Home Original page

All Things Linux

At All Things Linux, we are committed to maintaining the highest security standards to protect our community and infrastructure. We deeply value the security research community and actively encourage responsible disclosure of security vulnerabilities. Your contributions help us ensure the safety, privacy, and integrity of our platforms and services.

We believe in transparency and collaboration when it comes to security. Our team is dedicated to investigating all reported issues promptly and working with researchers to address vulnerabilities in a timely and responsible manner.

Scope

This security policy applies to all All Things Linux projects and services, including but not limited to:

  • All our domains including their subdomains:
    • allthingslinux.com
    • allthingslinux.dev
    • allthingslinux.org
    • atl.chat
    • atl.dev
    • atl.moe
    • atl.network
    • atl.rip
    • atl.services
    • atl.sh
    • atl.tools
    • atl.wiki
  • API endpoints, backend services, Discord bot services or integrations, and community platforms or forums.
  • Repositories within the All Things Linux GitHub organization, individual projects may have exceptions.

We are interested in any vulnerability that could lead to unauthorized access, data breaches, or service disruptions. We welcome any reports of potential security issues outside of this scope but we may not be able to address them immediately. Please also note that we host external services, we also welcome reports regarding those services but we may not be able to address them directly and will refer you to the appropriate party.

How to Report a Security Issue

If you have discovered a security vulnerability, please help us keep our community safe by reporting it responsibly. When reporting, please include:

  1. A clear description of the vulnerability and its potential impact
  2. Detailed steps to reproduce the issue
  3. Information about the environment where you discovered the issue
  4. Any proof-of-concept code or evidence (if applicable)
  5. Any recommendations or patches you may have for resolving the issue

Responsible Disclosure Guidelines

We ask that you:

  • Do not make use of any vulnerabilities without explicit permission to do so
  • Do not access, copy, or destroy data in any capacity
  • Do not disrupt our services or degrade the performance of our services
  • Keep vulnerability details confidential until we have addressed the issue
  • Give us reasonable time to investigate and resolve the issue

Safe Harbor

Any activities conducted in a manner consistent with this policy will be considered authorized conduct and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will ensure it is known that your actions were conducted in compliance with this policy.

~/Recognition

We appreciate security researchers who help keep our community safe. If you would like to be acknowledged for your responsible disclosure, please let us know in your report and we'll be happy to recognize your contribution publicly.

Thank you for helping us keep All Things Linux secure for everyone.