Hi On Tue, May 12, 2026 at 06:23:27PM +0100, Joe Orton wrote: > If an issue is reported against an aspect of the security model which > is not documented here, it MUST be accompanied by a clear description > of that model, showing why a trust boundary exists and how it is > violated.
It feels odd, as if we are asking the security researcher to specify a new model on its own. Or did you meant "aspect" instead of "model" here? s/a clear description of that model/a clear description of that aspect/ > The less-privileged user: > > * cannot obtain root privileges, > * cannot read or truncate log files, > * retains access to e.g. any private TLS key data loaded in memory. Cannot escape a chroot if httpd is configured to use that feature? -- Emmanuel Dreyfus [email protected]
