Table of contents:

Introduction

The FreeBSD Ports Security Team is formed to provide rapid response to security incidents that affects the FreeBSD ports collection and protect the FreeBSD user community by keeping the community informed of bugs, exploits, popular attacks, and other risks.

Responsibilities

The responsibilities of the FreeBSD Ports Security Team include:

Authorities

The Security Officer has delegated power subject to accountability constraints, and the ports security team members are accountable to the Security Officer Team in the use of this power:

The Ports Management Team has granted implicit approval for the Ports Security Team to the latest quarterly branch for security related updates.

Structure

The FreeBSD Ports Security Team members are volunteers selected by the Security Officer from active ports committers who have made commits in the ports tree in the last 90 days. Team members are accountable to the Security Officer and to the Ports Management Team.

The Ports Security Team members are expected to remain active in their duties.

Members

Blanket Approval

See the Committers Guide

Security updates for non-broken ports require review/approval.

Typically, ports-secteam approves security updates if they don't cause shared library bumps and they don't cause new breakages OR if they are leaf ports (i.e. no other ports depends on them). The goal is to make sure that we don't cause additional breakage to quarterly branch.


CategoryPorts CategoryTeam

ports-secteam (last edited 2018-01-08 17:45:49 by SteveWills)