Add SECURITY.md
This commit is contained in:
35
SECURITY.md
Normal file
35
SECURITY.md
Normal file
@@ -0,0 +1,35 @@
|
||||
# Security Policy
|
||||
|
||||
## Reporting Vulnerabilities
|
||||
|
||||
If you find a security vulnerability in BlackRoad OS:
|
||||
|
||||
1. **Do NOT open a public issue**
|
||||
2. Use the **Security Report** issue template (marked confidential)
|
||||
3. Or contact: amundsonalexa@gmail.com
|
||||
|
||||
## Supported Versions
|
||||
|
||||
| Component | Version | Supported |
|
||||
|-----------|---------|-----------|
|
||||
| Gitea | 1.25.4 | ✅ |
|
||||
| Cloudflare Workers | Latest | ✅ |
|
||||
| Node.js | 20 LTS | ✅ |
|
||||
| Python | 3.12+ | ✅ |
|
||||
|
||||
## Security Measures
|
||||
|
||||
- All nodes behind Cloudflare tunnels (no exposed ports)
|
||||
- WireGuard mesh encryption (10.8.0.x)
|
||||
- SSH key authentication only (no passwords)
|
||||
- UFW firewall on Lucidia
|
||||
- Sentinel agent monitors for anomalies
|
||||
- Security scan CI on all repos
|
||||
- HMAC webhook signatures
|
||||
|
||||
## Agent Security Team
|
||||
|
||||
🛡️ **Sentinel** automatically reviews all security-labeled issues.
|
||||
|
||||
---
|
||||
*BlackRoad OS — Pave Tomorrow.*
|
||||
Reference in New Issue
Block a user