monero-project/meta
monero-project/meta
1
0
Fork 0
mirror of https://github.com/monero-project/meta.git synced 2024-12-22 11:39:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

VRP: re-org the preamble, create kovri section

Browse source
This commit is contained in:
anonimal 2018-01-25 16:27:00 +00:00
parent ba54b38fe6
commit 9f147306e4
No known key found for this signature in database
GPG key ID: 66A76ECF914409F1
1 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
VULNERABILITY_RESPONSE_PROCESS.md
View file

@ -1,6 +1,6 @@
# The Monero Project Vulnerability Response Process # The Monero Project Vulnerability Response Process
## Preamble ## Preamble (Monero/Kovri)
1. Researchers/Hackers: while you research/hack, we ask that you please refrain from committing the following: 1. Researchers/Hackers: while you research/hack, we ask that you please refrain from committing the following:
- Denial of Service / Active exploiting against the Monero/Kovri networks - Denial of Service / Active exploiting against the Monero/Kovri networks
@ -9,11 +9,12 @@
2. As a pro-privacy project we have volunteers running copies of the websites on hidden services on Tor and I2P, as well as on multiple public domains. **The live sites are NOT in the scope of this process; only the code is!** 2. As a pro-privacy project we have volunteers running copies of the websites on hidden services on Tor and I2P, as well as on multiple public domains. **The live sites are NOT in the scope of this process; only the code is!**
3. While **Kovri** is in a pre-Alpha release state, HackerOne should not be used for disclosure. All **Kovri** issues should be directed to [GitHub](https://github.com/monero-project/kovri) 3. Bounty will be released for all projects in Monero XMR only. For more information on how to use Monero, visit the [Monero website](https://getmonero.org)
4. Bounty will be released for all projects in Monero XMR only. For more information on how to use Monero, visit the [Monero website](https://getmonero.org) ## Preamble (Kovri)
5. Bounty will not be available for **Kovri** until **Kovri Beta** is released 1. While Kovri is in a pre-Alpha release state, do not use HackerOne for disclosure. All Kovri issues MUST be directed to either [GitHub](https://github.com/monero-project/kovri) or Email
2. Bounty will not be available for Kovri until **Kovri Beta** is released
## I. Points of contact for security issues ## I. Points of contact for security issues