages="bugs/* and !bugs/done and !bugs/discussion and
|
||||||
!link(patch) and !link(bugs/done) and !bugs/*/*"
|
!link(patch) and !link(bugs/done) and !bugs/*/*"
|
||||||
feedpages="created_after(bugs/no_commit_mails_for_new_pages)"]] "open" bugs:
|
feedpages="created_after(bugs/no_commit_mails_for_new_pages)"]] "open" bugs:
|
||||||
|
|
|
@ -1,11 +1,16 @@
|
||||||
Let's do an ikiwiki security analysis.
|
|
||||||
|
|
||||||
If you are using ikiwiki to render pages that only you can edit, do not
|
If you are using ikiwiki to render pages that only you can edit, do not
|
||||||
generate any wrappers, and do not use the cgi, then there are no more
|
generate any wrappers, and do not use the cgi, then there are no more
|
||||||
security issues with this program than with cat(1). If, however, you let
|
security issues with this program than with cat(1). If, however, you let
|
||||||
others edit pages in your wiki, then some possible security issues do need
|
others edit pages in your wiki, then some possible security issues do need
|
||||||
to be kept in mind.
|
to be kept in mind.
|
||||||
|
|
||||||
|
If you find a new security vulnerability, please email the maintainers
|
||||||
|
privately instead of listing it in a public bug tracker, so that we can
|
||||||
|
arrange for coordinated disclosure when a fix is available. The maintainers
|
||||||
|
are [[Joey Hess|joey]] (<joey@kitenet.net>),
|
||||||
|
[[Simon McVittie|smcv]] (<smcv@debian.org>)
|
||||||
|
and [[Amitai Schleier|schmonz]] (`schmonz-web-ikiwiki schmonz com`).
|
||||||
|
|
||||||
[[!toc levels=2]]
|
[[!toc levels=2]]
|
||||||
|
|
||||||
----
|
----
|
||||||
|
|
Loading…
Reference in New Issue