Skip to content
This repository has been archived by the owner on Oct 25, 2023. It is now read-only.

Commit

Permalink
Update SECURITY.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@bbtong
bbtong authored Nov 8, 2021
1 parent 11769f0 commit bfe12b3
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions SECURITY.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,3 +35,4 @@ Provide a descriptive subject line and in the body of the email include the foll
We consider vulnerabilities leading to the compromise of data confidentiality, elevation of privilege, or integrity to be our highest priority concerns. Availability, in particular in areas relating to DoS and resource exhaustion, is also a serious security concern. The VMware Security Team takes all vulnerabilities, potential vulnerabilities, and suspected vulnerabilities seriously and will investigate them in an urgent and expeditious manner.

Note that we do not currently consider the default settings for function-buildpacks-for-knative to be secure-by-default. It is necessary for operators to explicitly configure settings, role based access control, and other resource related features in function-buildpacks-for-knative to provide a hardened function-buildpacks-for-knative environment. We will not act on any security disclosure that relates to a lack of safe defaults. Over time, we will work towards improved safe-by-default configuration, taking into account backwards compatibility.

0 comments on commit bfe12b3

Please sign in to comment.