diff options
| author | bcoles <bcoles@gmail.com> | 2021-01-16 23:09:01 +1100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-01-16 13:09:01 +0100 |
| commit | c90b7881a7313a9b36c7069769b5489c3be4f014 (patch) | |
| tree | e19d38a61945d01f21b1749c66f3d172886cd179 | |
| parent | 38c5b3f78814fa7883f4569125acc751c53d2f80 (diff) | |
| download | serenity-c90b7881a7313a9b36c7069769b5489c3be4f014.zip | |
Website: Bounty: Add rule for user interaction/social engineering (#4974)
| -rw-r--r-- | Meta/Websites/serenityos.org/bounty/index.html | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/Meta/Websites/serenityos.org/bounty/index.html b/Meta/Websites/serenityos.org/bounty/index.html index 3307df6493..2efd65dcde 100644 --- a/Meta/Websites/serenityos.org/bounty/index.html +++ b/Meta/Websites/serenityos.org/bounty/index.html @@ -21,6 +21,7 @@ <li>The PoC exploit needs to work against the master branch at the time of claim.</li> <li>Max 5 bounties per person.</li> <li>No duplicates. If a bug is already reported, only the earliest reporter may claim the reward. This includes bugs found by continuous fuzzing systems.</li> + <li>No rewards for bugs that require unlikely user interaction or social engineering.</li> <li>Remote bugs must be exploitable with an unmodified "default setup" of SerenityOS. Bugs in programs that are not started by default don't qualify.</li> <li>The PoC exploit needs to work on a QEMU-emulated CPU that supports SMAP, SMEP, UMIP, NX, WP, and TSD natively.</li> <li>SerenityOS always runs with assertions enabled, so you'll need to find a way around them.</li> |