Skip to content

docs: make security pages easier to find #303

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
LinkinStars merged 1 commit into from
Feb 26, 2025
Merged

docs: make security pages easier to find #303

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion community/security-model.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ slug: /security-model

This document outlines the security model of Apache Answer. It aims to help users understand the security model and make informed decisions about deploying and managing Apache Answer securely.

If you think you have found behavior in Apache Answer that does not follow this security model, please [report it](/community/security) to us privately.

## Admin Permission Security

**Admin users have full system permissions**, which includes access to potentially vulnerable operations. While we assume administrators won't attack their own websites, it's crucial to exercise caution when assigning admin privileges.
Expand All @@ -26,4 +28,4 @@ Apache Answer only guarantees the security of official plugins distributed throu

If you find a security bug, with that in mind, please do not file public issues. You can follow the instructions in the [security policy](https://github.com/apache/answer/security/policy) to report it privately. We will fix it as soon as possible.

:::
:::
2 changes: 1 addition & 1 deletion community/security.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ slug: /security

# Security

The Apache Software Foundation takes a rigorous stance on eliminating security issues in its software projects. If you find a security bug, with that in mind, please do not file public issues. You can follow the instructions in the [security policy](https://github.com/apache/answer/security/policy) to report it privately. We will fix it as soon as possible.
The Apache Software Foundation takes a rigorous stance on eliminating security issues in its software projects. If you find a security bug, with that in mind, please do not file public issues. Before reporting a security issue, check the [security model](/community/security-model). You can follow the instructions in the [security policy](https://github.com/apache/answer/security/policy) to report it privately. We will fix it as soon as possible.

# Security fixes

Expand Down
2 changes: 1 addition & 1 deletion docusaurus.config.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ const asfLinks = [
{to: 'https://www.apache.org/events/current-event.html', label: 'Events'},
{to: 'https://www.apache.org/foundation/sponsorship.html', label: 'Sponsorship'},
{to: 'https://privacy.apache.org/policies/privacy-policy-public.html', label: 'Privacy'},
{to: 'https://www.apache.org/security/', label: 'Security'},
{to: 'community/security', label: 'Security'},
{to: 'https://www.apache.org/foundation/thanks.html', label: 'Thanks'},
];
const redirectPaths = require('./redirects.js');
Expand Down