File tree Expand file tree Collapse file tree 1 file changed +8
-5
lines changed Expand file tree Collapse file tree 1 file changed +8
-5
lines changed Original file line number Diff line number Diff line change 11## Security Policy
22
3- This project is built on markdown which is used to create various binary files such as ` .pdf ` .
4- It is improbable but not impossible that a malicious actor could somehow embed malware in the markdown or subvert the document creation process.
3+ This project is built on markdown which is used to create binary files, such as ` .pdf ` and ` epub, ` and the site itself.
4+ It is not impossible that a malicious actor could somehow embed malware in the markdown or subvert the document creation process.
5+ If you find anything suspicious in either the markdown or pipeline scripts then let us know ASAP and we will fix it as a priority.
56
6- If you find anything suspicious in either the markdown or scripts then let us know ASAP and we will fix it as a priority.
7- For secure disclosure of any vulnerability follow the steps shown in the [ github guide] [ disclose ] .
7+ Ideally open a [ security advisory] [ advisory ] and this will be provided only to the project's admins in strict confidence.
88
9- [ disclose ] : https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability
9+ Alternatively send an encrypted email to [ Jon Gadsden] [ mail ] to start the secure disclosure process.
10+
11+ [ advisory ] : https://github.com/OWASP/www-project-developer-guide/security/advisories/new
12+ [ mail ] : https://flowcrypt.com/me/jongadsden
You can’t perform that action at this time.
0 commit comments