|Description||The Security Project's mission is to ensure that vulnerabilities in software accessible through the Portage tree are found and fixed in a timely manner, so that our users remain protected against known vulnerabilities.|
|IRC channel||#gentoo-security (webchat)|
Last elected: 2022-08-20
(and inherited member(s))
When updating project membership, other places must be updated too: Bugzilla groups; woodpecker mailing list members; linux-distros membership; website (www.git)'s security page!
The following Gentoo developers are not part of the team, but we would like to acknowledge their contributions to the project:
|Agostino Sarubbo||Agostino Sarubbo (ago)||Security Bug Coordination|
|Paweł Hajdan||Paweł Hajdan, Jr. (phajdan.jr)||GLSA Coordination: Chromium, V8|
|Ned Ludd||solar||Security patches, Auditing|
|Mike Frysinger||Mike Frysinger (vapier)||Security patches|
|Stephan Hartmann||Stephan Hartmann (sultan)||Chromium (et al) bug coordination|
The following individuals are moving through the Padawans process towards becoming members of the Security Project.
The following meetings have been held so far by the Gentoo Linux Security project:
- Gentoo Security Project Meeting 2018-09-02 ( Log )
- Gentoo Security Project Meeting 2018-07-29 ( Log )
- Gentoo Security Project Meeting 2018-06-24 ( Log )
- Gentoo Security Project Meeting 2018-06-03 ( Log )
- Gentoo Security Project Meeting 2018-04-21 ( Log )
- Gentoo Security Project Meeting 2018-02-18 ( Log )
- Gentoo Security Project Meeting 2010-09-01 ( Log , Summary)
- Gentoo Security Project Meeting 2008-07-14 ( Log , Summary)
We are currently looking for users interested in helping the project with these jobs:
|GLSA Coordinators||Helping with the coordination of security bugs and GLSAs. More information to get in touch can be found on the Security Project page and in the linked ressouces.||Strong interest in security matters and good knowledge of written English. A professional security background is not required at email@example.com|
Becoming a Gentoo Security developer
How to join the team
To participate in the Gentoo Linux Security Project first send an email presenting yourself to the security team at firstname.lastname@example.org and sign yourself up a Bugzilla account. You may be able to talk to one of our security developers and/or users in the IRC channel #gentoo-security (webchat) for more information or just to chat about the security state of existing projects.
The Padawans page explains the entire recruitment process in full detail.
If you want to help us with the creation and coordination of GLSAs, you should read the GLSA Coordinators Guide to see what it takes to be a GLSA Coordinator.
If you don't have the ability to actively help by contributing work we will always need testers to maintain the security and stability of the overall project. All development, testing, productive comments, and feedback are greatly appreciated.
The Security Project offers several resources for varying target audiences.
Resources aimed at the general public include:
Resources aimed at new padawans include:
- Security padawans recruitment process
- Tips for scouting
- Tips for searching and filtering Security bugs
Resources aimed at advanced padawans and team members include:
- GLSA Coordinators Guide, a guide for Security Team members
- GLSAMaker2 Guide
- Affiliations of the Security team with CERTs, other groups and mailing lists
Defunct subproject pages