doc: add security section to README.md

author Rod Vagg <rod@vagg.org>

Thu, 11 Jun 2015 10:37:37 +0000 (20:37 +1000)

committer Jeremiah Senkpiel <fishrock123@rocketmail.com>

Fri, 19 Jun 2015 19:02:33 +0000 (12:02 -0700)
author Rod Vagg <rod@vagg.org>
Thu, 11 Jun 2015 10:37:37 +0000 (20:37 +1000)
committer Jeremiah Senkpiel <fishrock123@rocketmail.com>
Fri, 19 Jun 2015 19:02:33 +0000 (12:02 -0700)
diff --git a/README.md b/README.md

index 900fa21..0d1c2e8 100644 (file)
--- a/README.md
+++ b/README.md
@@ -280,7 +280,16 @@ Instructions:
    [#io.js on Freenode.net](http://webchat.freenode.net?channels=io.js&uio=d4)
  * [iojs/io.js on Gitter](https://gitter.im/nodejs/io.js)
  
+## Security
  
+All security bugs in io.js are taken seriously and should be reported by
+emailing security@iojs.org. This will be delivered to a subset of the project
+team who handle security issues. Please don't disclose security bugs
+public until they have been handled by the security team.
+
+Your email will be acknowledged within 24 hours, and you’ll receive a more
+detailed response to your email within 48 hours indicating the next steps in
+handling your report.
  
  ## Current Project Team Members
author	Rod Vagg <rod@vagg.org>
	Thu, 11 Jun 2015 10:37:37 +0000 (20:37 +1000)
committer	Jeremiah Senkpiel <fishrock123@rocketmail.com>
	Fri, 19 Jun 2015 19:02:33 +0000 (12:02 -0700)