docs: Document possible auditing features in security model.

This commit is contained in:
Tim Abbott 2016-04-27 16:00:06 -07:00
parent 44fae09a48
commit b38c50c6bb
1 changed files with 4 additions and 0 deletions

View File

@ -706,6 +706,10 @@ we can do a responsible security announcement).
access messages sent to private streams that have bots subscribed, access messages sent to private streams that have bots subscribed,
by using the bot's credentials. by using the bot's credentials.
In the future, Zulip's security model may change to allow realm
administrators to access private messages (e.g. to support auditing
functionality).
* Every Zulip user has an API key, available on the settings page. * Every Zulip user has an API key, available on the settings page.
This API key can be used to do essentially everything the user can This API key can be used to do essentially everything the user can
do; for that reason, users should keep their API key safe. Users do; for that reason, users should keep their API key safe. Users