diff options
author | Ivan Kohler <ivan@freeside.biz> | 2012-06-07 16:55:45 -0700 |
---|---|---|
committer | Ivan Kohler <ivan@freeside.biz> | 2012-06-07 16:55:45 -0700 |
commit | c24d6e2242ae0e026684b8f95decf156aba6e75e (patch) | |
tree | 8597d00e2e6bf2cf400437b9344f43b1500da412 /rt/docs/security.pod | |
parent | 6686c29104e555ea23446fe1db330664fa110bc0 (diff) |
rt 4.0.6
Diffstat (limited to 'rt/docs/security.pod')
-rw-r--r-- | rt/docs/security.pod | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/rt/docs/security.pod b/rt/docs/security.pod index b8650e05d..620f8687c 100644 --- a/rt/docs/security.pod +++ b/rt/docs/security.pod @@ -9,6 +9,21 @@ key). More information is available at L<http://bestpractical.com/security/>. + +=head2 RT's security process + +After a security vulnerability is reported to Best Practical and +verified, we attempt to resolve it in as timely a fashion as possible. +Best Practical support customers will be notified before we disclose the +information to the public. All security announcements will be sent to +C<rt-announce@bestpractical.com>, which includes +C<rt-users@bestpractical.com> and C<rt-devel@bestpractical.com>. + +As the tests for security vulnerabilities are often nearly identical to +working exploits, sensitive tests will be embargoed for a period of six +months before being added to the public RT repository. + + =head2 Security tips for running RT =over |