Skip to content

Security: parchlinux/usbformatter

Security

SECURITY.md

Security Policy

Supported Versions

Version Supported
1.x Yes

Security Model

Parch USB Formatter communicates with UDisks2 over the system D-Bus bus to enumerate and format block devices. The application runs at the user's privilege level and relies on PolicyKit to authorize privileged operations such as formatting. No data is transmitted over the network and no telemetry is collected.

Reporting a Vulnerability

To report a security vulnerability, open a confidential issue on GitHub or email the maintainers directly. Do not disclose vulnerabilities publicly until they have been addressed. We aim to respond within 48 hours and publish a fix within 7 days.

Best Practices

  • Always verify you have selected the correct device before formatting
  • Use quick format only when you trust the device and do not need to overwrite existing data
  • Run the application only from trusted package sources (official Parch repositories or verified GitHub releases)

There aren't any published security advisories