bmortier · bmortier
--- a/SECURITY.md 0 → 100644

+ 22

− 0

View file @ d8f96020

Edit in single-file editor

Open in Web IDE
+++ b/SECURITY.md 0 → 100644

+ 22

− 0

View file @ d8f96020

Edit in single-file editor

Open in Web IDE
+### Reporting Security Vulnerabilities
+
+Although we try to be proactive in preventing security concerns, it is unfortunately inevitable that security breaches will be discovered in all software, including our own.
+
+It is common practice in open source to disclose a security concern to the vendor in a responsible and private manner prior to publication, so that a patch can be prepared, and so that we can take proactive measures to protect FusionDirectory users.
+
+### What is a “security” issue ?
+
+A security issue is a type of bug that can affect the security of FusionDirectory installations.
+
+Specifically, it is a report of a bug that you have found in the code for FusionDirectory and that you have determined can be used to gain some level of access to a site running FusionDirectory that you should not have.
+
+### Where do I report security issues ?
+
+If you would like to contact us with a security vulnerability or possible vulnerability, please contact us via email [security@fusiondirectory.org](mailto:security@fusiondirectory.org).
+
+Your email can be signed with the following public gpg key :
+
+Benoit Mortier : **32BA 180F 6E14 7B5F 52BE 6322 EF2F F1E4 8638 EAD1**
+
+**In any case, you should not share details with anyone else until the bug fix has been officially released.**
+