Hacker News new | past | comments | ask | show | jobs | submit login

As, yeah, stupid applications is hard to guard against

Stupid applications aren't the ones to worry about. As an attacker, if I know that every mac has a git vulnerability, and all I have to do is to hard code a path to it, then I'm going to do that.




This seems to be a recurring topic: If you're writing an application, why bother hardcoding a path to a git version with a known RCE? You're already running on the machine.

Hell, if you want to hide your fault, bundle a random tool or lib that you know have an issue and exploit that. It'll be much more stable than relying on a local binary.


*If you're writing an EVIL application, that is.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: