[WG: Sakai QA] Sakai Security Policy Reminder

[Anthony Whyte]

A friendly reminder from the Sakai Security Work Group (WG):  should  
you encounter what you consider to be a security vulnerability in  
Sakai software please refrain from discussing the issue on any public  
listserv, blog or other open communication channel.  Instead, you  
should contact immediately the Sakai Foundation at the following  
address:

security at sakaifoundation.org

Your concerns will be forwarded immediately to the Security WG for  
review and action.  Be sure to include a phone number in case the  
Security WG feels it necessary to contact you directly.

This ban on open discussion covers all public Sakai lists.  Do not  
discuss potential or actual security-related issues regarding Sakai.   
Doing so risks compromising the security of several hundred Sakai  
installations.  Instead, email your concerns to security at sakaifoundation.org 
.

I should also note that Sakai integrates with many third-party  
applications.  Given this reality and the potential for third-security  
vulnerabilities to impact Sakai, I strongly urge that the Sakai  
Community refrain from discussing publicly ANY alleged or actual  
software security vulnerabilities on list.  Again, if you have a  
concern regarding security send an email to  
security at sakaifoundation.org.

You can download and review our security polices here:

Sakai Security Policy
http://sakaiproject.org/sites/default/files/sakai-security-policy-v3dot1.pdf

Cheers,

Anthony Whyte
Member, Security WG


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-qa/attachments/20091115/441ddd7f/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2417 bytes
Desc: not available
Url : http://collab.sakaiproject.org/pipermail/sakai-qa/attachments/20091115/441ddd7f/attachment.bin