add SECURITY.md

ZEISS · Mar 20, 2024 · 33ce9ef · 33ce9ef
1 parent 8b4a7f9
commit 33ce9ef
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/.reuse/dep5 b/.reuse/dep5
@@ -1,5 +1,5 @@
 Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Upstream-Name: imgdoc2
+Upstream-Name: warpaffine
 Upstream-Contact: Carl Zeiss Microscopy GmbH <[email protected]>
 Source: https://github.com/zeissmicroscopy/warpaffine
 

diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,8 @@
+# Security Policy
+
+Any security issues should be submitted directly through [privately reporting a security vulnerability](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability). In order to determine whether you are dealing with a security issue, ask yourself these two questions:
+
+Can I access something that's not mine, or something I shouldn't have access to?  
+Can I disable something for other people?  
+
+If the answer to either of those two questions are "yes", then you're probably dealing with a security issue. Note that even if you answer "no" to both questions, you may still be dealing with a security issue, so if you're unsure, just follow the instructions linked above.