| Version | Supported |
|---|---|
| 0.x | ✅ |
We take security seriously. If you discover a security vulnerability, please report it responsibly.
- Do NOT open a public issue
- Email security concerns to: [email protected]
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes
- Acknowledgment: Within 48 hours
- Initial Assessment: Within 7 days
- Resolution Timeline: Depends on severity
- Critical: 24-72 hours
- High: 7 days
- Medium: 30 days
- Low: 90 days
We consider security research conducted in good faith to be authorized. We will not pursue legal action against researchers who:
- Make good faith efforts to avoid privacy violations
- Avoid destruction of data
- Do not exploit vulnerabilities beyond proof-of-concept
- Report findings promptly
- Allow reasonable time for remediation
ObliFS is designed with security as a foundational concern:
- Capability-Based Access: No entity can be accessed without valid capability tokens
- Consent-Based Channels: Both parties must agree before communication
- Type-Enforced Boundaries: Turing-incomplete types prevent escape from designated roles
- Audit by Construction: All operations are logged by design
- Reversibility: State changes can be undone
We minimize dependencies and prefer:
- Memory-safe languages (Rust, ReScript)
- Formally verified components where available
- Reproducible builds via Nix
- All dependencies are pinned in
flake.lock - SPDX headers on all source files
- Signed commits required for maintainers