I couldn't find a DragonFly webpage that discussed security issues.

I found a webpage that says: yes, DragonFly is ready for production and a 
webpage that provides email address for reporting non-disclosable security 
issues.

Is there a security webpage I overlooked?

Should just the bug tracking system be used? I think that may make it 
difficult for weeding out the security specific issues. But nevertheless a 
good place to also report security bugs.

Okay if I just start a "security" page under wiki.dragonflybsd.org? 
Basically it can list known issues and steps on how to report security 
issues. And also note if someone is working on it or not.

As for the security-officer -- is there a private source that tracks the 
issues reported there too?

  Jeremy C. Reed

p.s. I am editing BSD admin study guide that provides details for three 
other BSDs and I need to mention DragonFly also.
[ message continues ]

No, there is no web page.  Actually I don't think that's particularly use=
ful.  Checking a web page is a "pull" action.  You could as well run a cv=

I wouldn't know what for to use it.  Either you don't want to disclose in=
formation, then you can't use it, or you don't care, then it will be trac=
ked as usual.  Not sure if it is necessary to track security issues separ=

Security officer usually fixes bugs within hours.  So usually there is on=
ly a pretty small window until a "known issue" becomes a "fixed issue".  =

What do you mean with "private source"?  Matt and me are receiving the ma=
ils and we act as needed, if it's that what you mean.

cheers
  simon

--=20
Serve - BSD     +++  RENT this banner advert  +++    ASCII Ribbon   /"\
Work - Mac      +++  space for low =E2=82=AC=E2=82=AC=E2=82=AC NOW!1  +++=
      Campaign     \ /
Party Enjoy Relax   |   http://dragonflybsd.org      Against  HTML   \
Dude 2c 2 the max   !   http://golden-apple.biz       Mail + News   / \

[ message continues ]