From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <e@80x24.org>
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-ASN:  
X-Spam-Status: No, score=-4.0 required=3.0 tests=ALL_TRUSTED,BAYES_00
	shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2
Received: from localhost (dcvr.yhbt.net [127.0.0.1])
	by dcvr.yhbt.net (Postfix) with ESMTP id E25E91FA11
	for <meta@public-inbox.org>; Sat, 30 Oct 2021 08:11:44 +0000 (UTC)
From: Eric Wong <e@80x24.org>
To: meta@public-inbox.org
Subject: [PATCH 5/5] doc: lei-security: add a note about core dumps
Date: Sat, 30 Oct 2021 08:11:44 +0000
Message-Id: <20211030081144.1080-6-e@80x24.org>
In-Reply-To: <20211030081144.1080-1-e@80x24.org>
References: <20211030081144.1080-1-e@80x24.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
List-Id: <meta.public-inbox.org>

Maybe we can avoid them if we stop having buggy code :P
---
 Documentation/lei-security.pod | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Documentation/lei-security.pod b/Documentation/lei-security.pod
index 8cbd89934568..104bfb48a26c 100644
--- a/Documentation/lei-security.pod
+++ b/Documentation/lei-security.pod
@@ -64,6 +64,12 @@ public-facing L<public-inbox-daemon(8)> processes.  They may
 reside on shared storage and may be made world-readable to
 other users on the local system.
 
+=head1 CORE DUMPS
+
+In case any process crashes, a core dumps may contain passwords or
+contents of sensitive messages.  Please report these so they can be
+fixed (see L</CONTACT>).
+
 =head1 NETWORK ACCESS
 
 lei currently uses the L<curl(1)> and L<git(1)> executables in