From a86d2750990f4586c1121765033a1bc53cd4e959 Mon Sep 17 00:00:00 2001
From: hhf <hhf@noreply.localhost>
Date: Sat, 28 Sep 2024 10:58:31 +0530
Subject: [PATCH] Add SECURITY.md

---
 SECURITY.md | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..bf0c668
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,19 @@
+# Security Policy
+
+I am not responsible. Use it at own risk.
+
+## Vulnerability Definition
+
+Please be aware that this script is intended to be run by administrators,
+who already generally already have privileged access to the machines on
+which the script is running.  Therefore, an example vulnerability that
+uses an unusual set of characters in a password (see #20) to make the
+script not run or to return bizarre results is not considered a meaningful
+vulnerability, since the administrator presumably wouldn't use such a
+password in the first place.
+
+Conversely, however, an example vulnerability that allowed someone with
+`Create_priv` to create a schema with a special name that triggers arbitrary
+code execution in the context of the user running this script when the script
+is invoked is clearly a vulnerability, and will be addressed with the utmost
+urgency.
\ No newline at end of file