hhf/tuning.sh
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tuning.sh/SECURITY.md
hhf a86d275099 Add SECURITY.md
2024-09-28 10:58:31 +05:30

865 B
Raw Permalink Blame History

Security Policy

I am not responsible. Use it at own risk.

Vulnerability Definition

Please be aware that this script is intended to be run by administrators, who already generally already have privileged access to the machines on which the script is running. Therefore, an example vulnerability that uses an unusual set of characters in a password (see #20) to make the script not run or to return bizarre results is not considered a meaningful vulnerability, since the administrator presumably wouldn't use such a password in the first place.

Conversely, however, an example vulnerability that allowed someone with Create_priv to create a schema with a special name that triggers arbitrary code execution in the context of the user running this script when the script is invoked is clearly a vulnerability, and will be addressed with the utmost urgency.