Page Menu
Home
GnuPG
Search
Configure Global Search
Log In
Files
F36276281
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Size
2 KB
Subscribers
None
View Options
diff --git a/web/documentation/security.org b/web/documentation/security.org
index 67e25d0..69e1ff4 100644
--- a/web/documentation/security.org
+++ b/web/documentation/security.org
@@ -1,43 +1,49 @@
#+TITLE: GnuPG - Security
#+STARTUP: showall
#+SETUPFILE: "../share/setup.inc"
* Security
The GnuPG Project takes the security of software it develops very
seriously. In general we prefer a [[https://en.wikipedia.org/wiki/Full_disclosure_(computer_security)][full disclosure]] approach and all
bugs listed in our [[file:bts.org][bug tracker]] as well as code changes in our [[../download/git.org][software
repository]] are public. Given that GnuPG is an important part of many
software distributions and severe bugs in GnuPG would affect their
users directly, we co-ordinate with them in private as soon as we
learn about a severe vulnerability.
Sometimes we receive pre-notifications of research which may lead to a
new kind of vulnerability. In these cases we may work with the
researchers in private on a solution and co-ordinate our fix release
with them.
** Threat Model of libgcrypt
-For libgcrypt, as its a library, it is intended to be used widely.
-Thus, users can run the code in any environments as they wish.
-However, there are hardware which may allow access to fine-grained
-side channel. Those hardware related threats are out of the scope of
-libgcrypt threat model. It's up to users not to offer any access to
-those side channels in such use cases.
+Libgcrypt has been developed for use in a wide variety of platforms
+with different security needs. Some platforms exhibit fine-grained
+side channels which can be used to spy on processes running in other
+containers or virtual machines. Although Libgcrypt implements many
+countermeasures against such side-channels attacks, it is not possible
+to avoid all of them. In the worst case it is thus possible to leak
+the entire private key or a password to a malicious process running in
+another virtual machine on the same hardware.
+
+Those hardware related threats are out of scope in Libgcrypt's threat
+model. It is up to users not to offer any access to those
+side-channels.
** Security contact
If you found a *severe* security problem and you do not want to
publish it, please report it by mail to security at gnupg.org. We
prefer reports in plain text format; if needed we can also work with
PDF files. For security reasons we won't read any other complex data
formats (e.g. docx or odt).
Note that we do not use a team OpenPGP key. Thus please write a
non-encrypted message to the security address and ask for the keys of
the developers at duty and then encrypt the mail to all of them. A
list of our core developers can be found [[../people/index.org][here]]; they are all active on
the gnupg-devel mailing list.
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Sun, Feb 22, 6:41 PM (1 d, 12 h)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
a9/93/1db892869f885ff5f830bca200f6
Attached To
rD Documentation
Event Timeline
Log In to Comment