If you have seen the sheer depth of my security-related tweaks within this repository, then you are probably aware that I consider security a high-priority goal, and a must-have for my system configurations. If you happen to be browsing through this repository and will or did take your time to report a vulnerability, then I owe you a thank you.
While reporting a vulnerability, please make sure that you have checked out to the latest commit to ensure you are not reporting something that has been already patched and that your personal modifications (if any) are not affecting the source.
If the issue is something we can fix on a system level (i.e a kernel parameter,
addition/removal of a module or a few lines written to /etc/) then there are
two main ways you can disclose a vulnerability. You can either choose privately
report it (via the security tab) or create an issue. You may also choose to
email me directly at raf [at] notashelf [dot] dev1. Additionally, if you
are feeling extra generous at the time, you can also provide me a patch that
helps resolve the issue or a pull request resolving it.
That said, I appreciate anyone taking their time to simply report the issue.
Footnotes
-
The email address is slightly obfuscated to prevent web-scrapers from picking up my email address from the security file. I am not sure if this helps but it'll be foolish not to try after the sheer volume of AI startup related e-mails. ↩