[v3,7/7] Documentation/security-bugs: document document design
Commit Message
I think there is value in expressing the high-level design of this
document so that it will not get lost with future revisions.
This section is an rST comment and will not be part of rendered
documentation (e.g. the html version).
Link: https://lore.kernel.org/all/87ilpk5wsi.fsf@meer.lwn.net/
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
Documentation/process/security-bugs.rst | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
@@ -158,3 +158,24 @@ CVE assignments.
**List rules.** Please do not cross-post to other lists when writing to this
list. Make sure to read the other list rules before posting:
https://oss-security.openwall.org/wiki/mailing-lists/oss-security.
+
+..
+ If you modify this document, please consider the following:
+
+ 1) The most important information should be at the top (preferably in
+ the opening paragraph). This means contacting <security@kernel.org>;
+ if somebody doesn't read any further than that, at least the security
+ team will have the report.
+
+ 2) Make the differences between the lists extremely clear. The old
+ version did make an attempt at this, but the lines were not drawn
+ clearly enough.
+
+ 3) Emphasize some of the posting rules which can be confusing to new
+ people (e.g. the fact that posting to linux-distros means you must
+ propose an embargo date and that this cannot under any circumstances
+ be more than 14 days).
+
+ 4) The document should be a "step-by-step process" as much as possible,
+ so that you can use it as a guide while reporting an issue instead of
+ having to search back and forth for the thing you're looking for.