1.1 KiB
1.1 KiB
Security policy
Thanks for taking the time to look at this. Even small tools can introduce real risk — this one reconfigures network adapters from an elevated process — so vulnerability reports are very welcome.
Supported versions
Only the latest tagged release on GitHub is supported. Older versions will not get fixes; please upgrade first.
How to report a vulnerability
Please do not open a public issue for security-sensitive findings.
Use GitHub's private security advisories: go to the Security tab of this repo and click "Report a vulnerability". GitHub will route it privately.
Please include:
- The version you tested (the startup banner is enough).
- Steps to reproduce.
- An assessment of impact.
Reports are reviewed and addressed on a best-effort basis. A fix and a public advisory will be published once the issue is resolved. Reporters are credited unless they prefer to stay anonymous.
Out of scope
- Behavior when run without administrator privileges (the tool refuses to start in that case anyway).
- Issues that require the attacker to already control the user's machine.