| /third_party/openssl/doc/man3/ |
| D | SSL_CTX_set_security_level.pod | 5 …rity_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework
42 the security level to B<level>. If not set the library default security level
46 retrieve the current security level.
50 the security callback associated with B<ctx> or B<s>. If not set a default
51 security callback is used. The meaning of the parameters and the behaviour
62 If an application doesn't set its own security callback the default
75 The security level corresponds to a minimum of 80 bits of security. Any
76 parameters offering below 80 bits of security are excluded. As a result RSA,
79 less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite
81 and MD5 are also forbidden at this level as they have less than 80 security
[all …]
|
| /third_party/node/doc/contributing/ |
| D | security-release-process.md | 1 # Security release process
3 The security release process covers the steps required to plan/implement a
4 security release. This document is copied into the description of the Next
5 Security Release and used to track progress on the release. It contains _**TEXT
9 ## Security release stewards
11 For each security release, a security steward will take ownership for
12 coordinating the steps outlined in this process. Security stewards
17 [security steward on/off boarding](security-steward-on-off-boarding.md).
19 The current security stewards are documented in the main Node.js
20 [README.md](https://github.com/nodejs/node#security-release-stewards).
[all …]
|
| D | security-model-strategy.md | 1 # Security Model Strategy
3 A clear security model, with features like permissions and policy enforcement,
10 * Document the security model
13 * Add a security component in Node.js certification covering
14 the Node.js security model
16 ### Document the security model
18 The current security model for Node.js is not yet well documented.
29 The project has a goal to better document the security model
32 Once the security model is documented the project will work
33 to add a security component in Node.js certification covering
[all …]
|
| /third_party/curl/docs/ |
| D | VULN-DISCLOSURE-POLICY.md | 3 This document describes how security vulnerabilities are handled in the curl
9 [the curl website security page](https://curl.se/docs/security.html).
11 Security vulnerabilities **should not** be entered in the project's public bug
16 The typical process for handling a new security vulnerability is as follows.
23 reference to the security nature of the commit if done prior to the public
31 security vulnerability in curl or libcurl are ignored and no further action
34 - A person in the security team responds to the original report to acknowledge
37 - The security team investigates the report and either rejects it or accepts
46 - The security team discusses the problem, works out a fix, considers the
55 - Write a security advisory draft about the problem that explains what the
[all …]
|
| D | BUG-BOUNTY.md | 9 Start out by posting your suspected security vulnerability directly to [curl's
12 After you have reported a security issue, it has been deemed credible, and a
14 this program. See the [Security Process](https://curl.se/dev/secprocess.html)
15 document for how we work with security issues.
20 security vulnerabilities. The amount of money that is rewarded depends on how
33 Everyone and anyone who reports a security problem in a released curl version
36 Dedicated - paid for - security audits that are performed in collaboration
58 The curl security team is the sole arbiter if a reported flaw is subject to a
64 performed by the curl security team. The grading will be based on the CVSS
69 The curl security team gives the vulnerability a score or severity level, as
[all …]
|
| /third_party/python/Doc/library/ |
| D | security_warnings.rst | 3 .. index:: single: security considerations
5 Security Considerations
8 The following modules have specific security considerations:
10 * :mod:`base64`: :ref:`base64 security considerations <base64-security>` in
12 * :mod:`cgi`: :ref:`CGI security considerations <cgi-security>`
17 basic security checks. See the :ref:`security considerations <http.server-security>`.
19 <logging-eval-security>`
21 <multiprocessing-recv-pickle-security>`
23 * :mod:`random` shouldn't be used for security purposes, use :mod:`secrets`
26 dealing with untrusted sources <shelve-security>`
[all …]
|
| /third_party/node/deps/cares/ |
| D | SECURITY.md | 1 c-ares security
4 This document is intended to provide guidance on how security vulnerabilities
13 Security vulnerabilities should not be entered in the project's public bug
15 issue to only the reporter and the project's security team.
20 The typical process for handling a new security vulnerability is as follows.
27 reference to the security nature of the commit if done prior to the public
31 privately to `c-ares-security@haxx.se`. That's an email alias that reaches a
35 security vulnerability in c-ares are ignored and no further action is
38 - A person in the security team sends an e-mail to the original reporter to
41 - The security team investigates the report and either rejects it or accepts
[all …]
|
| /third_party/glib/ |
| D | SECURITY.md | 1 # Security policy for GLib
5 * [Security Announcements](#Security-Announcements)
12 longer supported, although they may still receive backported security updates
33 If you think you've identified a security issue in GLib, GObject or GIO, please
45 which fix the security issue, please attach them to your confidential issue as
50 As per the [GNOME security policy](https://security.gnome.org/), the next steps
60 [public channels listed below](#Security-Announcements).
63 ## Security Announcements
65 Security announcements are made publicly via the
70 Announcements for security issues with wide applicability or high impact may
[all …]
|
| /third_party/ntfs-3g/ntfsprogs/ |
| D | ntfssecaudit.8.in | 6 ntfssecaudit \- NTFS Security Data Auditing
14 -a full auditing of security data (Linux only)
23 -h displaying hexadecimal security descriptors saved in a file
61 Displays in an human readable form the hexadecimal security descriptors
66 Audits the volume : all the global security data on \fIvolume\fP are scanned
68 directories are also scanned and their relations to global security data
72 NTFS 3.0). Such volumes have no global security data.
78 Displays the security parameters of \fIfile\fP : its interpreted Linux mode
79 (rwx flags in octal) and Posix ACL[1], its security key if any, and its
80 security descriptor if verbose output.
[all …]
|
| /third_party/selinux/libselinux/man/man3/ |
| D | getcon.3 | 3 getcon, getprevcon, getpidcon \- get SELinux security context of a process
5 freecon, freeconary \- free memory associated with SELinux security contexts
7 getpeercon \- get security context of a peer socket
9 setcon \- set current security context of a process
69 frees the memory allocated for a security context.
85 sets the current security context of the process to a new value. Note
88 security contexts, unlike exec-based transitions performed via
116 an inconsistency among the security contexts of threads sharing
120 new security context is bounded by the old security context, where
122 policy and guarantees that the new security context has a subset of
[all …]
|
| D | selinux_restorecon.3 | 1 .TH "selinux_restorecon" "3" "20 Oct 2015" "Security Enhanced Linux" "SELinux API documentation"
4 selinux_restorecon \- restore file(s) default SELinux security contexts
25 restores file default security contexts on filesystems that support extended
42 .IR security.sehash
72 .IR security.sehash
78 .IR security.sehash
88 .IR security.sehash
183 .IR security.sehash
253 .IR security.sehash
264 getfattr -e hex -n security.sehash /
[all …]
|
| /third_party/selinux/libselinux/include/selinux/ |
| D | avc.h | 34 * Return a copy of the security context corresponding to the input
45 * @ctx: input security context
48 * Look up security context @ctx in SID table, making
81 * be called to obtain a new SID for the security context.
90 * avc_get_initial_sid - get SID for an initial kernel security identifier
91 * @name: input name of initial kernel security identifier
94 * Get the context for an initial kernel security identifier specified by
147 to the given security class) into msgbuf. */
245 * callbacks will be retained, but security-event
253 * @ssid: source security identifier
[all …]
|
| /third_party/mbedtls/include/mbedtls/ |
| D | des.h | 7 * security risk. We recommend considering stronger ciphers
57 * security risk. We recommend considering stronger ciphers
69 * security risk. We recommend considering stronger ciphers
87 * security risk. We recommend considering stronger ciphers
98 * security risk. We recommend considering stronger ciphers
109 * security risk. We recommend considering stronger ciphers
120 * security risk. We recommend considering stronger ciphers
134 * security risk. We recommend considering stronger ciphers
150 * security risk. We recommend considering stronger ciphers
164 * security risk. We recommend considering stronger ciphers
[all …]
|
| D | md5.h | 7 * security risk. We recommend considering stronger message
47 * constitutes a security risk. We recommend considering
68 * constitutes a security risk. We recommend considering
80 * constitutes a security risk. We recommend considering
93 * constitutes a security risk. We recommend considering
108 * constitutes a security risk. We recommend considering
124 * constitutes a security risk. We recommend considering
141 * constitutes a security risk. We recommend considering
157 * constitutes a security risk. We recommend considering
174 * constitutes a security risk. We recommend considering
[all …]
|
| D | sha1.h | 10 * a security risk. We recommend considering stronger message
53 * constitutes a security risk. We recommend considering
72 * constitutes a security risk. We recommend considering
85 * constitutes a security risk. We recommend considering
100 * constitutes a security risk. We recommend considering
114 * constitutes a security risk. We recommend considering
130 * constitutes a security risk. We recommend considering
151 * constitutes a security risk. We recommend considering
169 * constitutes a security risk. We recommend considering
193 * constitutes a security risk. We recommend considering
[all …]
|
| /third_party/libuv/ |
| D | SECURITY.md | 1 # Security Policy
5 Currently, we are providing security updates for the latest release in the v1.x series:
13 …security vulnerability in `libuv`, please use the [GitHub's private vulnerability reporting featur…
27 We take all security bugs seriously. Thank you for improving the security of `libuv`. We appreciate…
|
| /third_party/mbedtls/ |
| D | SECURITY.md | 3 If you think you have found an Mbed TLS security vulnerability, then please
4 send an email to the security team at
5 <mbed-tls-security@lists.trustedfirmware.org>.
7 ## Security Incident Handling Process
9 Our security process is detailed in our
10 [security
11 center](https://developer.trustedfirmware.org/w/mbed-tls/security-center/).
19 get security fixes.
35 protection is limited to providing security guarantees offered by the protocol
82 Mbed TLS doesn't make any security guarantees against local non-timing-based
[all …]
|
| /third_party/typescript/ |
| D | SECURITY.md | 1 <!-- BEGIN MICROSOFT SECURITY.MD V0.0.5 BLOCK -->
3 ## Security
5 Microsoft takes the security of our software products and services seriously, which includes all so…
7 …elieve you have found a security vulnerability in any Microsoft-owned repository that meets [Micro…
9 ## Reporting Security Issues
11 **Please do not report security vulnerabilities through public GitHub issues.**
13 Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.micro…
15 …t your message with our PGP key; please download it from the [Microsoft Security Response Center P…
41 <!-- END MICROSOFT SECURITY.MD BLOCK -->
|
| /third_party/nghttp2/doc/sources/ |
| D | security.rst | 1 Security Process
12 open a new security advisory draft using `GitHub security feature
13 <https://github.com/nghttp2/nghttp2/security>`_ and discuss the
17 We write the security advisory and get CVE number from GitHub
26 upcoming release will have a security fix. The ``SECURITY`` label is
33 Security advisory is disclosed on GitHub.
|
| /third_party/ntfs-3g/src/ |
| D | ntfs-3g.c | 101 #include "security.h"
286 * Fill a security context as needed by security functions
298 scx->mapping[MAPUSERS] = ctx->security.mapping[MAPUSERS]; in ntfs_fuse_fill_security_context()
299 scx->mapping[MAPGROUPS] = ctx->security.mapping[MAPGROUPS]; in ntfs_fuse_fill_security_context()
313 return (ctx->security.mapping[MAPUSERS] != (struct MAPPING*)NULL); in ntfs_fuse_fill_security_context()
815 struct SECURITY_CONTEXT security; in ntfs_fuse_getattr() local
826 withusermapping = ntfs_fuse_fill_security_context(&security); in ntfs_fuse_getattr()
832 && !ntfs_allowed_dir_access(&security,path, in ntfs_fuse_getattr()
1035 if (ntfs_get_owner_mode(&security,ni,stbuf) < 0) in ntfs_fuse_getattr()
1380 struct SECURITY_CONTEXT security; in ntfs_fuse_opendir() local
[all …]
|
| D | lowntfs-3g.c | 103 #include "security.h"
337 * Fill a security context as needed by security functions
350 scx->mapping[MAPUSERS] = ctx->security.mapping[MAPUSERS]; in ntfs_fuse_fill_security_context()
351 scx->mapping[MAPGROUPS] = ctx->security.mapping[MAPGROUPS]; in ntfs_fuse_fill_security_context()
372 return (ctx->security.mapping[MAPUSERS] != (struct MAPPING*)NULL); in ntfs_fuse_fill_security_context()
988 struct SECURITY_CONTEXT security; in ntfs_fuse_getattr() local
994 ntfs_fuse_fill_security_context(req, &security); in ntfs_fuse_getattr()
995 res = ntfs_fuse_getstat(&security, ni, &stbuf); in ntfs_fuse_getattr()
1030 struct SECURITY_CONTEXT security; in ntfs_fuse_lookup() local
1043 if (ntfs_fuse_fill_security_context(req, &security) in ntfs_fuse_lookup()
[all …]
|
| /third_party/rust/crates/rustix/ |
| D | SECURITY.md | 1 # Security Policy
3 … core of what we do in the Bytecode Alliance. Contributions of external security researchers are a…
7 If you believe you've found a security issue in any website, service, or software owned or operated…
11 …at [security@bytecodealliance.org](mailto:security@bytecodealliance.org). Your submission will be …
15 The Bytecode Alliance supports safe harbor for security researchers who:
|
| /third_party/selinux/secilc/docs/ |
| D | cil_sid_statements.md | 40 (sid security)
76 This will produce an ordered list of "`kernel security unlabeled`"
80 (sid security)
82 (sidorder (kernel security))
83 (sidorder (security unlabeled))
89 Associates an SELinux security [context](#context) to a previously declared [`sid`](cil_sid_stateme…
115 <td align="left"><p>A previously declared <code>context</code> identifier or an anonymous security …
122 This shows two named security context examples plus an anonymous context:
130 (sid security)
132 (sidcontext security security_context)
|
| /third_party/selinux/libsepol/include/sepol/policydb/ |
| D | context.h | 6 * A security context is a set of security attributes
8 * by the security policy. Security contexts are
11 * with an understanding of the security policy.
12 * Internally, the security server uses a simple
14 * security server and can be changed without affecting
15 * clients of the security server.
30 * A security context consists of an authenticated user
|
| D | flask_types.h | 22 * A security context is a set of security attributes
24 * by the security policy. The security context type
27 * understanding of the security policy.
43 * The set of security classes is specified in policy.
|