* SECURITY.md: Tweak wording around idle clients.

author Joe Orton <jorton@apache.org>

Tue, 9 Jun 2026 15:35:27 +0000 (15:35 +0000)

committer Joe Orton <jorton@apache.org>

Tue, 9 Jun 2026 15:35:27 +0000 (15:35 +0000)
author Joe Orton <jorton@apache.org>
Tue, 9 Jun 2026 15:35:27 +0000 (15:35 +0000)
committer Joe Orton <jorton@apache.org>
Tue, 9 Jun 2026 15:35:27 +0000 (15:35 +0000)
diff --git a/SECURITY.md b/SECURITY.md

index 90b59c83dbd2376932d8343f87a67bfce4daabe6..8d2c84da5a8e3269e273b037e71e6c6a9f7f875b 100644 (file)
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -47,7 +47,7 @@ Processing of requests by remote untrusted users (HTTP clients) MUST
  NOT crash or prematurely terminate server processes, nor gain code
  execution privileges.  In the default configuration, timeouts are
  applied to most aspects of HTTP request handling such that a single
-client SHOULD NOT tie up a single processing thread or process
+idle client connection SHOULD NOT tie up a single processing thread or process
  indefinitely.
  
  It is the responsibility of the server administrator to tune and
author	Joe Orton <jorton@apache.org>
	Tue, 9 Jun 2026 15:35:27 +0000 (15:35 +0000)
committer	Joe Orton <jorton@apache.org>
	Tue, 9 Jun 2026 15:35:27 +0000 (15:35 +0000)