Security policy
The full text lives at
.github/SECURITY.md
in the repo root and is what GitHub renders on the
security tab.
This page is a brief summary; reporters should follow the canonical
copy.
Reporting a vulnerability
- Preferred: GitHub Private Vulnerability Reporting ("Report a vulnerability" button).
- Email:
atay@oezcan.mewith subject "Sentinel security".
Please don't open public issues for security bugs.
Threat model summary
Sentinel has two trust boundaries:
-
The PAM module (
pam_sentinel.so) runs in-process of whatever privileged binary's PAM stack references it — sudo, helper-1, su. It trusts libpam, root-owned/etc/security/sentinel.conf, and the kernel's/proc/<pid>/loginuid. It doesn't trust the host binary's environment (locale variables are recovered from the user's/proc/<pid>/environagainst a strict allowlist). -
The polkit agent runs as the user, owns the bypass socket at
$XDG_RUNTIME_DIR/sentinel-agent.sock(mode0600). The bypass protocol verifies peer uid viaSO_PEERCREDand the peer'scommagainst the kernel-truncatedpolkit-agent-helper-1.
Detailed threat model in .github/SECURITY.md.
Supply-chain integrity
Every release artifact ships with a Sigstore artifact attestation binding the file's sha256 to the GitHub Actions run that produced it. Verify:
gh attestation verify <file> --repo atayoez/sentinel
Downstream packagers (AUR, Debian, Fedora) are encouraged to run this in their build hooks.
Out of scope
- Same-uid attacks (a process running as your user can drive polkit directly; Sentinel is a UI confirmation, not a sandbox).
- Compositor / kernel issues themselves.
- Issues in upstream sudo, polkit, pam_unix, polkit-agent-helper-1.
When in doubt, send the report anyway and we'll triage.