|
| 1 | +# Security Policy |
| 2 | + |
| 3 | +## Reporting a Vulnerability |
| 4 | + |
| 5 | +If you discover a security vulnerability in PostForge, please report it |
| 6 | +privately using [GitHub Private Vulnerability Reporting](https://github.com/AndyCappDev/postforge/security/advisories/new) |
| 7 | +rather than opening a public issue. |
| 8 | + |
| 9 | +I will acknowledge reports within 48 hours and aim to provide a fix or |
| 10 | +mitigation plan within 7 days. |
| 11 | + |
| 12 | +## What Counts as a Security Issue |
| 13 | + |
| 14 | +PostForge interprets PostScript files, which are programs. The PostScript |
| 15 | +language includes file I/O and system operators that are intentionally |
| 16 | +implemented. However, the following would be considered security issues: |
| 17 | + |
| 18 | +- **Sandbox escapes** — Executing host system commands or accessing resources |
| 19 | + outside the interpreter's intended scope |
| 20 | +- **Path traversal** — Accessing files outside expected directories through |
| 21 | + crafted file paths |
| 22 | +- **Memory safety** — Crashes or memory corruption that could be exploited |
| 23 | + through crafted PostScript input |
| 24 | +- **Denial of service** — Inputs that cause unbounded resource consumption |
| 25 | + beyond what the PostScript program requests (e.g., an interpreter bug that |
| 26 | + causes infinite loops or memory leaks independent of the PS program logic) |
| 27 | + |
| 28 | +## What Is Not a Security Issue |
| 29 | + |
| 30 | +- PostScript programs that consume large amounts of memory or CPU by design |
| 31 | + (e.g., deeply recursive procedures) — this is normal PostScript behavior |
| 32 | +- The `file`, `deletefile`, `renamefile`, or `run` operators working as |
| 33 | + specified in the PostScript Language Reference Manual |
| 34 | + |
| 35 | +## Supported Versions |
| 36 | + |
| 37 | +Security fixes are applied to the latest release on the `master` branch. |
0 commit comments