Security Team

In addition to community-sourced developments, NixOS has a dedicated security team. If the above sources are not enough to answer your question, please reach out to a member of the team listed below.

Security Disclosures

To privately report a security issue with NixOS, Nix, and its ecosystem, please email a member of the NixOS Security Team and we will ensure the issue is handled. Our responses will be signed with our GPG keys.

Sources of Security Information

Security is a priority for the NixOS community. A variety of channels are used to coordinate development in this vein. Three of the main modes of communication about NixOS security are:

The issues tagged "Security" on GitHub/NixOS
The #nixos-security IRC channel on FreeNode
The NixOS security discourse

Members

Graham Christensen, graham@grahamc.com (gchristensen)
GPG Fingerprint: BA94 FDF1 1DA4 0521 2864 C121 FE91 8C3A 98C1 030F
Franz Pletz, fpletz@fnordicwalking.de (fpletz)
GPG Fingerprint: 8A39 615D CE78 AF08 2E23 F303 846F DED7 7926 17B4
Rob Vermaas - emeritus, rob.vermaas@gmail.com (ikwildrpepper)