summaryrefslogtreecommitdiff
path: root/Documentation/SecurityBugs
diff options
context:
space:
mode:
Diffstat (limited to 'Documentation/SecurityBugs')
-rw-r--r--Documentation/SecurityBugs8
1 files changed, 8 insertions, 0 deletions
diff --git a/Documentation/SecurityBugs b/Documentation/SecurityBugs
index a660d494c8ed..342d769834f6 100644
--- a/Documentation/SecurityBugs
+++ b/Documentation/SecurityBugs
@@ -1,9 +1,15 @@
+.. _securitybugs:
+
+Security bugs
+=============
+
Linux kernel developers take security very seriously. As such, we'd
like to know when a security bug is found so that it can be fixed and
disclosed as quickly as possible. Please report security bugs to the
Linux kernel security team.
1) Contact
+----------
The Linux kernel security team can be contacted by email at
<security@kernel.org>. This is a private list of security officers
@@ -18,6 +24,7 @@ Any exploit code is very helpful and will not be released without
consent from the reporter unless it has already been made public.
2) Disclosure
+-------------
The goal of the Linux kernel security team is to work with the
bug submitter to bug resolution as well as disclosure. We prefer
@@ -33,6 +40,7 @@ to a few weeks. As a basic default policy, we expect report date to
disclosure date to be on the order of 7 days.
3) Non-disclosure agreements
+----------------------------
The Linux kernel security team is not a formal body and therefore unable
to enter any non-disclosure agreements.