Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S261541AbVAQW7s (ORCPT ); Mon, 17 Jan 2005 17:59:48 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S261526AbVAQW5Q (ORCPT ); Mon, 17 Jan 2005 17:57:16 -0500 Received: from almesberger.net ([63.105.73.238]:45830 "EHLO host.almesberger.net") by vger.kernel.org with ESMTP id S262996AbVAQWuG (ORCPT ); Mon, 17 Jan 2005 17:50:06 -0500 Date: Mon, 17 Jan 2005 19:49:19 -0300 From: Werner Almesberger To: Chris Wright Cc: Jesper Juhl , Alan Cox , Steve Bergman , Linux Kernel Mailing List Subject: Re: Proper procedure for reporting possible security vulnerabilities? Message-ID: <20050117194919.A14107@almesberger.net> References: <41E2B181.3060009@rueb.com> <87d5wdhsxo.fsf@deneb.enyo.de> <41E2F6B3.9060008@rueb.com> <20050110164001.Q469@build.pdx.osdl.net> <1105461562.16168.46.camel@localhost.localdomain> <20050111132905.N10567@build.pdx.osdl.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050111132905.N10567@build.pdx.osdl.net>; from chrisw@osdl.org on Tue, Jan 11, 2005 at 01:29:05PM -0800 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1109 Lines: 27 Chris Wright wrote: > +SECURITY CONTACT > +P: Security Officers > +M: kernel-security@{osdl.org, vger.kernel.org, wherever} > +S: Supported If you mean this in the sense of "choose one, then put it here", this looks good. If you're suggesting multiple choices, to be made by the bug reporter, I'm not so sure. A single contact point, preferably with a human being that can confirm that the message has been received and understood, and indicate that there's now somebody taking care of it who knows what to do (which may just be forwarding it to someone else or some list, and monitoring the reaction), should be useful. - Werner -- _________________________________________________________________________ / Werner Almesberger, Buenos Aires, Argentina wa@almesberger.net / /_http://www.almesberger.net/____________________________________________/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/