|
|
|
|
|
|
by agwa
2416 days ago
|
|
|
If the developer's terminal is owned the attacker can always find a way to piggyback the session, such as by attaching a debugger to ssh and injecting malicious commands as if the user had typed them (and hiding the echo so the user doesn't even know it is happening). |
|
|