This is an automated email from the ASF dual-hosted git repository.
dahn pushed a commit to branch staging-site
in repository https://gitbox.apache.org/repos/asf/cloudstack-www.git
The following commit(s) were added to refs/heads/staging-site by this push:
new b8455e9e security update (#225)
b8455e9e is described below
commit b8455e9edf4414789c4dc448045494a12cfcd2cf
Author: dahn <[email protected]>
AuthorDate: Wed Jul 24 00:40:09 2024 -0700
security update (#225)
Co-authored-by: Rohit Yadav <[email protected]>
---
src/pages/security.md | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/src/pages/security.md b/src/pages/security.md
index 51beab21..a51f3be5 100644
--- a/src/pages/security.md
+++ b/src/pages/security.md
@@ -4,10 +4,25 @@ title: Apache CloudStack Security
<h1>Apache CloudStack: Security</h1>
+<h2>Security Model</h2>
+
The Apache CloudStack project understands that as a core infrastructure
project,
the application security of Apache CloudStack is of critical importance to the
community and users.
+It is important to know that the project can not guarantee that it will be
secure with
+the following usages:
+
+- share access to the DataBase
+- share database dumps or other forms of backups
+- share log files
+- use any of [the third party integration components](integrations), that are
meant for monitoring, storage, network and more.
+
+That said, the project will work with any one on improving the secure
+use of the software it provides, with any 3rd party integration
+vendors or users of the software. This can be done on public github
+issues or confidentially if so desired.
+
<h2>Reporting Potential Vulnerabilities in Apache CloudStack</h2>
If you've found an issue that you believe is a security vulnerability in a
