Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
notaplumber
on Dec 17, 2019
|
parent
|
context
|
favorite
| on:
#include </etc/shadow>
This isn't limited to C. If you run compiles as root, game over.
fn main() { let shadow = include_str!("/etc/shadow"); println!("{}", shadow); }
That's why OpenBSD ports clusters uses unprivileged users for fetching and building (with no network access/chroot).
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
