Linux-Hello/SECURITY.md

# Security Policy

## Supported Versions

| Version | Supported          |
| ------- | ------------------ |
| 0.1.x   | :white_check_mark: |

## Reporting a Vulnerability

Linux Hello handles sensitive biometric data and integrates with system authentication.
We take security vulnerabilities seriously.

### How to Report

**Please do NOT open public GitHub issues for security vulnerabilities.**

Instead, report vulnerabilities by:

1. **Email**: Send details to the project maintainers privately
2. **Include**:
   - Description of the vulnerability
   - Steps to reproduce
   - Potential impact
   - Suggested fix (if any)

### What to Expect

- **Acknowledgment**: Within 48 hours
- **Initial Assessment**: Within 7 days
- **Status Updates**: Every 14 days until resolution
- **Credit**: Security researchers will be credited (unless anonymity requested)

### Scope

The following are in scope for security reports:

- Authentication bypass
- Template extraction or decryption
- Anti-spoofing bypass
- IPC/D-Bus authorization issues
- Memory safety issues
- Privilege escalation
- Information disclosure

### Out of Scope

- Social engineering attacks
- Physical attacks requiring extended access
- Attacks requiring TPM hardware exploits
- Denial of service (unless used for auth bypass)

## Security Architecture

See the [README](README.md#security) for details on our security model:

- **TPM2 Integration**: Hardware-bound encryption
- **Anti-Spoofing**: Multi-layer liveness detection
- **Secure Memory**: Automatic zeroization of sensitive data
- **IPC Security**: Peer credential verification and rate limiting

## Security Hardening Recommendations

For production deployments:

1. **Enable TPM**: Set `[tpm] enabled = true` in config
2. **Use IR Camera**: RGB cameras are explicitly not supported
3. **Keep Updated**: Apply security updates promptly
4. **Audit Logs**: Monitor `/var/log/auth.log` for authentication events
5. **Limit Access**: Configure appropriate file permissions