[WG: Sakai QA] Sakai Security Policy Reminder
Anthony Whyte
arwhyte at umich.edu
Sun Nov 15 09:20:46 PST 2009
A friendly reminder from the Sakai Security Work Group (WG): should
you encounter what you consider to be a security vulnerability in
Sakai software please refrain from discussing the issue on any public
listserv, blog or other open communication channel. Instead, you
should contact immediately the Sakai Foundation at the following
address:
security at sakaifoundation.org
Your concerns will be forwarded immediately to the Security WG for
review and action. Be sure to include a phone number in case the
Security WG feels it necessary to contact you directly.
This ban on open discussion covers all public Sakai lists. Do not
discuss potential or actual security-related issues regarding Sakai.
Doing so risks compromising the security of several hundred Sakai
installations. Instead, email your concerns to security at sakaifoundation.org
.
I should also note that Sakai integrates with many third-party
applications. Given this reality and the potential for third-security
vulnerabilities to impact Sakai, I strongly urge that the Sakai
Community refrain from discussing publicly ANY alleged or actual
software security vulnerabilities on list. Again, if you have a
concern regarding security send an email to
security at sakaifoundation.org.
You can download and review our security polices here:
Sakai Security Policy
http://sakaiproject.org/sites/default/files/sakai-security-policy-v3dot1.pdf
Cheers,
Anthony Whyte
Member, Security WG
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-qa/attachments/20091115/441ddd7f/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2417 bytes
Desc: not available
Url : http://collab.sakaiproject.org/pipermail/sakai-qa/attachments/20091115/441ddd7f/attachment.bin
More information about the sakai-qa
mailing list