Add the Security Officer charter to the site and link it from the main page.

Approved by:	nectar

en/security/Makefile

@@ -1,4 +1,4 @@
-# $FreeBSD: www/en/security/Makefile,v 1.10 2004/01/13 22:44:07 hrs Exp $
+# $FreeBSD: www/en/security/Makefile,v 1.11 2004/01/17 18:58:07 hrs Exp $
 
 .if exists(../Makefile.conf)
 .include "../Makefile.conf"
@@ -7,7 +7,7 @@
 .include "../Makefile.inc"
 .endif
 
-DOCS=  
+DOCS=	charter.sgml
 DOCS+=	security.sgml
 
 INDEXLINK= security.html

en/security/charter.sgml

@@ -0,0 +1,99 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" [
+<!ENTITY base CDATA "..">
+<!ENTITY date "$FreeBSD$">
+<!ENTITY title "FreeBSD Security Officer Charter">
+<!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
+]>
+
+<html>
+  &header;
+
+  <h2>FreeBSD Security Officer Charter</h2>
+
+  <h3>1. Introduction</h3>
+
+    <p>The FreeBSD Security Officer's mission is to protect the
+      FreeBSD user community by keeping the community informed of
+      bugs, exploits, popular attacks, and other risks; by acting as
+      a liaison on behalf of the FreeBSD Project with external
+      organizations regarding sensitive, non-public security issues;
+      and by promoting the distribution of information needed to
+      safely run FreeBSD systems, such as system administration and
+      programming tips.</p>
+
+  <h3>2. Responsibilities</h3>
+
+  <p>The responsibilities of the Security Officer include:</p>
+
+  <ul>
+    <li>Resolving disputes involving security.</li>
+
+    <li>Resolving software bugs that affect the security of FreeBSD
+      in a timely fashion.</li>
+
+    <li>Issuing security advisories for FreeBSD.</li>
+
+    <li>Responding to vendor inquiries regarding security issues.</li>
+
+    <li>Auditing as much code as possible, but particularly security-
+      and network- related code.</li>
+
+    <li>Monitoring the appropriate channels for reports of bugs,
+      exploits, and other circumstances that may affect the security
+      of a FreeBSD system.</li>
+
+    <li>Participating in the architecture of FreeBSD in order to
+      influence a positive impact on system security.</li>
+
+    <li>The Security Officer maintains the FreeBSD Security Officer PGP
+      key.</li>
+  </ul>
+
+  <h3>3. Authorities</h3>
+
+  <p>The FreeBSD Core Team has delegated authority to the Security
+    Officer in matters of security, and the Security Officer is
+    accountable to the Core Team in the use of this authority.  He
+    is expected to act with common sense and use appropriate discretion
+    when using any of the nappointed powers.  Any actions that conflict
+    with the committers' guidelines require particularly careful
+    judgment.</p>
+
+  <p>Specifically, subject to the accountability constraints, the
+    Security Officer is granted the following powers:</p>
+
+  <ul>
+    <li>Expedited commits: The Security Officer may forego the usual
+      committers' guidelines in areas of security.</li>
+
+    <li>Veto: The Security Officer has the final say in security
+      matters, and may request the back-out of any commits or
+      elimination of any subsystems that he considers detrimental
+      to the security of FreeBSD.</li>
+
+    <li>Team: The Security Officer may maintain a Security Officer Team
+      and delegate these powers and responsibilities at his discretion.
+      Membership is selected by the Security Officer, but always
+      includes emeritus security officers --- just when they thought
+      they had paid their dues.</li>
+
+    <li>Mailing list: The <a href="mailto:security-officer@FreeBSD.org">
+      security-officer@FreeBSD.org</a> mailing list is administrated by
+      the Security Officer.</li>
+  </ul>
+
+  <h3>4. Structure</h3>
+
+  <p>A new Security Officer is appointed by the previous Security
+    Officer and ratified by the Core Team.  The Security Officer
+    is accountable to the Core Team.</p>
+
+  <p>The Security Officer Team members are selected by the Security
+    Officer, and they are accountable to the Security Officer and to the
+    Core Team.  Security Officer Team members are expected to assist the
+    Security Officer in fulfilling his responsibilities and otherwise
+    participate in protecting the FreeBSD user community.</p>
+
+    &footer;
+  </body>
+</html>

en/security/security.sgml

@@ -1,11 +1,11 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" [
 <!ENTITY base CDATA "..">
-<!ENTITY date "$FreeBSD: www/en/security/security.sgml,v 1.155 2004/04/13 17:11:11 trhodes Exp $">
+<!ENTITY date "$FreeBSD: www/en/security/security.sgml,v 1.156 2004/04/13 17:18:53 trhodes Exp $">
 <!ENTITY title "FreeBSD Security Information">
 <!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
 <!ENTITY advisories.html.inc SYSTEM "advisories.html.inc">
 ]>
-<!-- $FreeBSD: www/en/security/security.sgml,v 1.155 2004/04/13 17:11:11 trhodes Exp $ -->
+<!-- $FreeBSD: www/en/security/security.sgml,v 1.156 2004/04/13 17:18:53 trhodes Exp $ -->
 
 <html>
     &header;
@@ -28,6 +28,7 @@ introduce vulnerabilities.</P>
 <UL>
 <li><a href="#how">How and Where to report a FreeBSD security issue</a></li>
 <LI><A HREF="#sec">Information about the FreeBSD Security Officer</A></LI>
+<li><a href="charter.html">Charter for the Security Officer and Team</a></li>
 <LI><A HREF="#pol">Information handling policies</A></LI>
 <LI><A HREF="#adv">FreeBSD Security Advisories</A></LI>
 <li><a href="http://www.freebsd.org/handbook/security-advisories.html">