From 742df29ef3d9d1e98cc935bd03c8e31215215220 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 1 Aug 2024 13:40:30 +0200 Subject: [PATCH] project/security.md: word tweaks Closes #501 --- project/security.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/project/security.md b/project/security.md index 109df0378..852917411 100644 --- a/project/security.md +++ b/project/security.md @@ -43,7 +43,7 @@ To mitigate such risks, we apply established procedures and techniques: - **2FA required**. We require all maintainers with push access to git to have two-factor authentication enabled, to reduce the risk that attackers can impersonate them and use their credentials to push source code changes. We - rely on GitHub's 2fa setup. + rely on GitHub's 2FA setup. - **Reviews**. Every contribution that are proposed for inclusion in the project is reviewed by a maintainer. All changes are always done publicly in the open to allow all interested parties to participate. No invitation @@ -71,12 +71,15 @@ To mitigate such risks, we apply established procedures and techniques: correct and properly generated contents. - **Signed commits**. Over 90% - not all - of recent commits were signed to help prove provenance. Signing commits is not yet a mandatory requirement - for committers but we hope to voluntarily increase the share over time and + for committers but we hope to gradually increase the share over time and make it mandatory soon. - **Signed releases**. Every release, every uploaded tarball, is signed by Daniel. This helps to prove that the files have not been tampered with since they were produced. We have opted to not sign them by multiple persons only because of the added complexity for the relatively small extra protection. +- **Signed tags**. Every release is generated from the exact state of the git + tree where a corresponding *signed* tag is set. The name of the release tag + is the same as the release version. - **Fix all vulnerabilities quickly**. Whenever we receive a security vulnerability report, we create and ship a fix in the next pending release. Sometimes sooner than previously planned. Only in extremely rare cases does