Y
Hacker News
new
|
ask
|
show
|
jobs
by
tedunangst
3258 days ago
It's not immediately clear, however, how one would conduct a cache timing attack against the package manager.
1 comments
Sephr
3258 days ago
Through bad antivirus code that inadvertently runs your code in a sandbox. There have been multiple vulnerabilities like this recently.
link
tedunangst
3258 days ago
Sounds like we should design our package managers so that they don't run hostile code in a sandbox.
link