If you discover a security vulnerability, please report it responsibly:

1. Do not open a public GitHub issue
2. Email the maintainers or use GitHub Security Advisories
3. Include steps to reproduce and the potential impact

We aim to acknowledge reports within 48 hours and provide a fix timeline within 7 days.

LabelFleet's Docker orchestrator requires access to the Docker socket (/var/run/docker.sock) to manage Label Studio containers. This grants the admin app significant system access. In production:

• Use the ECS orchestrator (ORCHESTRATOR_BACKEND=ecs) which does not require Docker socket access
• If using Docker mode in production, restrict socket access with appropriate permissions and consider using a Docker socket proxy

• Production (AWS): TLS is terminated at the ALB with an ACM certificate. All traffic between the ALB and ECS tasks stays within the VPC.
• Local development: Traffic is unencrypted over localhost. Do not expose the local setup to the internet.

• Never commit secrets to the repository. Use environment variables for all sensitive configuration.
• In production, use AWS Secrets Manager (referenced via secretArn in ECS task definitions).
• Rotate secrets periodically:
  • DATABASE_URL / db_password — Rotate via RDS, update Secrets Manager
  • NEXTAUTH_SECRET — Generate new value, update env var (invalidates active sessions)
  • LS_WEBHOOK_SECRET — Generate new value, update env var + restart LS containers

• The admin app uses NextAuth.js with bcrypt-hashed passwords
• Progressive rate limiting on login: 3 failures → 5 min lockout, 5 → 1 hour, 10+ → 48 hours
• Webhook endpoints authenticate via X-Webhook-Secret header

Each annotator's Label Studio instance uses a separate PostgreSQL database. Annotators cannot access each other's data. The admin app has access to all databases for orchestration purposes.