From 8d360d853668765900d89c46115b565b340d13a2 Mon Sep 17 00:00:00 2001
From: Benoit Mortier <benoit.mortier@fusiondirectory.org>
Date: Sun, 3 Jan 2021 22:29:51 +0100
Subject: [PATCH] :sparkles: feat(github-security) Add a security.md for github
 compliance

Signed-off-by: Benoit Mortier <benoit.mortier@fusiondirectory.org>
---
 SECURITY.md | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..6eb0a87ed
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,22 @@
+### Reporting Security Vulnerabilities
+
+Although we try to be proactive in preventing security concerns, it is unfortunately inevitable that security breaches will be discovered in all software, including our own.
+
+It is common practice in open source to disclose a security concern to the vendor in a responsible and private manner prior to publication, so that a patch can be prepared, and so that we can take proactive measures to protect FusionDirectory users.
+
+### What is a “security” issue ?
+
+A security issue is a type of bug that can affect the security of FusionDirectory installations.
+
+Specifically, it is a report of a bug that you have found in the code for FusionDirectory and that you have determined can be used to gain some level of access to a site running FusionDirectory that you should not have.
+
+### Where do I report security issues ?
+
+If you would like to contact us with a security vulnerability or possible vulnerability, please contact us via email [security@fusiondirectory.org](mailto:security@fusiondirectory.org).
+
+Your email can be signed with the following public gpg key :
+
+Benoit Mortier : **32BA 180F 6E14 7B5F 52BE 6322 EF2F F1E4 8638 EAD1**
+
+**In any case, you should not share details with anyone else until the bug fix has been officially released.**
+
-- 
GitLab