django-sendfile2 is written in as secure a manner as possible and assumes that it is operating in a hostile environment. If you find django-sendfile2 doesn't behave correctly given that constraint then please email security@moggers87.co.uk. If you want to send an encrypted report, then please use key id 0x878B5A2A1D47C084.
django-sendfile2 follows the same security reporting model that has worked for other open source projects: If you report a security vulnerability, it will be acted on immediately and a fix with complete full disclosure will go out to everyone at the same time.