Skip to content

Security: lutzgo/nyx

Security

.github/SECURITY.md

Overview

If you have seen the sheer depth of my security-related tweaks within this repository, then you are probably aware that I consider security a high-priority goal, and a must-have for my system configurations. If you happen to be browsing through this repository and will or did take your time to report a vulnerability, then I owe you a thank you.

The Process

While reporting a vulnerability, please make sure that you have checked out to the latest commit to ensure you are not reporting something that has been already patched and that your personal modifications (if any) are not affecting the source.

If the issue is something we can fix on a system level (i.e a kernel parameter, addition/removal of a module or a few lines written to /etc/) then there are two main ways you can disclose a vulnerability. You can either choose privately report it (via the security tab) or create an issue. You may also choose to email me directly at raf [at] notashelf [dot] dev1. Additionally, if you are feeling extra generous at the time, you can also provide me a patch that helps resolve the issue or a pull request resolving it.

That said, I appreciate anyone taking their time to simply report the issue.

Footnotes

  1. The email address is slightly obfuscated to prevent web-scrapers from picking up my email address from the security file.

There aren’t any published security advisories