Page MenuHomePhabricator

How to best contact the WMF Security team?
Closed, ResolvedPublic

Description

https://www.mediawiki.org/wiki/Gerrit/Code_review#Security currently says

If in doubt, consider contacting the Wikimedia Security Team.

However mw:Wikimedia_Security_Team does not say how to contact the team. (Which might be fine, but in that case that sentence should get removed from mw:Gerrit/Code_review.)
Creating this task in case adding more explicit contact info is something to consider for the Security Team (feel free to decline).

Event Timeline

Aklapper created this task.Nov 13 2019, 9:36 PM
sbassett triaged this task as Low priority.EditedNov 13 2019, 9:52 PM
sbassett added subscribers: Jcross, chasemp, Reedy and 2 others.

Thanks, @Aklapper. I've gone ahead and added a new section here:

https://www.mediawiki.org/wiki/Wikimedia_Security_Team#Contact_The_Security_Team

And to note: we're also working on the creation of a very general "security team" intake form for Phabricator, basically for sending along anything not related to pressing security issues or security reviews.

sbassett moved this task from Incoming to In Progress on the Security-Team board.Nov 13 2019, 9:54 PM

Thanks a lot for the quick reaction! :) Feel free to resolve this task.

Jcross closed this task as Resolved.Nov 18 2019, 5:53 PM
Jcross claimed this task.

Happy @sbassett could help, and as he mentioned we'll be adding more and refining in the near future. Cheers :)