Please report security issues privately via GitHub Security Advisories:
https://github.com/bolens/millenium-helpers/security/advisories/new
Do not open a public issue for vulnerabilities that could enable privilege escalation, supply-chain tampering, or credential theft.
Include:
- Affected version / commit
- Platform (Linux, macOS, Windows, Steam Deck)
- Steps to reproduce
- Impact assessment (if known)
We aim to acknowledge reports within a few days and ship fixes as quickly as practical.
Millennium Helpers manages Steam Client homebrew installs and may elevate privileges for system-wide updates. Key controls:
- Linux sudoers: install configures a narrow NOPASSWD allow-list under
/etc/sudoers.d/millennium-helpersfor specific helper commands only - Write-protected scripts: installed binaries are root-owned (
755) so unprivileged users cannot rewrite them - Release integrity: piped installers and Millennium upgrades verify SHA256 checksums from published
.sha256sidecars before extracting archives. Sidecar absence is a hard failure (except tip-of-main, which requires--allow-unsigned-main) - Checksum trust model:
.sha256sidecars are same-origin GitHub TOFU (archive + digest from the same release). They detect transport corruption and accidental mix-ups, not a fully compromised GitHub release. Prefer package managers (AUR, Homebrew, Scoop, Winget) when available - Update channel allow-list:
update_channelmust bestable,beta, ormainwherever it is loaded or embedded into systemd/cron/Task Scheduler jobs - Config secrets:
github_tokenin helpers config is stored with restricted permissions (chmod 600on Unix; ACL lockdown on Windows). GitHub API auth uses curl--configso the token is not exposed on process argv - MCP server: tools that escalate or mutate the system require explicit confirmation / allow-lists (see
docs/mcp.md). Windows elevation uses-EncodedCommandrather than string-interpolatedArgumentList - Doctor script sync: overwriting root-owned helper binaries requires
doctor --yesand a verified release archive - Theme archives: zip members with
..or absolute paths are rejected before extract;activeThemepath components are sanitized under repair
For troubleshooting and deeper design notes, see docs/security_troubleshooting.md. MCP tool confirmations: docs/mcp.md. Licensing and third-party attribution: docs/licensing.md. Full docs index: docs/README.md.
Security fixes are applied to the latest release on main. Older tags are not generally backported unless a critical issue warrants it.