Security Policy
Supported Versions
The last 5 major versions receive security updates:
| Version | Supported |
|---|---|
| v34.x | Yes |
| v33.x | Yes |
| v32.x | Yes |
| v31.x | Yes |
| v30.x | Yes |
| < v30 | No |
Reporting Vulnerabilities
Do NOT report security vulnerabilities through public issues.
Report via: Settings > Security > Advisories > New draft security advisory
Include:
- Type of vulnerability
- Affected source files
- Steps to reproduce
- Proof-of-concept (if possible)
- Impact assessment
Response Timeline
- Acknowledgment: 48 hours
- Initial Assessment: 7 days
- Resolution: 30 days (critical)
Security Best Practices
For Users
- Keep hash updated
- Review .hashrc from untrusted sources
- Set proper permissions on config files (600)
- Use leading space for sensitive commands
For Contributors
- Use safe string functions (
safe_strcpy,safe_strcat) - Validate all array indices and buffer sizes
- Never trust user input
- Use reentrant functions (
getpwuid_rnotgetpwuid) - Free all allocated memory
- Pass SonarQube analysis
Security Features
Hash includes:
- Safe string utilities (bounds-checked)
- Input sanitization in parser
- History privacy (space prefix)
- No unsafe C functions (
gets,strcpy, etc.) - Stack protection (
-fstack-protector-strong) - Fortify source (
-D_FORTIFY_SOURCE=2)
Known Limitations
As a shell, hash executes arbitrary commands by design:
- Commands run with user privileges
- Aliases can execute arbitrary code
- Sourced scripts run in current context