root: add //SECURITY_OWNERS
Specifically, this change adds a new //SECURITY_OWNERS file, then marks all SECURITY_OWNERS files elsewhere in the tree as owned by that SECURITY_OWNERS file. This will help enforce the SECURITY_OWNERS membership policy documented in //docs/security/security-owners.md. Note that it is still possible for OWNERS files in subdirectories to override this root rule: a more-specific OWNERS file will always override a less-specific one. We will monitor for that situation using watchlists, in the absence of a better technical measure to apply. Bug: 417401758 Change-Id: I7a7bca2cbc7a36ccab04310ff7b0d6cc09fde737 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6542689 Reviewed-by: Rick Byers <rbyers@chromium.org> Commit-Queue: Elly FJ <ellyjones@chromium.org> Cr-Commit-Position: refs/heads/main@{#1460364}
This commit is contained in:
Elly
5
OWNERS
5
OWNERS
@ -42,6 +42,11 @@ per-file PRESUBMIT*.py=wnwen@chromium.org # For .pydeps changes
|
||||
per-file README.md=*
|
||||
per-file WATCHLISTS=*
|
||||
|
||||
# Membership in SECURITY_OWNERS files is subject to a specific policy:
|
||||
# //docs/security/security-owners.md.
|
||||
per-file .../SECURITY_OWNERS=set noparent
|
||||
per-file .../SECURITY_OWNERS=file://SECURITY_OWNERS
|
||||
|
||||
# git submodules
|
||||
per-file build/fuchsia/internal=*
|
||||
per-file chromeos/ash/resources/internal=*
|
||||
|
||||
10
SECURITY_OWNERS
Normal file
10
SECURITY_OWNERS
Normal file
@ -0,0 +1,10 @@
|
||||
# The root SECURITY_OWNERS file contains members of the security ownership
|
||||
# council, who decide membership in SECURITY_OWNERS files in subdirectories. For
|
||||
# more information about this, see //docs/security/security-owners.md.
|
||||
#
|
||||
# If you want to join this group, contact awhalley.
|
||||
|
||||
awhalley@chromium.org
|
||||
creis@chromium.org
|
||||
estark@chromium.org
|
||||
rbyers@chromium.org
|
||||
@ -8,6 +8,7 @@ file://ATL_OWNERS
|
||||
file://third_party/OWNERS
|
||||
|
||||
# Security reviews
|
||||
file://SECURITY_OWNERS
|
||||
file://build/fuchsia/SECURITY_OWNERS
|
||||
file://chromeos/SECURITY_OWNERS
|
||||
file://content/browser/CHILD_PROCESS_SECURITY_POLICY_OWNERS
|
||||
|
||||
16
docs/security/security-owners.md
Normal file
16
docs/security/security-owners.md
Normal file
@ -0,0 +1,16 @@
|
||||
# SECURITY_OWNERS Policy
|
||||
|
||||
The Chromium project imposes additional requirements on the OWNERS of certain
|
||||
security-sensitive areas of the codebase. Whether these requirements are met is
|
||||
judged by a council of senior security engineers, who are listed in
|
||||
[../../SECURITY_OWNERS](the root SECURITY_OWNERS file).
|
||||
|
||||
The specific requirements are:
|
||||
1. The account being listed must be protected by mandatory 2-factor auth.
|
||||
2. There must be a benefit to the project that outweighs the risk of giving
|
||||
another user access to approve particularly security-sensitive changes.
|
||||
|
||||
To add a new user to a SECURITY_OWNERS file anywhere in the tree, prepare a CL
|
||||
adding that user to the file, then send it to one of the members of
|
||||
`//SECURITY_OWNERS` for review as normal. The root `SECURITY_OWNERS` will
|
||||
discuss amongst themselves, then either approve or disapprove your CL.
|
||||
Reference in New Issue
Block a user