Changes

From SME Server
Jump to navigationJump to search
m
Minor layout changes
Line 47: Line 47:     
This person shall lead the volunteers associated with security issues for the SME server.
 
This person shall lead the volunteers associated with security issues for the SME server.
- The SSL skill set should be one of an experienced software engineer.  
+
* The SSL skill set should be one of an experienced software engineer.  
- The SSL will determine who is included in this group.  
+
* The SSL will determine who is included in this group.  
- The term for the SSL will be two years.  The initial SSL should be a member of, or suggested by and/or a member of, the core developers team.  Subsequent Security Sub team Leaders should be nominated and elected from the Security Sub team Volunteers group.  These rules may be altered by the DPM only if volunteers are not found that meet these criteria.
+
* The term for the SSL will be two years.  The initial SSL should be a member of, or suggested by and/or a member of, the core developers team.  Subsequent Security Sub team Leaders should be nominated and elected from the Security Sub team Volunteers group.  These rules may be altered by the DPM only if volunteers are not found that meet these criteria.
- The SSL will organize any review of potential candidates prior to their acceptance into this group.  
+
* The SSL will organize any review of potential candidates prior to their acceptance into this group.  
- The SSL will prepare and present to the community a policy for how security flaws are evaluated, corrected and disclosed.  The scope of the team shall also be described in this policy.  Scope is defined as the boundaries within the five software categories (described above) where security issues will be fixed, and/or if contrib developers will be informed and/or assisted, and/or advisories will be posted after a suitable time period.  This policy must be voted on by the community for initial adoption as well as for any future changes.
+
* The SSL will prepare and present to the community a policy for how security flaws are evaluated, corrected and disclosed.  The scope of the team shall also be described in this policy.  Scope is defined as the boundaries within the five software categories (described above) where security issues will be fixed, and/or if contrib developers will be informed and/or assisted, and/or advisories will be posted after a suitable time period.  This policy must be voted on by the community for initial adoption as well as for any future changes.
    
== Security Sub team Volunteers ==
 
== Security Sub team Volunteers ==

Navigation menu