Add Security Policy #1001
No reviewers
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#1001
Loading…
Reference in New Issue
Block a user
No description provided.
Delete Branch "security-policy"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
As recommended in #988:
This sounds good to me. I added some basic instructions to a security policy file, do you think this is enough or well-constructed? Let me know if anything should be added @beardog108.
Closes #988
Deploy preview for privacytools-io ready!
Built with commit
ad344be456
https://deploy-preview-1001--privacytools-io.netlify.com
Thanks for adding. Looks pretty good, but i'd clarify that user & admin accounts not owned by the tester are out of scope as well.
@ -0,0 +20,4 @@
* Reports against infrastructure outside our control
* User or admin accounts not owned by the tester
## Disclosure Policy
This does not seem to include if users will be informed in case data is leaked.
My understanding is that social.privacytools.io and other services collect information like email.
What happens if this information gets stolen? How would users be informed?
@ -0,0 +20,4 @@
* Reports against infrastructure outside our control
* User or admin accounts not owned by the tester
## Disclosure Policy
Added info to
ad344be