XanvicOS/SECURITY.md

1.4 KiB

Security Policy

What are the supported versions?

The supported version is the latest commit in the stable, and main branch. If you want talk about a bug, vulnerability, or feature please make sure that you are on the latest release, beause maybe the issue has already been resolved or the feature has been added.

Reporting a Vulnerability

Vulnerabilities are important, if you discover them, please report them immediately. If you want to report it: create an issue, select vulnerability, read the template and edit it. Congratulations, you just reported a vulnerability!

What order do we follow when fixing a vulnerability

We take vulnerabilities seriusly because they are security risks, but some vulnerabilities are more important and dangerous than others. For this reason we have a n/10 scale in the vulnerability template. We read every vulnerability, and fix them in order of importance.

What security risks do I take when I use XanvicOS?

XanvicOS is just a hobby project. I try to fix all the bugs, but sometimes I don't discover some. XanvicOS isn't being developed by a multi billion dollar company, but just by a student during his free time. By using XanvicOS in a not controlled enviroment (like a VM) you basically accept the fact that by using it you are exposing yourself to some security risks. If you find any, please report them. You'll help us.