[Deploying Sakai] Sakai Security Policy Reminder

Anthony Whyte arwhyte at umich.edu
Sun Nov 15 09:30:56 PST 2009

A friendly reminder from the Sakai Security Work Group (WG):  should  
you encounter what you consider to be a security vulnerability in  
Sakai software please refrain from discussing the issue on any public  
listserv, blog or other open communication channel.  Instead, you  
should contact immediately the Sakai Foundation at the following  

security at sakaifoundation.org

Your concerns will be forwarded immediately to the Security WG for  
review and action.  Be sure to include a phone number in case the  
Security WG feels it necessary to contact you directly.

This ban on open discussion covers all public Sakai lists.  Do not  
discuss potential or actual security-related issues regarding Sakai.   
Doing so risks compromising the security of several hundred Sakai  
installations.  Instead, email your concerns to security at sakaifoundation.org 

I should also note that Sakai integrates with many third-party  
applications.  Given this reality and the potential for third-party  
security vulnerabilities to impact Sakai, I strongly urge that the  
Sakai Community refrain from discussing publicly ANY alleged or actual  
software security vulnerabilities on list.  Again, if you have a  
concern regarding security send an email to  
security at sakaifoundation.org.

You can download and review our security polices here:

Sakai Security Policy


Anthony Whyte
Member, Security WG
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/production/attachments/20091115/833a2203/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2417 bytes
Desc: not available
Url : http://collab.sakaiproject.org/pipermail/production/attachments/20091115/833a2203/attachment.bin 

More information about the production mailing list