big +1 for both Denis
On Wed, May 26, 2010 at 14:37, Thomas Mortagne <[email protected]>wrote: > On Wed, May 26, 2010 at 13:34, Vincent Massol <[email protected]> wrote: > > > > On May 26, 2010, at 1:02 PM, Alex Busenius wrote: > > > >> Hello devs, > >> > >> > >> I propose to introduce a security mailing list ([email protected]) to > >> discuss details of security issues. > >> > >> This list should be private, with only committers and trusted > >> contributors having read and write access. Anyone who proved his good > >> intentions on the dev-list and bug tracker should be able to get access > >> to security-list through the usual vote procedure. > >> > >> The purpose of this list is to give a safe place to discuss details open > >> security issues without giving all script kiddies in the world examples > >> to write exploits. The discussions should be kept on this private list > >> until the corresponding fix is released. > >> > >> WDYT? > > +1 > > > > > +1 with the following additions: > > > > - Allow people to post the security mailing list to report security > issues > > +1 > > > - Some explanation on the Mailing List page on xwiki.org to explain what > the security mailing list is (see for ex > http://tomcat.apache.org/security.html). We need to ensure that people who > want to report security issues send them to the private security mailing > list > > > > Thanks > > -Vincent > > > > > > _______________________________________________ > > devs mailing list > > [email protected] > > http://lists.xwiki.org/mailman/listinfo/devs > > > > > > -- > Thomas Mortagne > _______________________________________________ > devs mailing list > [email protected] > http://lists.xwiki.org/mailman/listinfo/devs > -- Denis Gervalle SOFTEC sa - CEO eGuilde sarl - CTO _______________________________________________ devs mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/devs
