hyprwm/Hyprland
1
0
Fork 0
mirror of https://github.com/hyprwm/Hyprland.git synced 2025-05-12 14:50:36 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

SECURITY: init security policy

Browse source 
fixes #9921
This commit is contained in:
Vaxry 2025-04-27 00:07:00 +02:00 committed by GitHub
parent 94c55fe909
commit 4f868a1f3c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 32 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
SECURITY.md Normal file
View file

@ -0,0 +1,32 @@
# Hyprland Development Security Policy
If you have a bug that affects the security of your system, you may
want to privately disclose it instead of making it immediately public.
## Supported versions
_Only_ the most recent release on Github is supported. There are no LTS releases.
## What is not a security issue
Some examples of issues that should not be reported as security issues:
- An app can execute a command when ran outside of a sandbox
- An app can write / read hyprland sockets when ran outside of a sandbox
- Crashes
- Things that are protected via permissions when the permission system is disabled
## What is a security issue
Some examples of issues that should be reported as security issues:
- Sandboxed application executing arbitrary code via Hyprland
- Application being able to modify Hyprland's code on the fly
- Application being able to keylog / track user's activity beyond what the wayland protocols allow
## How to report security issues
Please report your security issues via either of these channels:
- Mail: `vaxry [at] vaxry [dot] net`
- Matrix: `@vaxry:matrix.vaxry.net`
- Discord: `@vaxry`