Add SECURITY.md
This commit is contained in:
35
SECURITY.md
Normal file
35
SECURITY.md
Normal file
@@ -0,0 +1,35 @@
|
|||||||
|
# Security Policy
|
||||||
|
|
||||||
|
## Reporting Vulnerabilities
|
||||||
|
|
||||||
|
If you find a security vulnerability in BlackRoad OS:
|
||||||
|
|
||||||
|
1. **Do NOT open a public issue**
|
||||||
|
2. Use the **Security Report** issue template (marked confidential)
|
||||||
|
3. Or contact: amundsonalexa@gmail.com
|
||||||
|
|
||||||
|
## Supported Versions
|
||||||
|
|
||||||
|
| Component | Version | Supported |
|
||||||
|
|-----------|---------|-----------|
|
||||||
|
| Gitea | 1.25.4 | ✅ |
|
||||||
|
| Cloudflare Workers | Latest | ✅ |
|
||||||
|
| Node.js | 20 LTS | ✅ |
|
||||||
|
| Python | 3.12+ | ✅ |
|
||||||
|
|
||||||
|
## Security Measures
|
||||||
|
|
||||||
|
- All nodes behind Cloudflare tunnels (no exposed ports)
|
||||||
|
- WireGuard mesh encryption (10.8.0.x)
|
||||||
|
- SSH key authentication only (no passwords)
|
||||||
|
- UFW firewall on Lucidia
|
||||||
|
- Sentinel agent monitors for anomalies
|
||||||
|
- Security scan CI on all repos
|
||||||
|
- HMAC webhook signatures
|
||||||
|
|
||||||
|
## Agent Security Team
|
||||||
|
|
||||||
|
🛡️ **Sentinel** automatically reviews all security-labeled issues.
|
||||||
|
|
||||||
|
---
|
||||||
|
*BlackRoad OS — Pave Tomorrow.*
|
||||||
Reference in New Issue
Block a user