mirror of
https://github.com/hyprwm/Hyprland.git
synced 2025-05-12 23:00:36 +01:00
32 lines
1.1 KiB
Markdown
32 lines
1.1 KiB
Markdown
# Hyprland Development Security Policy
|
|
|
|
If you have a bug that affects the security of your system, you may
|
|
want to privately disclose it instead of making it immediately public.
|
|
|
|
## Supported versions
|
|
|
|
_Only_ the most recent release on Github is supported. There are no LTS releases.
|
|
|
|
## What is not a security issue
|
|
|
|
Some examples of issues that should not be reported as security issues:
|
|
|
|
- An app can execute a command when ran outside of a sandbox
|
|
- An app can write / read hyprland sockets when ran outside of a sandbox
|
|
- Crashes
|
|
- Things that are protected via permissions when the permission system is disabled
|
|
|
|
## What is a security issue
|
|
|
|
Some examples of issues that should be reported as security issues:
|
|
|
|
- Sandboxed application executing arbitrary code via Hyprland
|
|
- Application being able to modify Hyprland's code on the fly
|
|
- Application being able to keylog / track user's activity beyond what the wayland protocols allow
|
|
|
|
## How to report security issues
|
|
|
|
Please report your security issues via either of these channels:
|
|
- Mail: `vaxry [at] vaxry [dot] net`
|
|
- Matrix: `@vaxry:matrix.vaxry.net`
|
|
- Discord: `@vaxry`
|