Skip to content

Commit

Permalink
Update SECURITY.md
Browse files Browse the repository at this point in the history 
Co-authored-by: Matteo Collina <matteo.collina@gmail.com>
  • Loading branch information
@RafaelGSS @mcollina
RafaelGSS and mcollina committed Nov 4, 2022
1 parent d52c6ec commit 6b4b830
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion SECURITY.md
View file
Expand Up @@ -93,7 +93,8 @@ Vulnerabilities related to this case may be fixed by a documentation update.
2. The operating system that Node.js is running under and its configuration,
along with anything under control of the operating system.
3. The code it is asked to run including JavaScript and native code, even if
said code is dynamically loaded. The code run inherits all the privileges of
said code is dynamically loaded, e.g. all dependencies installed from the npm registry.
The code run inherits all the privileges of
the execution user.
4. Inputs provided to it by the code it is asked to run, as it is the
responsibility of the application to perform the required input validations.
Expand Down

0 comments on commit 6b4b830

Please sign in to comment.