|
|
|
|
|
|
by simias
2377 days ago
|
|
|
>That's quite a leap from 'I can read /etc/shadow' to 'I am root'. Is it? There are alternatives of course but I would say that without further clues that seems the most likely explanation. I agree with the rest of your points though. In general it seems fairly obvious that build systems should be sandboxed if they're building "foreign" code, after all if you can mess with the source code you can probably affect the build system as well, and from there you can basically do anything you want. |
|
|