fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-03 16:51:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #1542 from rhymix/github-security-policy

Browse source 
Add GitHub security policy
This commit is contained in:
Kijin Sung 2021-01-05 23:41:12 +09:00 committed by GitHub
commit cef7f32901
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

17
SECURITY.md Normal file
View file

@ -0,0 +1,17 @@
Security Policy
---------------
### Supported Versions
Only the latest version is actively supported.
## Reporting a Vulnerability
Please report possible vulnerabilities by email to devops@rhymix.org.
Please DO NOT use GitHub issues or pull requests for this purpose.
We do not consider it a vulnerability if the superuser (is_admin=Y) account
can insert scripts or delete information. That's what the superuser account is for!
It will, however, be considered a serious vulnerability if someone else can
trick a superuser to perform such actions inadvertently,
for example through a CSRF attack.