path: root/README
diff options
authorDave Hansen <>2018-03-07 13:46:24 -0800
committerJonathan Corbet <>2018-03-09 10:42:06 -0700
commit7f5d465f4ddc242709a01030313e80a8d94ccaaa (patch)
tree5efa47b34edd1eaf6cd97f18722d6436e46cfe17 /README
parent6234c7bd8c14508fb76c0a4d6f01eb81c8ce9cbf (diff)
docs: clarify security-bugs disclosure policy
I think we need to soften the language a bit. It might scare folks off, especially the: We prefer to fully disclose the bug as soon as possible. which is not really the case. Linus says: It's not full disclosure, it's not coordinated disclosure, and it's not "no disclosure". It's more like just "timely open fixes". I changed a bit of the wording in here, but mostly to remove the word "disclosure" since it seems to mean very specific things to people that we do not mean here. Signed-off-by: Dave Hansen <> Reviewed-by: Dan Williams <> Reviewed-by: Greg Kroah-Hartman <> Acked-by: Kees Cook <> Cc: Thomas Gleixner <> Cc: Linus Torvalds <> Cc: Alan Cox <> Cc: Andrea Arcangeli <> Cc: Andy Lutomirski <> Cc: Tim Chen <> Cc: Alexander Viro <> Cc: Andrew Morton <> Cc: Mark Rutland <> Signed-off-by: Jonathan Corbet <>
Diffstat (limited to 'README')
0 files changed, 0 insertions, 0 deletions