[ZF] Need volunteers to work on security issues
Christian Theune
ct at gocept.com
Mon Aug 7 15:42:57 EDT 2006
Hi,
Jim Fulton wrote:
>
> Occasionally, we discover a security issue in Zope that needs to be
> addressed in a timely manner. There is a too-small informal cadre of
> volunteers who work on security issues. We need more people involved in
> this to help get this work done and to give us enough resources to make
> sure it gets done well, for example, with tests. For obvious reasons,
> this needs to be a trusted group of people, who are well known within
> the community. Also, I'd like to formalize this a bit by creating an
> identified group of people on a mailing list, so that there is no
> question of who to send issues to. Alternatively, I suppose we could
> use the collectors as the supporters would see security issues. I'm not
> sure that collectors have worked all that well for security issues in
> the past.
>
> Finally, I think it would be good to get some representation from some
> of the major Zope projects to that representatives can analyze and
> respond to the impact on their projects.
>
> Thoughts? Volunteers?
Great idea, especially the mailinglist as a well known public contact. I
volunteer as well.
Christian
--
gocept gmbh & co. kg - forsterstraße 29 - 06112 halle/saale - germany
www.gocept.com - ct at gocept.com - phone +49 345 122 9889 7 -
fax +49 345 122 9889 1 - zope and plone consulting and development
More information about the Foundation
mailing list