(inlong-website) branch master updated: [INLONG-1129][Doc] Add security doc (#1130)

[aloyszhang]

This is an automated email from the ASF dual-hosted git repository.

aloyszhang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/inlong-website.git


The following commit(s) were added to refs/heads/master by this push:
     new 0c5f513541e [INLONG-1129][Doc] Add security doc (#1130)
0c5f513541e is described below

commit 0c5f513541e51d9cfa58f77b8d4ca5f7e9a31b5a
Author: vernedeng <verned...@apache.org>
AuthorDate: Tue Mar 11 15:47:40 2025 +0800

    [INLONG-1129][Doc] Add security doc (#1130)
---
 docs/contact.md                                      |  2 +-
 docs/security.md                                     | 20 ++++++++++++++++++++
 .../current/contact.md                               |  2 +-
 .../current/security.md                              | 20 ++++++++++++++++++++
 4 files changed, 42 insertions(+), 2 deletions(-)

diff --git a/docs/contact.md b/docs/contact.md
index f1e33182a37..fa546aa377b 100644
--- a/docs/contact.md
+++ b/docs/contact.md
@@ -1,6 +1,6 @@
 ---
 title: Contact Us
-sidebar_position: 11
+sidebar_position: 12
 ---
 
 - **Home Page**: https://inlong.apache.org
diff --git a/docs/security.md b/docs/security.md
new file mode 100644
index 00000000000..1cb6f172948
--- /dev/null
+++ b/docs/security.md
@@ -0,0 +1,20 @@
+---
+title: Security
+sidebar_position: 11
+---
+
+## Security Issues
+
+The Apache Software Foundation takes a very active stance in eliminating 
security issues and denial of service attacks against its products.
+
+We strongly encourage folks to report such issues to our **developing mailing 
list** first, before disclosing them in a public forum.
+
+Please note that this mailing list should only be used for reporting 
**undisclosed security vulnerabilities** and managing the process of fixing 
such vulnerabilities. Regular bug reports or other queries should be created as 
an [issue](https://github.com/apache/inlong/issues).
+
+The security mailing address is:  
+**d...@inlong.apache.org**
+
+## Security Model
+
+Apache InLong's Sort module provides real-time synchronization capabilities, 
supporting reading from and writing to various types of databases with trusted 
data. Unless specified otherwise, the presence of malicious data in the 
database is considered a security risk for the user. We emphasize that users 
are responsible for ensuring the security of their database data. Therefore, if 
vulnerabilities are triggered by the content of the synchronized data, such 
issues should not be reported a [...]
+
diff --git a/i18n/zh-CN/docusaurus-plugin-content-docs/current/contact.md 
b/i18n/zh-CN/docusaurus-plugin-content-docs/current/contact.md
index 7c67d8b8d9e..74a4c36c68a 100644
--- a/i18n/zh-CN/docusaurus-plugin-content-docs/current/contact.md
+++ b/i18n/zh-CN/docusaurus-plugin-content-docs/current/contact.md
@@ -1,6 +1,6 @@
 ---
 title: 联系我们
-sidebar_position: 10
+sidebar_position: 12
 ---
 
 - **主页**: https://inlong.apache.org
diff --git a/i18n/zh-CN/docusaurus-plugin-content-docs/current/security.md 
b/i18n/zh-CN/docusaurus-plugin-content-docs/current/security.md
new file mode 100644
index 00000000000..fde1ab64e32
--- /dev/null
+++ b/i18n/zh-CN/docusaurus-plugin-content-docs/current/security.md
@@ -0,0 +1,20 @@
+---
+title: 安全
+sidebar_position: 11
+---
+
+## 安全问题
+
+Apache 软件基金会积极致力于消除针对其产品的安全问题和拒绝服务攻击。
+
+我们强烈建议开发者在公开论坛披露这些问题之前，先将此类问题报告给我们的开发邮件列表。
+
+请注意，该邮件列表仅应用于报告未公开的安全漏洞以及处理修复此类漏洞的流程。常规的错误报告或其他咨询请创建 
[issue](https://github.com/apache/inlong/issues) 进行提交。
+
+报告安全问题的邮件地址为：
+**d...@inlong.apache.org**
+
+## 安全模型
+
+Apache InLong 中 Sort 
模块提供实时同步的能力，支持在各种类型的数据库中读取/写入受信任的数据。除非另有规定，否则数据库中存在恶意的数据是不安全的。我们认为，用户需要确保其数据库中的数据是安全的。因此，如果是因为同步的数据内容可能触发某些漏洞，则不要将此问题报告为
 Apache InLong 的漏洞。我们欢迎提出强化代码库的建议。
+