|
|
|
|
|
|
by diogomonicapt
3409 days ago
|
|
|
The problem is applications unintentionally leaking the ENV. Think a hoptoad exception that attaches the current ENV to the report that sends up to the remote server. Or think about you exec'ing imagemagik and now the process running potentially adversarial code also has access to your parent's env. Or think about an application crashing and doing an unintentional core dump to disk. |
|
|