mirror of https://github.com/borgbackup/borg.git
Merge pull request #1804 from anarcat/security-notes
move security verification to support section
This commit is contained in:
commit
45c76c1dba
20
README.rst
20
README.rst
|
@ -113,22 +113,6 @@ Now doing another backup, just to show off the great deduplication:
|
|||
|
||||
For a graphical frontend refer to our complementary project `BorgWeb <https://borgweb.readthedocs.io/>`_.
|
||||
|
||||
Checking Release Authenticity and Security Contact
|
||||
--------------------------------------------------
|
||||
|
||||
`Releases <https://github.com/borgbackup/borg/releases>`_ are signed with this GPG key,
|
||||
please use GPG to verify their authenticity.
|
||||
|
||||
In case you discover a security issue, please use this contact for reporting it privately
|
||||
and please, if possible, use encrypted E-Mail:
|
||||
|
||||
Thomas Waldmann <tw@waldmann-edv.de>
|
||||
|
||||
GPG Key Fingerprint: 6D5B EF9A DD20 7580 5747 B70F 9F88 FB52 FAF7 B393
|
||||
|
||||
The public key can be fetched from any GPG keyserver, but be careful: you must
|
||||
use the **full fingerprint** to check that you got the correct key.
|
||||
|
||||
Links
|
||||
-----
|
||||
|
||||
|
@ -142,6 +126,7 @@ Links
|
|||
* `Web-Chat (IRC) <http://webchat.freenode.net/?randomnick=1&channels=%23borgbackup&uio=MTY9dHJ1ZSY5PXRydWUa8>`_ and
|
||||
`Mailing List <https://mail.python.org/mailman/listinfo/borgbackup>`_
|
||||
* `License <https://borgbackup.readthedocs.org/en/stable/authors.html#license>`_
|
||||
* `Security contact <https://borgbackup.readthedocs.org/en/stable/support.html#security-contact>`_
|
||||
|
||||
Compatibility notes
|
||||
-------------------
|
||||
|
@ -153,6 +138,9 @@ NOT RELEASED DEVELOPMENT VERSIONS HAVE UNKNOWN COMPATIBILITY PROPERTIES.
|
|||
|
||||
THIS IS SOFTWARE IN DEVELOPMENT, DECIDE YOURSELF WHETHER IT FITS YOUR NEEDS.
|
||||
|
||||
Security issues should be reported to the `Security contact`_ (or
|
||||
see ``docs/suppport.rst`` in the source distribution).
|
||||
|
||||
|doc| |build| |coverage| |bestpractices|
|
||||
|
||||
.. |doc| image:: https://readthedocs.org/projects/borgbackup/badge/?version=stable
|
||||
|
|
|
@ -203,6 +203,13 @@ Thus:
|
|||
- have media at another place
|
||||
- have a relatively recent backup on your media
|
||||
|
||||
How do I report security issue with |project_name|?
|
||||
---------------------------------------------------
|
||||
|
||||
Send a private email to the :ref:`security-contact` if you think you
|
||||
have discovered a security issue. Please disclose security issues
|
||||
responsibly.
|
||||
|
||||
Why do I get "connection closed by remote" after a while?
|
||||
---------------------------------------------------------
|
||||
|
||||
|
|
|
@ -64,6 +64,9 @@ and compare that to our latest release and review the :doc:`changes`.
|
|||
Standalone Binary
|
||||
-----------------
|
||||
|
||||
.. note:: Releases are signed with an OpenPGP key, see
|
||||
:ref:`security-contact` for more instructions.
|
||||
|
||||
|project_name| binaries (generated with `pyinstaller`_) are available
|
||||
on the releases_ page for the following platforms:
|
||||
|
||||
|
|
|
@ -56,3 +56,21 @@ As a developer, you can become a Bounty Hunter and win bounties (earn money) by
|
|||
contributing to |project_name|, a free and open source software project.
|
||||
|
||||
We might also use BountySource to fund raise for some bigger goals.
|
||||
|
||||
.. _security-contact:
|
||||
|
||||
Security
|
||||
--------
|
||||
|
||||
In case you discover a security issue, please use this contact for reporting it privately
|
||||
and please, if possible, use encrypted E-Mail:
|
||||
|
||||
Thomas Waldmann <tw@waldmann-edv.de>
|
||||
|
||||
GPG Key Fingerprint: 6D5B EF9A DD20 7580 5747 B70F 9F88 FB52 FAF7 B393
|
||||
|
||||
The public key can be fetched from any GPG keyserver, but be careful: you must
|
||||
use the **full fingerprint** to check that you got the correct key.
|
||||
|
||||
`Releases <https://github.com/borgbackup/borg/releases>`_ are signed with this GPG key,
|
||||
please use GPG to verify their authenticity.
|
||||
|
|
Loading…
Reference in New Issue