Y
Hacker News
new
|
ask
|
show
|
jobs
by
xapata
3669 days ago
Being connected to the internet is a security hole. I'll balance security with practicality.
1 comments
ludamad
3669 days ago
The GP's point is if you're doing code deserialization, the definition of security is different. The data format having RCE bugs won't be as much of a concern, while trusting the data source will be much more of a concern.
link
xapata
3668 days ago
We redefine security for every project. Some projects can (de)serialize code and be secure. Others can't.
link