XanvicOS/SECURITY.md

# Security Policy

## What are the supported versions?
The supported version is the latest commit in the stable, and main branch.
If you want talk about a bug, vulnerability, or feature please make sure that you are on the latest release, beause maybe the issue has already been resolved or the feature has been added.

## Reporting a Vulnerability

Vulnerabilities are important, if you discover them, please report them immediately.
If you want to report it: create an issue, select vulnerability, read the template and edit it. Congratulations, you just reported a vulnerability!

## What order do we follow when fixing a vulnerability

We take vulnerabilities seriusly because they are security risks, but some vulnerabilities are more important and dangerous than others.
For this reason we have a n/10 scale in the vulnerability template.
We read every vulnerability, and fix them in order of importance.

## What security risks do I take when I use XanvicOS?

XanvicOS is just a hobby project. I try to fix all the bugs, but sometimes I don't discover some.
XanvicOS isn't being developed by a multi billion dollar company, but just by a student during his free time.
By using XanvicOS in a not controlled enviroment (like a VM) you basically accept the fact that by using it you are exposing yourself to some security risks.
If you find any, please report them. You'll help us.
Create SECURITY.md 2024-09-04 22:22:02 +02:00			`# Security Policy`

Better security policy 2024-09-28 22:39:59 +02:00			`## What are the supported versions?`
			`The supported version is the latest commit in the stable, and main branch.`
			`If you want talk about a bug, vulnerability, or feature please make sure that you are on the latest release, beause maybe the issue has already been resolved or the feature has been added.`
Create SECURITY.md 2024-09-04 22:22:02 +02:00
Better security policy 2024-09-28 22:39:59 +02:00			`## Reporting a Vulnerability`
Create SECURITY.md 2024-09-04 22:22:02 +02:00
Better security policy 2024-09-28 22:39:59 +02:00			`Vulnerabilities are important, if you discover them, please report them immediately.`
			`If you want to report it: create an issue, select vulnerability, read the template and edit it. Congratulations, you just reported a vulnerability!`
Create SECURITY.md 2024-09-04 22:22:02 +02:00
Better security policy 2024-09-28 22:39:59 +02:00			`## What order do we follow when fixing a vulnerability`
Create SECURITY.md 2024-09-04 22:22:02 +02:00
Better security policy 2024-09-28 22:39:59 +02:00			`We take vulnerabilities seriusly because they are security risks, but some vulnerabilities are more important and dangerous than others.`
			`For this reason we have a n/10 scale in the vulnerability template.`
			`We read every vulnerability, and fix them in order of importance.`

			`## What security risks do I take when I use XanvicOS?`
Create SECURITY.md 2024-09-04 22:22:02 +02:00
Better security policy 2024-09-28 22:39:59 +02:00			`XanvicOS is just a hobby project. I try to fix all the bugs, but sometimes I don't discover some.`
			`XanvicOS isn't being developed by a multi billion dollar company, but just by a student during his free time.`
			`By using XanvicOS in a not controlled enviroment (like a VM) you basically accept the fact that by using it you are exposing yourself to some security risks.`
			`If you find any, please report them. You'll help us.`